Protect Your Store from Scrapers
If competitors or third parties are copying your product images, descriptions, or pricing data, this guide covers how to set up Kedra Shield to make scraping significantly harder.
Step 1: Enable Content Protection
Content protection is the first line of defense against manual and semi-automated scraping.
- Go to Content Protection from your dashboard.
- Enable all of the following:
| Feature | Why |
|---|---|
| Protect images | Prevents drag-and-drop saving and disables image selection. |
| Protect text content | Prevents text highlighting and selection. |
| Disable right-click | Removes the context menu (Save Image As, Copy, View Source). |
| Disable copy | Blocks Ctrl+C / Cmd+C and cut operations. |
| Disable keyboard shortcuts | Blocks Ctrl+U (View Source), Ctrl+S (Save Page), F12, and other shortcuts. |
| Block developer tools | Detects when browser developer tools are opened and clears the page. |
| Blur on tab switch | Blurs your store when the visitor switches tabs, making screenshot-based scraping harder. |
Note: Content protection runs in Phase 2 of the security flow. If a visitor’s IP is whitelisted in the IP Blocker, content protection will not apply to them.
Step 2: Enable Bot Blocking
Automated scrapers are bots. Enable bot detection to block them.
- Go to VPN & Bot Blocker from your dashboard.
- Enable Bot Protection.
- Enable VPN & Proxy Blocking — many scrapers run behind VPNs or from cloud servers.
- Consider enabling “Enable strict blocking” if you are under active scraping attacks.
- Click Save.
Step 3: Block Cloud Providers (Pro)
Most automated scrapers run from cloud hosting services. Blocking their ASNs stops traffic from these networks entirely.
- Go to ASN Blocker from your dashboard.
- Add ASN blocks for common scraping sources:
AS16509— Amazon Web ServicesAS15169— Google CloudAS14061— DigitalOcean
Caution: Blocking major cloud providers may also block some legitimate services. Test carefully after adding ASN blocks.
Step 4: Block Suspicious Referrers (Pro)
If you see scraping traffic coming from specific domains in your analytics:
- Go to Referrer Blocker from your dashboard.
- Click Add Referrer Block.
- Enter the domain and select the Contains match type to catch subdomains as well.
- Click Save.
Limitations
Content protection operates at the browser level. It is effective against casual copying and semi-automated tools, but cannot fully prevent determined scraping by headless browsers or server-side crawlers that do not execute JavaScript. Combining content protection with bot blocking and ASN blocking provides the strongest defense available within a Shopify app.
Recommended Configuration Summary
| Feature | Setting |
|---|---|
| All content protection toggles | Enabled |
| Bot Protection | Enabled (strict mode if under attack) |
| VPN & Proxy Blocking | Enabled |
| ASN Blocker | Block major cloud providers (Pro) |
| Referrer Blocker | Block known scraper domains (Pro) |
Next Steps
- Content Protection — Full content protection documentation.
- ASN Blocker — Block entire network providers.
- Referrer Blocker — Block traffic from specific domains.