allm

Hi Matt,

The hosting company replied. They confirmed what I concluded (IPv4 addresses are mapped to IPv6 addresses) and they told me they will not change it because this seems to use less sockets, making it more efficient.

If that is the case, I can understand why they do it and why they want to keep it that way.

They provided me with a piece of PHP code that converts $_SERVER['REMOTE_ADDR'] to the IPv4 format in case of mapping. I need to insert that before WordFence kicks in.

I think it is best for me to wait until WordFence fixes this issue. I’m probably not the only one out there with this problem. Just one of the first to notice and report it…

Do you have any idea when this is fixed in WordFence? Do you want me to send you the piece of PHP that fixes the mapping?

Hi Matt,

Yes, I disabled it for the time being, so I do not get punished by Google for blocking their bot.

I have notified the hosting company about this and the answer is still somewhere in the pipeline. It might have something to do with loadbalancers, but I’m not sure.

I’ll wait for the hosting company and see what they come up with and report back here.

I checked the link you provided, and will send that to the hosting company as well.

Thanks for now.

PS Might be an idea to have this solved by dev, because there are probably more cases in the field you don’t know about…

Hi Matt,

I have seen several cases where IPv4 addresses were made to look like IPv6 addresses.

Is WordFence going to fix the check for Fake Google Crawlers for this?

Disabling the functionality completely seems like a crude solution. Maybe something for the short term, just until things are fixed.

Can you elaborate?

Addition:

On another site I see a lot of blocks for Google Crawlers on the IP range 66.249.66.xxx

They all seem like legitimate Google IP’s.

That is not good for SEO is it?

Can you please look into this?

Hi Matt,

Thanks for the update. And thanks for the advice. I know why Sucuri gets flagged as a fake crawler, and I realize what (sub-optimal) solutions I can take.

I hope this new address gets fixed in the next release.

Thanks for looking in to it!

The service you are giving in this forum is really great.

Any further info about this?
I would not like to whitelist the Sucuri IP’s (don’t want to help spoofers), but it would be helpful if WordFence doesn’t recognize them as Fake Crawlers anymore. This has been reported before (with their IPv4 address), but apparently there now also is an IPv6 address. The previous issue was fixed by Matt.

@josh

Thanks for the update! I checked the code myself and did not find anything wrong with it. But it is good to know that you are of the same opinion.

Sucuri flags the site as clean now.

Good luck with your personal website & the plugin.

The plugin is really nice and it is good to know all is well.

@josh Leuze
Could you please comment on what is going on? Is there any concern about the plugin being the cause of this on your site? Or is it something else?

@tim
Well, I guess I could, but isn’t it better if WordFence makes that distinction by itself? The sucuri checker is not a fake google crawler, and all users of WordFence might benefit if that is detected correctly. I know that the IPv4 sucuri address is whitelisted, so maybe that can be extended. Or maybe Sucuri might be persuaded to add something that WordFence can use to make the distinction.

@ulf

I’ll make some time somewhere this month and try to debug this. If anything worth mentioning comes up I’ll post it here.

Thanks so far.

@matt,

Thanks for the update. I’ll wait and see what happens in the next update. There is no rush with this.

Thanks again!

Mailed on nov 26, 2015. Waiting for reply/solution. If it comes I hope to remember to post it here…

@jhm

Why not make your own plugin to do the onpage.org check? That way anyone can make their own decision. The way it is done now doesn’t feel OK.

For me this is a reason to go seek out other options (combined with the ever increasing number of bugs in new major versions). The SEO plugin seems to be overloaded with functions just as it is, without another feature that many may not want.

@matt

Thanks very much!

I’m rather busy right now, but I will look into it the coming days and send you the details.

@wfmattr

Thanks for your reply. Really appreciated.

I would like to have the option “Immediately block fake Google crawlers” on. It blocks quite a lot of unwanted traffic.

Your alternative to whitelist certain IP’s sounds OK, but I have seen that they use at least 2 IPs, but maybe more. That sounds like a lot of work to keep track of. And besides, I don’t like to whitelist certain IP’s, for the reasons you indicate.

And your alternative might work for me, but not for anybody else with the same settings.

So, I’m stuck here.

It would be nice if WordFence could see that the Sucuri traffic is not from a Fake Google Crawler (1), but if that is impossible I’ll have to ask the folks at Sucuri to do their check another way (2). In the last case they need to know how you identify a Fake Google Crawler.

My preference is solution number 1. Is that a realistic approach? Or should I contact Sucuri. What would you advise?