Site under attack from Android SEO bots - expert help needed
-
For last 25 days, we are facing a weird attack on our site.
We are getting 10x the normal mobile traffic - all from Android, searching for our name specifically. We are sure that this is not authentic traffic as the traffic is coming from Organic searches and bouncing off. Initially, we thought this was a DDoS attack, but that does not seem to be the case.
It looks like someone is trying to damage our Google reputation by performing too many searches and bouncing off.
Has any one else faced a similar issue before? What can be done to mitigate the impact on site.
(FYI - we get ~2M visits month on month, 80% from Google organic searches). Any help would be highly appreciated.
-
Just as EGOL describe it.
If you're on Amazon AWS then you can use their CloudFront as CDN. But also you can observe source of traffic. Could coming from one country, one IP range or one user-agent. There should be some kind of pattern and you should investigate it.
Then just need to make rule to block that traffic or just redirect them to one static "hello world" page.
I was also victim of such traffic, but was from humans trying to depleting an AdWords daily budget. Once budget it over ads was stopped showing, after few hours they recalculate clicks, some funds was returned, ads are shown again, they click it, budget is over... and so on.
-
By resetting your DNS to CF, your server is no longer used. All traffic is routed to one of CF's data centers and there are over 100 of them distributed throughout the world.
Also, in the CF settings, you want to "challenge" the visitors from problem countries. This will give them a captcha to complete. When they complete that captcha one time, you can then give them long term access without the challenge. CF will progressively become better at filtering the bots and allowing more trusted visitors in without a challenge.
-
Thanks for your help - this works to a large degree.
Have hit a new challenge though, our AWS servers are in one of these countries which are sending traffic. And we have multiple servers talking to each other enabling Login / other actions on the site.
While I have blocked all the other countries, blocking country with AWS servers is creating problem with Login. Trying to figure this out!
-
If you don't use Firewall, Cloudflare in your situation will have almost no effect.
We used our analytics to determine the countries where the traffic was coming from. Then went into CF FW.
Click the blue Help link for each tool to decide upon the settings that you want to try.
Here is what we used....
Security Level... Medium
Challenge Passage... one day
Access rules.... country name, challenge, this website
Impact of the above.... Many bots already recognized by CF will be blocked. Access rules will present each visitor from those countries a form similar to a captcha. They must pass the captcha to get in.
After you turn this on, watch your short term stats. You should see an increase in blocking.
We ran the above for a few weeks without any obvious SEO impact. Then switched our DNS back to normal, moving away from CF.... but kept the $20/month account and our settings in place. CF was time-consuming to set up.
-
This looks very similar to what we are seeing. We took CloudFlare as well - but stayed with Free account with "Site Under Attack" mode, which should force the visits to verify.
Will it be possible for you to share the settings on CloudFlare? Did you use their Firewall as well? Also, did you see any SEO impact, by any chance?
-
One morning, a few months ago we saw lots of mobile phone traffic building. All was hitting our homepage which is very resource intensive. All of this traffic generated one page view. All of the traffic was coming from a few countries in Asia and Africa. No referrer. Looked like a DDOS attack.
We go to Cloudflare, got a $20/month account, switched DNS to CF, forced untrusted visits from those countries to verify before allowing entry. Squeezed this traffic down to almost nothing within a few hours. Left CF run for a few weeks. Rouge traffic disappeared.
Now we have CF ready to go with all settings in place. Can turn it on in two minutes and have the shield in place as DNS propagates.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
I need thoughts on how to chase a suspected Hosting Issue with Simple Helix and 524 errors, also some site speed data mixed in...
So the back story on this project is we've been working as PPC and SEO managers with an ecoomerce site (Magento Enterprise based) that crashed in April. After the issue they fired their developer and switched hosting to Simple Helix at the recommendation of the new developer. Since the change we have seen a plummeting ecommerce conversion rate especially on weekends. Every time something seems really bad, the Developer gives us a "nothing on our end causing it." So doing more research we found site speed in GA was reporting crazy numbers of 25+ seconds for page loads, when we asked Simple Helix gave us answers back that it was "Baidu spiders" crawling the site causing the slowdown. I knew that wasn't the issue. In all of this the developer keeps reporting back to the site owner that there is no way it is hosting. So the developer finally admitted the site could be slowing down from a Dos attack or some other form of probing. So they installed Cloudflare. Since then the site has been very fast, and we haven't seen turbulence in the GA site speed data. What we have seen though is the appearance of 524 and 522 errors in Search Console. Does anyone have experience with Cloudflare that seeing those types of errors are common in usage? Is there any other thought what might be causing that and what that means from the servers, because the developer reports back that Simple Helix has had no issues during this time. This has been a super frustrating project and we've tried a lot different tests, but there is really abnormal conversion data as I said especially during peak times on the weekend. Any ideas of what to chase would be appreciated.
