Checked CloudFlare, and it looks like the request are coming from, The US, Netherlands, or France.
Are you sure you can’t get the user agent? Thats the part that really matters.
I don’t have it, n’or know how. The staff team maybe able to get it. But for now, I added a rule on cloudflare to block any requests that are outside the US.
If you would like to know, I have gotten the IP and user agent from the crawlers. They are coming from France and maybe Sweeden (there is no user agent)
France's IP
195.154.62.232
62.210.5.253
User Agent can be helpful at times, but its very easy to fake.
Well. I just put my entire domain on lockdown. Nothing with a Linux or Unbuntu, out of the us, greater threat score than 3 or is a known bot.
As long as you don’t use bad passwords or use outdated software, you should be fine.
1 Like
Found the root of some of the crawlers. http://www.google.com/bot.html This is what I found in Cloudflare. Goolgle for some reason spoofed the IPs. I found it when a useragent had “googlebot” in it. And it seemed to be checking for access to it I guess. But the logins and v2/keys stuff is not mentioned. The weird part was that, near none of the UserAgents don’t have what Google said the bot’s UserAgent had.
Also about outdated software, what is the Linux version on the containers?
@chessebuilderman
via terminal:
NAME="Ubuntu"
VERSION="16.04.6 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04.6 LTS"
VERSION_ID="16.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
VERSION_CODENAME=xenial
UBUNTU_CODENAME=xenial
I don’t think I should worry about that, thanks though. It is only 2 versions behind.
Very odd. I should see if I am getting these errors on my web-site!!