UptimeRobot – Whitelist UptimeRobot Bot

Home Forums BulletProof Security Pro UptimeRobot – Whitelist UptimeRobot Bot

Tagged: ,

Viewing 11 posts - 16 through 26 (of 26 total)
1 2
  • Author
    Posts
  • June 25, 2013 at 9:25 am #7168
    AITpro Admin
    Keymaster

    UPDATE: New Uptimerobot whitelisting code can be found here > https://forum.ait-pro.com/forums/topic/whitelist-bots-allow-good-bots-to-make-a-head-request/#post-35231

    The new Custom Code features/options in BPS and BPS Pro allow you to now add this to BPS Custom Code.

    1. Copy this entire section of .htaccess code below to the CUSTOM CODE REQUEST METHODS FILTERED: Whitelist User Agents or remove HEAD here text box.
    2. Click the Save Root Custom Code button.
    3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

    BPS Pro 11.6+ & BPS free .53.2+
    You may see this code or the 11.5+/.53.1+ code in your root htaccess file.  The code does the same exact thing and is whitelisted in the same exact way.

    # REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and copy
# this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
# text box: CUSTOM CODE REQUEST METHODS FILTERED.
# See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F]
#RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
#RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]

    BPS Pro 11.5+ & BPS free .53.1+

    # REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and copy
# this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
# text box: CUSTOM CODE REQUEST METHODS FILTERED.
# See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F]
RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
RewriteCond %{REMOTE_ADDR} !^(74.86.158.106|74.86.158.107|74.86.179.130|74.86.179.131|46.137.190.132|122.248.234.23) [NC]
RewriteRule ^(.*)$ - [R=405,L]

    BPS Pro 11.4|BPS free .53 and lower versions

    # REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and 
# remove/delete HEAD| from the Request Method filter.
# Example: RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
# The TRACE, DELETE, TRACK and DEBUG Request methods should never be removed.
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteCond %{REMOTE_ADDR} !^(74.86.158.106|74.86.158.107|74.86.179.130|74.86.179.131|46.137.190.132|122.248.234.23) [NC]
RewriteRule ^(.*)$ - [F]
    July 29, 2013 at 7:53 am #8003
    AITpro Admin
    Keymaster

    The new Custom Code features/options in BPS and BPS Pro allow you to now add this to BPS Custom Code.

    1. Copy this entire section of .htaccess code below to the CUSTOM CODE REQUEST METHODS FILTERED: Whitelist User Agents or remove HEAD here text box.
    2. Click the Save Root Custom Code button.
    3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

    BPS Pro 11.5+ & BPS free .53.1+

    # REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and copy
# this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
# text box: CUSTOM CODE REQUEST METHODS FILTERED.
# See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F]
#RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
#RewriteRule ^(.*)$ - [R=405,L]

    BPS Pro 11.4|BPS free .53 and lower versions

    # REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and 
# remove/delete HEAD| from the Request Method filter.
# Example: RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
# The TRACE, DELETE, TRACK and DEBUG Request methods should never be removed.
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F]
    November 15, 2014 at 12:11 am #19177
    Chazz
    Participant

    hi

    what would be the correct format for whitelisting the following agent?
    Mozilla/5.0 (Java) outbrain

    would it just be:

    RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteCond %{HTTP_USER_AGENT} !^(outbrain) [NC]
RewriteRule ^(.*)$ - [F,L]

    thanx!

    November 15, 2014 at 7:29 am #19182
    AITpro Admin
    Keymaster

    For Outbrain use this solution:  http://forum.ait-pro.com/forums/topic/outbrain-doesnt-work-how-to-fix/#post-2072

    December 2, 2014 at 12:46 pm #19583
    Darko
    Participant

    [Topic has been merged into this relevant Topic]

    Hello,

    please can you tell me, how can I whitelist some IP adresses or domains. I constantly have regular error from uptime robot, and I want to allow to uptimerobot to work normally. So, how can I whitelist ip 74.86.158.107, or engine2.uptimerobot.com, or other method in BulletProof Security Pro 9.9?