Intermediate & Advanced SEO | | BCutrer0 -
Review of our site
Hi Moz-Fans 🙂 I'm doing SEO for about a year now and have a new site to which I do not know where to improve any further. The main keyword is "Webdesign Freiburg" and the site is werkzeug - kasten . com Anyone want to have a look into and tell me what might bring us from page 2 to page 1 on google? Thanks a lot Marc
Intermediate & Advanced SEO | | RWW0 -
Need some help/input about my Joomla sitemap created by XMap
Here is my current sitemap for my site http://www.yakangler.com/index.php?option=com_xmap&view=xml&tmpl=component&id=1 I have some questions about it's current settings. I have a component called JReviews that xmap produces a separate link for each category. ex: http://www.yakangler.com/fishing-kayak-review/265-2013-hobie-mirage-adventure-island 2014-09-03T20:46:25Z monthly 0.4 http://www.yakangler.com/fishing-kayak-review/266-2012-wilderness-systems-tarpon-140 2014-06-03T15:49:00Z monthly 0.4
Intermediate & Advanced SEO | | mr_w
http://www.yakangler.com/fishing-kayak-review/343-wilderness-systems-tarpon-120-ultralite 2013-11-25T06:39:05Z monthly 0.4 Where as my other articles are only linked by the content category. ex: http://www.yakangler.com/news monthly 0.4
http://www.yakangler.com/tournaments monthly 0.4
http://www.yakangler.com/kayak-events monthly 0.4
http://www.yakangler.com/spotlight monthly 0.4 Which option is better?0 -
Rankings Nose Diving Help Needed
Hey There SEO Community, I am trying to help these people: http://goo.gl/B1smo They once ranked in the top 10 for "lifewave" and "lifewave patches" but have disappeared. Any idea why and what I can do to help? Thanks!
Intermediate & Advanced SEO | | siteoptimized0 -
Help Needed With .htaccess RewriteRule
Hello Fellow Mozzers, I would really appreciate a little help as I have been banging my head against a wall for the last few hours trying to create a .htaccess RewriteRule. I have around 300 URLs that I need to 301 redirect following a site re-build, they are in groups of similar urls but infortunately not broken down in to folders. Here is an example of a few URLs:- https://www.domain.co.uk/chamaecyparis-lawsoniana-ellwoodii_2.htm
Intermediate & Advanced SEO | | AdeLewis
https://www.domain.co.uk/chamaecyparis-lawsoniana-ellwoodii-200225cm-6670.htm
https://www.domain.co.uk/chamaecyparis-lawsoniana-ellwoodii.htm
https://www.domain.co.uk/chamaecyparis-lawsoniana-ellwoods-gold.htm
https://www.domain.co.uk/chamaecyparis-lawsoniana-lemon-queen.htm
https://www.domain.co.uk/chamaecyparis-lawsoniana-yvonne-200cm-66.htm All of the above URLs need to redirect to a new URL:- http://www.domain.co.uk/chamaecyparis-lawsoniana Here is the RewriteRule that I currently have but it isn't working:- RewriteEngine On
RewriteRule ^(.*)_chamaecyparis-lawsoniana$ https://www.domain.co.uk/chamaecyparis-lawsoniana [R=301,L] Anyone have any suggestions? Thanks
Ade.0 -
Do we have to do different work for SEO for an affiliate site than for a normal blog?
I am interested to do the SEO work for an affiliate site. Is it same as others or something particular has to be done for affiliate sites.
Intermediate & Advanced SEO | | raybiswa0 -
My site links have gone from a mega site links to several small links under my SERP results in Google. Any ideas why?
A site I have currently had the mega site links on the SERP results. Recently they have updated the mega links to the smaller 4 inline links under my SERP result. Any idea what happened or how do I correct this?
Intermediate & Advanced SEO | | POSSIBLE0 -
Website redesign - how do I avoid screwing up my site SEO?
We are preparing to launch a newly designed (and much improved) website in the next few months. I want to be very careful to ensure we do not mess up any rankings (and hopefully actually improve rankings) when switching over the site. I'm particularly concerned about one key phrase that our homepage currently ranks on. After the redesign it would be more appropriate for our of our subpages to rank for that term, but I'd rather have our homepage rank (less relevant for this keyword than the subpage) then nothing at all. I know about 301 redirects, and we are planning on creating a few comprehensive diagrams to ensure we redirect old pages to the correct new pages. Beyond that, what can I do to preserve our rankings? Thanks! -Ryan
Intermediate & Advanced SEO | | RyanD.0