Question about Googlebot

  • Hi! This morning, I’m seeing some unusual activity in the Wordfence 6.2.9 “Live Traffic” log:

    URL:	https://www.{mysite}.com/wp-content/uploads/shareaholic/spritegen/sprite.css
Type:	Normal request
Full Browser ID:	Mozilla/5.0 (compatible; Googlebot/2.1; +https://www.google.com/bot.html)

    Could hackers be using Googlebot to probe sites for installed plugins, etc, to avoid being blocked if they probe the site directly? My site is simple and have no clue why ANYTHING in the “uploads” directory would be anything Googlebot would crawl. Should this be a cause for concern?

    Thanks!

    Peace…

Viewing 1 replies (of 1 total)
  • Thread Starter tomdkat

    (@tomdkat)

    Thanks for the reply. What concerns me is:

    1) We don’t have Shareaholic installed

    2) The IP address being logged does resolve to a machine in Google’s domain. So, the IP address appears to be legit.

    I’m wondering if hackers are now using Googlebot (or other bots) to sniff out vulnerabilities in WordPress installations.

    I’ll certainly look for any directories in “wp-content/uploads” that don’t look familiar.

    Thanks!

    Peace…

Viewing 1 replies (of 1 total)
  • The topic ‘Question about Googlebot’ is closed to new replies.

Tags