    [403 GET / HEAD Request: 02/12/2014 - 22:15]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 74.86.158.107
Host Name: engine2.uptimerobot.com
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0+(compatible; UptimeRobot/2.0; http://www.uptimerobot.com/)
    December 2, 2014 at 12:51 pm #19586
    AITpro Admin
    Keymaster

    UPDATE: New Uptimerobot whitelisting code can be found here > https://forum.ait-pro.com/forums/topic/whitelist-bots-allow-good-bots-to-make-a-head-request/#post-35231

    @ Darko – use the method – http://forum.ait-pro.com/forums/topic/split-uptimerobot-whitelist-uptimerobot-bot/page/2/#post-8003

    October 16, 2015 at 2:30 pm #25795
    Cristian Balan
    Participant

    UPDATE: New Uptimerobot whitelisting code can be found here > https://forum.ait-pro.com/forums/topic/whitelist-bots-allow-good-bots-to-make-a-head-request/#post-35231

    The updated list of UptimeRobots IP’s
    https://uptimerobot.com/locations
    In my case the UptimeRobot IP blocked is 74.86.158.109. So the current code should be:

    BPS Pro 11.5+ & BPS free .53.1+

    # REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and copy
# this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
# text box: CUSTOM CODE REQUEST METHODS FILTERED.
# See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F]
RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
RewriteCond %{REMOTE_ADDR} !^(74.86.158.106|74.86.158.107|74.86.158.108|74.86.158.109|74.86.158.110|69.162.124.226|69.162.124.227|69.162.124.228|69.162.124.229|69.162.124.230|69.162.124.231|69.162.124.232|69.162.124.233|69.162.124.234|69.162.124.235|69.162.124.236|69.162.124.237|69.162.124.238|74.86.179.130|74.86.179.131|46.137.190.132|122.248.234.23|188.226.183.141|178.62.52.237|54.79.28.129|54.94.142.218|104.131.107.63|54.67.10.127|54.64.67.106) [NC]
RewriteRule ^(.*)$ - [R=405,L]

    BPS Pro 11.4|BPS free .53 and lower versions

    # REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and 
# remove/delete HEAD| from the Request Method filter.
# Example: RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
# The TRACE, DELETE, TRACK and DEBUG Request methods should never be removed.
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteCond %{REMOTE_ADDR} !^(74.86.158.106|74.86.158.107|74.86.158.108|74.86.158.109|74.86.158.110|69.162.124.226|69.162.124.227|69.162.124.228|69.162.124.229|69.162.124.230|69.162.124.231|69.162.124.232|69.162.124.233|69.162.124.234|69.162.124.235|69.162.124.236|69.162.124.237|69.162.124.238|74.86.179.130|74.86.179.131|46.137.190.132|122.248.234.23|188.226.183.141|178.62.52.237|54.79.28.129|54.94.142.218|104.131.107.63|54.67.10.127|54.64.67.106) [NC]
RewriteRule ^(.*)$ - [F]
    October 17, 2015 at 7:42 pm #25810
    rafaelmagic
    Participant

    You can also Whitelist HEAD requests, they are being blocked (403 error). Look at line #3 above for the example.

    That will future proof in case Uptime Robot changes IPs

    October 27, 2017 at 5:58 am #34461
    DirkCYF
    Participant

    [Topic has been merged into this relevant Topic]
    Hi

    I have added:

    “HTTP_USER_AGENT: Mozilla/5.0+(compatible; UptimeRobot/2.0; http://www.uptimerobot.com/)” and:

    “uptimerobot.com” to  Add User Agents|Bots to Ignore|Not Log.

    But I am still getting security logs for uptimerobot every 8 minutes. How can I exclude uptimerobot from the security logs?

    I have setup Uptime Robot to monitor my site every 8 minutes but its flooding my security log in BPS Pro. What can I do?

    Thanks 🙂

    October 27, 2017 at 8:20 am #34467
    AITpro Admin
    Keymaster

    UPDATE: New Uptimerobot whitelisting code can be found here > https://forum.ait-pro.com/forums/topic/whitelist-bots-allow-good-bots-to-make-a-head-request/#post-35231

    @ DirkCYF – See this forum Reply for the steps to whitelist the UptimeRobot > https://forum.ait-pro.com/forums/topic/split-uptimerobot-whitelist-uptimerobot-bot/page/2/#post-8003

    October 27, 2017 at 9:36 am #34469
    DirkCYF
    Participant

    Thanks

  • Author
    Posts
Viewing 11 posts - 16 through 26 (of 26 total)
1 2
  • You must be logged in to reply to this topic.