Message Board

Tracking Harvesters/Spammers

Older Posts ]   [ Newer Posts ]
 Googlebot impersonators?
Author: M.Patnode   (21 Nov 16 7:25pm)
It seems I get 10K+ hits a day by agents claiming to be Googlebot who are sniffing wp-login.php. They are not Google IP addresses and I'm not a WordPress site. That should be a big red flag, no? Would it be reasonable to reject anything that claims to be Googlebot that doesn't match their IP?


 
 Re: Googlebot impersonators?
Author: M.Patnode   (21 Nov 16 7:28pm)
Some examples:

213.246.61.116 dianag.onsugar.com - - [21/Nov/2016:19:19:25 -0800] 0.000 "GET /blogs/wp-login.php HTTP/1.1" 404 5 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "213.246.61.116"

207.71.172.19 blog.atlantalulabelle.onsugar.com - - [21/Nov/2016:19:19:14 -0800] 0.002 "GET /test/wp-login.php HTTP/1.1" 404 5 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "207.71.172.19"

179.188.17.2 www.phuket5starhotels435.onsugar.com - - [21/Nov/2016:19:19:01 -0800] 0.001 "GET /wp/wp-login.php HTTP/1.1" 404 5 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "179.188.17.2"

94.23.3.161 blog.dibiwyfexosanope.onsugar.com - - [21/Nov/2016:19:17:04 -0800] 0.001 "GET /wordpress/wp-login.php HTTP/1.1" 404 5 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "94.23.3.161"
 
 Re: Googlebot impersonators?
Author: D.Philips   (17 Dec 16 8:43am)
Good question, how do we determine if a Googlebot is real, or a hacker who mimics Google. Its becoming a full time job just protecting one website these days. I only accept traffic from my own country as -that's where my customers live, its all local business. So, I ban any other country. But its frustrating with Google bots hitting wp-admin -my login and why should they go there when they are not supposed to as per ht access? Its total nonsense.
 
 Re: Googlebot impersonators?
Author: A.Godziuk   (19 Oct 17 1:39am)
You need to check if reverse dns matches the forward dns and is in google.com domain. Google has a FAQ here: https://support.google.com/webmasters/answer/80553

It's easy to do in PHP (maybe there are Wordpress plugins?), I've implemented it in Varnish before, but I haven't seen a solution for Apache or Nginx.



do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–17, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email