Cloudflare Reports Surge in Geo-Blocked Pirate Site Domains

Cloudflare's latest transparency report shows that the company geo-blocked nearly 2,800 domains in the second half of 2025, up from around 300 in the same period a year earlier. These blocking actions took place in France, the UK, Belgium, and South Korea. Cloudflare confirms that it has not blocked content through its public DNS resolver. That refusal recently cost the company a €14 million fine in Italy.

As one of the leading Internet infrastructure companies, Cloudflare finds itself at the center of various copyright disputes.

The American company says it powers nearly 20% of the web. This includes several Fortune 500 companies, but also many pirate sites and services.

For years, rightsholders have urged Cloudflare to do something about these pirate sites. However, the company typically doesn’t take action against customers that use its ‘pass-through’ CDN services. Instead, it simply forwards takedown notices to their respective hosting services.

According to some rightsholders forwarding is not enough. To compel Cloudflare to take action against pirate sites, they requested formal blocking orders in France, Spain, South Korea, and elsewhere.

Cloudflare Adds 2,791 Geoblocked Domain Names

Cloudflare’s latest transparency report, covering the second half of 2025, shows that 2,791 domain names that use its pass-through services were geoblocked. This means that these sites of Cloudflare customers are effectively rendered inaccessible in these countries.

Nearly 2,800 is a significant increase compared to the same period a year earlier, when 308 domain names were geo-blocked.

From Cloudflare H2 2025 Transparency Report
 

When Cloudflare geoblocks a domain, the company posts an interstitial page linking to the relevant order so that visitors can see why access has been restricted.

Error 451
 

It’s worth noting that not all geo-blocks are equal. In the UK, for example, Cloudflare is taking action voluntarily based on an older High Court order against ISPs, to which it is not a party. This is similar to the voluntary blocking approach Google takes.

In Belgium and France, Cloudflare does respond to orders where it is named. These predominantly cover pirate sites, but in Belgium Cloudflare is also compelled to geo-block several illegal gambling sites.

In Korea, a new law requires CDN providers, including Cloudflare, to implement a government-mandated blocklist. This prohibits the CDNs from facilitating access to these sites through servers in South Korea, which resulted in hundreds of blocks in the second half of 2025.

Cloudflare clarifies that these South Korean sites are not “blocked” in the traditional sense. Instead, they are restricted from being served through equipment located physically in South Korea.

DNS Blocking

Interestingly, these geo-blocking measures are sometimes also used by Cloudflare to comply with DNS (1.1.1.1) blocking orders. If the sites are geo-blocked, Cloudflare doesn’t have to block these through its DNS.

“Cloudflare has sometimes taken action to geoblock access to websites through Cloudflare’s pass-through CDN and security services, in response to orders directing Cloudflare to block through its public DNS resolver,” the transparency report reads.

As in previous transparency reports, Cloudflare separately confirms that it “has not blocked content through the 1.1.1.1 Public DNS Resolver.”

Automated Hosting Takedowns

In addition to blocking domains for which Cloudflare acts as a CDN or pass-through, the company also takes more direct action if it is hosting sites. In the second half of 2025, rightsholders sent 121,681 copyright infringement reports, with Cloudflare taking action in 67,941 instances.

Notably, these removals are mostly the result of automatic processes, which were put in place last year.

“In H2 2025, Cloudflare used automated means to action 64,161 of the 67,941 copyright infringement reports actioned,” the company reports in a footnote, adding that it also terminated 59,843 accounts of R2 storage services.

Italy’s €14 Million Fine

The transparency report makes no mention of the recently appealed €14,247,698 fine that was imposed on Cloudflare in January by Italy’s communications regulator, AGCOM. Cloudflare received this fine as it refused to implement blocking measures through its 1.1.1.1 DNS resolver under Italy’s Piracy Shield measures.

AGCOM concluded that Cloudflare’s cooperation is “essential” for the enforcement of Italian anti-piracy laws, as its services allow pirate sites to evade standard blocking measures.

In response to the fine, Cloudflare’s CEO Matthew Prince considered pulling out of Italy entirely. While that hasn’t happened yet, Cloudflare firmly draws a line at their public DNS resolver, and it recently appealed AGCOM’s fine in court.

—

A copy of Cloudflare’s H2 2025 Transparency Report (Abuse Processes) is available here (pdf).

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Tuesday 24 March 2026 at 6:14 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of February) 854

RIP Matrix