Why is the facebookexternalhit crawler DDoSing our server?
3

Our IP 81.31.37.22 is being bombarded with a huge number of requests from the facebookexternalhit bot. Does it respect any limits? Google and Microsoft are scraping with a fraction of the intensity compared to Facebook.

Michal
Asked about 7 months ago
Selected Answer
1

DDossing :) Check if those requests actually originate from a registered FB network.

June 7 at 5:05 AM
Lars
Michal

Yes, they all originate from the FB network. With ipV6, it’s visible at first glance, for example: ‘2a03:2880:21ff:c::face:b00c’. We are trying to rate limit. But then the page previews stop working when sharing posts on FB.

June 7 at 5:25 AM
Lars

The OG cache most likely only needs to be set once, so it's safe to block any requests after the initial request to a specific URL

June 7 at 6:07 AM
Michal

We have no problem with multiple requests for a specific url. Our application runs thousands of domains. FB seems to scrape them all and completely. The problem is intensity.

June 7 at 6:48 AM
Lars

Could be bad actors abusing the Sharing Debugger or the API that allows requesting a cache refresh. However, FB won't tell you so rate limiting the user agent is your best/only option.

June 7 at 7:01 AM