| Welcome to WebmasterWorld Guest from 184.108.40.206 |
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
|Pubcon Platinum Sponsor 2014|
|Rampant of Redmond|
Shivering my Timbers
Be warned, it's cold in WA:
It hit one popular page dozens of times, non-stop, peaking at 12 hits +per second+
No robots.txt, no favicon, no js, nor images, just this frenziedly packing today's access log;
220.127.116.11 - - [07/Jan/2014] "GET /example.htm HTTP/1.1" 200 10522 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)"
Appears to be genuine MS:
18.104.22.168 - 22.214.171.124 126.96.36.199/14
We're currently directing it to the rubber-room.
That covert M$ UA has been active for years. I safely block it.
KeyP: Thanks, first time it's had a fit on our site. Do you block it on UA or IP range? The UA posted above appears to be legit except for the 64bit WOW64; missing...
Page only? No supporting files? css and js always, midi and piwik.php if it can get them; images only from 199.30.
Not the ordinary plainclothes bingbot, then.
Hence the new thread :)
I do it with a couple filters: if it has that UA *and* comes from that IP *and* asks for... You get the picture.
Yes, there's a few legitimate bing/msn bots using that IP range/CIDR, but "usually" with a kosher UA, so I'm just directing the specific convulsing IP to a dark-green room.
All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved