Wordfence blocked googleusercontent.com

  • Resolved GermanKiwi

    (@germankiwi)


    10 years, 3 months ago

    My Wordfence installation just sent me the following alert:

    ————–
    Wordfence has blocked IP address 104.154.65.11.
    The reason is: “Exceeded the maximum number of page not found errors per minute for humans.”.
    User IP: 104.154.65.11
    User hostname: 11.65.154.104.bc.googleusercontent.com
    User location: Mountain View, United States
    ————–

    It looks like this is a legitimate Google domain name (“googleusercontent.com”). If so, should it not be covered by the rule “Verified Google crawlers have unlimited access to this site”, which I have enabled in my settings? Is this something you can fix if needed? I don’t want Wordfence to be blocking important Google crawling activity on my site! 🙂

    https://wordpress.org/plugins/wordfence/

Viewing 4 replies - 1 through 4 (of 4 total)
  • WFBrian

    (@wfbrian)

    10 years, 3 months ago

    We shouldn’t be blocking google. You can whitelist the IP if you’d like.

    http://docs.wordfence.com/en/WhitelistIP

    -Brian

    Thread Starter GermanKiwi

    (@germankiwi)

    10 years, 3 months ago

    Thanks. So are you saying that this domain ‘googleusercontent.com’ (or the IPs behind it) ought to have been covered by the Wordfence rule for verified Google crawlers? Can you fix it so it won’t get blocked in the future?

    I don’t really know how to use the API, but I’m hoping that you are telling me that you’ll be able to prevent this from happening directly from Wordfence in the future.

    Plugin Author WFMattR

    (@wfmattr)

    10 years, 3 months ago

    Hi,

    We’ll take a look at it — I see that the visit was identified as a human visitor, which Google does not normally do.. I haven’t seen that happen before. That might mean that Google is proxying real user visits in some cases. I just checked and it doesn’t seem to happen when a site is viewed using a “cached” link on Google or when using Google Translate (which includes “google-proxy” in the domain name).

    In the meantime, you could whitelist it like Brian mentioned — if you don’t need to use the API, you can use “Whitelisted IP addresses that bypass all rules” on the Wordfence options page. I would also recommend increasing “If a human’s pages not found (404s) exceed” in your Wordfence options, since that’s why the visit was blocked.

    If it does happen again, try to see what pages they visited, either in Live Traffic or the site’s access logs — if Google does proxy real user visits, it might not be safe to give them unrestricted access to the site in that case, since an attacker could use the same method to access a site.

    -Matt R

    Thread Starter GermanKiwi

    (@germankiwi)

    10 years, 3 months ago

    Thanks for looking into it, Matt!

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Wordfence blocked googleusercontent.com’ is closed to new replies.