Google Bot triggering password resets
I noticed that Google bot is triggering password resets for users.
Access Log excerpt:
I checked the IP addresses and it looks like it really _is_ Google. What would be the best way to prevent these?
"GET /resetpass/?action=reset&user=username&confirm=code HTTP/1.1" 200 0 "" "AdsBot-Google (+http://www.google.com/adsbot.html)" "-"
"GET /resetpass/?user=username&action=reset&confirm=code HTTP/1.1" 200 0 "" "AdsBot-Google (+http://www.google.com/adsbot.html)" "-I checked the IP addresses and it looks like it really _is_ Google. What would be the best way to prevent these?
-
add below to your robots.txt User-agent: AdsBot-Google Disallow: /resetpass 0 -
]add below to your robots.txt User-agent: AdsBot-Google Disallow: /resetpass
Thanks for the reply. I'm not sure where I need to put this robots.txt since it's the cPanel's daemon login that I need to restrict.0 -
]Thanks for the reply. I'm not sure where I need to put this robots.txt since it's the cPanel's daemon login that I need to restrict.
The URL you referenced would produce a 404 error page. Are you saying it's triggering the cPHulk brute force detection application or showing up in /usr/local/cpanel/logs/access_log ? Thank you.0 -
Question is why would Google be trying to spider your cpanel log in ?? 0 -
]The URL you referenced would produce a 404 error page. Are you saying it's triggering the cPHulk brute force detection application or showing up in /usr/local/cpanel/logs/access_log ? Thank you.
It's not triggering the brute force protection, it's in the /usr/local/cpanel/logs/access_log (status code 200) A user reported getting the confirmation mail for the password reset request, and I can confirm this from the exim log.]Question is why would Google be trying to spider your cpanel log in ??
I honestly don't know why GoogleBot would be interested in those pages.0 -
You could setup a custom firewall or Mod_Security rule that blocks access attempts to that URL. Thank you. 0
Please sign in to leave a comment.
Comments
6 comments