Please do not post a large volume of data in these forums. Thank you very much for asking first. Typically a brief snippet representative of the suspect data will suffice for someone to confirm if the access is really Google or some kind of impostor.
If you feel a larger volume is necessary, you can post elsewhere like pastebin.com or gist.github.com and simply provide the link here.
True Googlebots typically space out their requests while crawling a site specifically to avoid overloading your server. If the alleged Googlebot requests are overloading your server, I suspect they are impostors. Of course I’m guessing since I have not seen your access data.
If the requests are coming from a limited range of IP addresses, you could block that range in .htaccess to help reduce the server load.
Thank you so much for your reply, I hope this paste isn’t excessive. But it also shows the frequency of these requests, which I think might be relevant ..
2023-03-20 17:07:51 UTC [apache][:warn] [pid 40895] [client 35.214.141.83:12148] Timeout waiting for output from CGI script /home/u309-nr639cbukdfr/www/weyerhof.at/public_html/index.php, referer: http://www.google.com
2023-03-20 17:07:50 UTC [apache][:warn] [pid 2101] [client 35.214.141.83:12148] Timeout waiting for output from CGI script /home/u309-nr639cbukdfr/www/weyerhof.at/public_html/index.php, referer: http://www.google.com
2023-03-20 17:07:50 UTC [apache][:warn] [pid 97219] [client 35.214.141.83:12148] Timeout waiting for output from CGI script /home/u309-nr639cbukdfr/www/weyerhof.at/public_html/index.php, referer: http://www.google.com
2023-03-20 17:07:49 UTC [apache][:warn] [pid 67209] [client 35.214.141.83:12148] Timeout waiting for output from CGI script /home/u309-nr639cbukdfr/www/weyerhof.at/public_html/index.php, referer: http://www.google.com
That IP address is from Google alright, but not Googlebot’s. It’s from a Google hosted server (googleusercontent.com), meaning someone’s personal or business site is the problem source. It’s very possible that their site had been hacked and is being abused, all unknown to the site owner.
If all abuse is coming from that one IP address, you can block it with a .htaccess directive like
# Block abusive IP addresses
<Files "*.*">
Order Allow,Deny
Allow from all
Deny from 35.214.141.83
</Files>
You can add other Deny from lines as necessary. Or if all are from a limited range, you can use CIDR formatting to block a range, for example
Deny from 35.214.141.0/24
will block 35.214.141.0 through 35.214.141.255
You can also report abuse to Google. I’m not sure how effective it’d be.
Thank you so so so much , it’s henna giving me a headache. Happens every couple months, unfortunately I can’t see the access logs from that far back (only traffic, which has the same insane increase in traffic corresponding with the cpu usage problem). I’ll try blocking that and see what happens . Thank you again 🙏🏼🙏🏼
