[resolved] Google Pagespeed API (7 posts)

  1. gecko_guy
    Posted 1 year ago #


    There are two other posts about this:



    This is not really a hosting issue (i.e. they will not help because this is going well beyond the norms of content delivery/hosting).

    The IP address mentioned in the 2nd post is a Google server, but as you say it can't be whitelisted.

    You mentioned in the first link, that you would be implementing that change, can you advise if this has been done?

    I would like to use the PageSpeed Service as well as BruteProtect.



  2. gecko_guy
    Posted 1 year ago #

    Just to add a bit to this.

    PageSpeed Service serves webpages on my behalf to my visitors by retrieving original content from my origin server.

    As a result, all requests to the origin server will be from Google's IP addresses.

    To get the IP address of the user on the origin server, Google recommends we use the value stored in the X-Forwarded-For HTTP header.

    The configuration of this is not really your problem at all and is something I am looking into as it has additional negative impact on data collection for all analytics tracking, but what I did notice is that I became locked out of my own account with PageSpeed active because the request was coming from a "blacklisted" IP address.

    It will be blacklisted because 100's or even 1000's of hackers will be coming via the Google servers.

    I wonder how many false positives your stats are showing because of legitimate visitors being blocked like this?

    Additionally, the PageSpeed service can be plugged into the W3 Total Cache dashboard, and millions of WP sites use W3TC and PageSpeed.

    Interesting problem...

  3. Sam Hotchkiss
    Plugin Author

    Posted 1 year ago #

    Hey Guy-- is it possible for you to allow me FTP access to one a site that you have hosted this way? I'd love to check it out. We have a couple of sites that we administer that use PageSpeed and nginx, and they haven't had any problem with BP.

    If you have a site we could check out, send it over to sam at bruteprotect dot com-- FTP and wp-admin


  4. gecko_guy
    Posted 1 year ago #

    Hi Sam,

    I've disconnected it all now as it was blocking my access, and I also had an unrelated problem to do with the framework I use and the serving ip.

    The server uses Apache 2.2.x

    I intend to attempt again though, so if I run into the same issue will set up a temp ftp account for you and drop you a line.

    Thanks for your attention.


  5. Sam Hotchkiss
    Plugin Author

    Posted 1 year ago #

    Sounds good-- I'd love to check it out, at the very least to figure out some indications that the issue is occurring so that we can fall back to a CAPTCHA and provide some information to help troubleshoot

  6. Sam Hotchkiss
    Plugin Author

    Posted 1 year ago #

    Hey Guy-- can you email me details about your hosting company? We keep hearing whispers of these PageSpeed issues, and we'd like to set up our own account so that we can come up with a fix.


  7. gecko_guy
    Posted 1 year ago #

    Done. Here is some of the info I sent in the mail, in case someone else finds it useful:

    I made some progress with X-Forward Headers, but had to use the mod_rpaf Apache Module, since mod_remote_ip only works with Apache 2.4+

    I had to abandon it again because it also requires some modifications to the theme I use, and I ran out of time.

    Here is a bit more info though:



    Some documentation from Google:


Topic Closed

This topic has been closed to new replies.

About this Plugin

  • BruteProtect
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic