Twitterbot/1.0 Spam / DDOS


#1

We are currently being hit by “Twitterbot/1.0” user-agents, across multiple IP address. They are requesting the same page continuously, retrieving 404 errors. We have blocked the user agent, returning 403 errors, but the high traffic is still incoming.

Who can we speak to who can help resolve this issue?

Thanks.


#2

Hi Steve,

We dropped the ball on responding in a timely matter. Sorry about that.

We’d like to know the URLs you were seeing this happen to, so we can investigate and make sure it doesn’t happen again.

Feel free to reply here, or DM me directly with more info so I make sure I see it and escalate appropriately.

Thanks, and apologize again.

Ryan


#3

We’re currently receiving a fair amount of traffic too, always with user-agent Twitterbot/1.0. They’re usually returning 200 (or 504 if there’s a sudden surge in traffic), but it’s often the same URLs being requested over and over again. The requests come from the following ip ranges: 199.59.148.0/24 and 199.16.156.0/24

Initially I thought we were just getting retweeted a lot or something, but that doesn’t appear to be the case. Here’s a few of the URLs that have been getting requested over and over again:

http://votescount.hrw.org/page/saudi%20Arabia (89 times in the last 2 hours)
http://smex.silk.co/ (26 times in the last 2 hours)
http://data-journalism-jobs.silk.co/ (63 times in the last 2 hours)

I believe it started 3-6 weeks ago, but I’m not entirely sure. Today there was a surge in this type of traffic so I thought I’d inform you.

If you need more details, please let me know!

Thanks,

Lucas


#4

Hi

Was there any resolution or reason for this?

Over the last couple of weeks we have had a stupid amount of visits from this bot.

Over the last 24 hours, we have had over 1000 visits from the bot. In one instance, we had 30 hits within the space of a minute.

I have added the required rule for the robots.txt and, although we have still had hits, this has gone down to 39 in about a 14 hour period

From experience, what is the most likely cause here? The site doesn’t use any Twitter cards, and I can’t imagine people sharing 1000+ links, although I would hope if 1 page was shared 1000 times, we would only be hit once.

If you need any more information from me please feel free to ask!