fake googlebots

lists at lazygranch.com lists at lazygranch.com
Sun Sep 25 21:58:33 UTC 2016

I got a spoofed googlebot hit. It was easy to detect since there were
probably a hundred requests that triggered my hacker detection map
scheme. Only two requests received a 200 return and both were harmless.

200 - - [25/Sep/2016:17:45:23 +0000] "GET / HTTP/1.1" 847 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "-"

For the fake googlebot:
# host
Host not found: 3(NXDOMAIN)

For a real googlebot:
# host domain name pointer crawl-66-249-69-184.googlebot.com.

IP2location shows it is a Chinese ISP:

Nginx has a reverse DNS module:
I see it has a 10.1 issue:

Presuming this bug gets fixed, does anyone have code to verify
googlebots? Or some other method?

More information about the nginx mailing list