Blocking Google

  • Resolved ianatkins

    (@ianatkins)


    1 year, 3 months ago

    Hello.

    Getting a false positive which is 403 blocking Google – when they just try and visit the homepage of a site.

    North Charleston, South Carolina, United States was blocked by firewall for WooCommerce Payments <= 5.6.1 Authentication Bypass and Privilege Escalation at https://www.website.com/
    21/08/2023 22:01:17 (2 days 12 hours ago)  
    IP: 34.23.163.10 Hostname: 10.163.23.34.bc.googleusercontent.com
    Human/Bot: Human
    Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/6.1.3035.111.

    The IP does belong to Google. Shouldn’t that be whitelisted automatically?

    Thanks.

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @ianatkins, thanks for your question.

    It looks to me like this is a *.googleusercontent request rather than *.googlebot.com, so as stated in Google’s documentation, this is requested by a user, so doesn’t observe robots.txt like a Googlebot would.

    Considering the request is also trying to exploit a known vulnerability with older versions of the WooCommerce Payments plugin, it looks like a malicious request (even if you don’t have the affected plugin installed) and was correctly blocked for its intent by the firewall. If you do have the affected plugin, ensure you’re on the latest version to further reduce the chance that this kind of request will succeed in future.

    Thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Blocking Google’ is closed to new replies.