Yeah so i'm barely new at this but I have a problem where my app has this backend at amazon, i do have an web application of my app and a mobile one.
Sometimes ago some neat guys were some kind of scrapping our data from our servers, i attempted all the things, like configuring cors, changing he auth method and so on... and they continue to scrap these informations (images / data) from our server
What I was imagining recently is that if I only work with web a could only restrict the responses of my server to my web url. But since i work with mobile too that unviable, (since every mobile have its own ip as source? im not certain about this). So what i found to be a solution is to proxy all my mobiles app with a proxy server like proxy.app.com and only allow request to server the web.app.com and the proxy.app.com with that anyone besides these two url could access and possibly get server informations.
But I actually don't know if it is viable and if I'm wrong in some way cause i didn't find any information about this online
well so cors didn't worked, cause I think these trackers are doing their requests from the server, and changing the auth method only made them change how their site works so after a week of this change the were back online