mod_security with OWASP CRS: Custom rule for whitelisting googlebot

mod-security owasp whitelist

I am about to use OWASP CRS rules with mod_security on my WHM/cPanel enabled CentOS server (with apache). But I fear that accidentally Googlebot may be blocked by one rule or the other. After enabling OWASP CRS, If I add the below custom rule separately, will my rule prevent Googlebot from being blocked by any of the CRS rules. Will the below rule override any CRS rule that may suspect Googlebot.

The proposed custom rule: SecRule REMOTE_HOST googlebot.com$ allow,pass

Update: My website has thousands of URLs and google's crawl rate is between 10K to 50K urls per day. Hence, there is every chance that some brute force rule in OWASP CRS may be triggered for googlebot.


Solution 1:

In the document about veryfying gooblebot, crawlers might come both from googlebot.com or google.com.

Assuming that you don’t check user-agent (easily spoofed), you need to do something like:

SecRule REMOTE_HOST “@rx google(bot|)\.com$” “id:50000,nolog,allow”

Also, this will only work if you enabled the Apache directive HostnameLookups On. Otherwise, you’ll only get IPs.

Related

Loop through var_files variables in ansible
Delete all folders on all drives with "foo" OR "bar" in the folder name with batchfile
Apache2 - Only home url is found
cant copy and paste folders as root
Create a gif from the recent 10 images in a folder?
ZIP is stuck with a garbage file
Set up a VPN, route samba over it
Problem with adding folder to the side bar
Ubuntu 18.04 Webcam streaming problem
ubuntu avoid login after power save
will unmapped memory data be placed in swap files
How to merge many files together? [duplicate]