Brute Force Protection blocked Googlebot IP

  • Resolved alduinwf

    (@alduinwf)


    8 months, 2 weeks ago

    Hello,

    I have administrator privileges on a website that uses Jetpack and WP Fastest Cache. And I have a little alert tool that puts an HTML comment in the footer and a script that checks once per hour if that comment is in the HTTP response body.

    And, since a few days, I am receiving errors from my little tool. So I try to open the site in incognito mode (so that I get the cached version) and sure enough, the site has an error.

    And the error was not some plugin that went bananas (?technical issue“) but Jetpack blocking an IP for bruteforcing. The IP was 66.249.64.10 and it resolves to crawl-66-249-64-10.googlebot.com. It is also listed in Google’s Dev Docs.

    I am pretty sure this is some sort of false alert, however, I would pledge that Googlebot IP addresses are being globally whitelisted because, well, you know, it does have an impact when Google can’t access the site. Even if a visitor could (if you, say, don’t use a cache plugin), but if all Google receives is an error of being blocked, your site will soon be disliked by Google.

    For the time being, I’ve put all IP addresses from linked site into the whitelist. But I would suggest that Googlebot would not be blocked on the plugin-level, without me having to whitelist all their IP addresses.

    Thank you ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support lastsplash (a11n)

    (@lastsplash)

    Hi @alduinwf

    Jetpack’s Brute Force Attack Protection feature only blocks login attempts on your site’s login page and via XML-RPC. It shouldn’t affect other pages.

    Can you share you site’s URL so that we can investigate?

    Thread Starter alduinwf

    (@alduinwf)

    Hi, sure. It is https://www.film-rezensionen.de

    I have another IP that got banned. Maybe rightfully so, I don’t know. This site has also installed WP Fastest Cache and I noticed it banning from the front page when a banned IP triggered renewal of the cache (yes unrelated problem, but at least we have an output):

    https://paste.mozilla.org/Eod7O4Ra

    (this link is valid for another 20 days, pastebin would not have post me this because their filters sensed some scam, not sure why that is…)

    Mehdi Benchalal

    (@muffinpeace)

    Hi @alduinwf,

    I do see some failures in the past day showing that the IP address involved was blocked, despite it belonging to GoogleBot crawling bot. I’ve escalated this to our developers, and we’ll report back here in the thread with more information from them.

    Best,

    Hi @alduinwf,

    A Github issue was created for the issue on our end, this signifies that it will be looked into further; however, there isn’t any ETA at the moment of when this will happen, or when a fix is released (to natively support/whitelist the IP addresses without any custom settings).

    We’ll circle back here when that happens.

    Best,

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Brute Force Protection blocked Googlebot IP’ is closed to new replies.