Scott J. Walter

I’m seeing similar behavior across several sites. Looks like a botnet is getting itchy.

Here’s something to consider. I’m seeing the same problem with my “incoming links” feed. The URL validates (and has no links), but when I view it in the browser, there’s a line of CSS after the closing </rss> tag. Odd, but it made me look at trying to “proxy” the call, feeding the feed request through another page that would/could clean the crap out of the feed before passing it along. Not the most elegant solution, but it was an interesting test.

So, I through together a quick CURL page that took the feed off a query parameter, made the call, and just passed the data back (no modifications). What I got back was a CAPTCHA validation request form (coming off Google’s servers), with the following text:

Our systems have detected unusual traffic from your computer network. This page checks to see if it’s really you sending the requests, and not a robot. Why did this happen?

This page appears when Google automatically detects requests coming from your computer network which appear to be in violation of the Terms of Service. The block will expire shortly after those requests stop. In the meantime, solving the above CAPTCHA will let you continue to use our services.

This traffic may have been sent by malicious software, a browser plug-in, or a script that sends automated requests. If you share your network connection, ask your administrator for help — a different computer using the same IP address may be responsible. Learn more

Sometimes you may be asked to solve the CAPTCHA if you are using advanced terms that robots are known to use, or sending requests very quickly.

My working theory is it has nothing to do with WordPress code, or with the URL, but with the IP of the server the call is coming from, and Google’s own protection mechanism has some network blocks (like Dreamhost and Hostgator) tagged for “human intervention required” for some requests.