Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://westergaard.social/objects/3978d3ec-623a-45ba-8d32-8ebd2579633a">kasperd (kasperd@westergaard.social)'s status on Tuesday, 13-May-2025 03:23:37 JST</a><a href="https://westergaard.social/users/kasperd" title="kasperd@westergaard.social"><img src="https://gnusocial.jp/avatar/261545-48-20240522154752.webp" width="48" height="48" alt="kasperd" style="position: absolute; left: 0; top: 0;">kasperd</a><div><a href="https://mastodon.social/@tdp_org/114494239533033334" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://mastodon.social/@tdp_org">@tdp_org</a> This is interesting information and certainly something I will consider making use of myself.</p><p>All legitimate crawlers should make it easy to verify the authenticity of the requests they make. I know that for Googlebot the recommended way to verify the authenticity of the request is as follows:</p><ul><li>Do a reverse lookup of the IP address.</li><li>Verify that the resulting name is under the googlebot.com domain.</li><li>Do a forward lookup of the name to verify you get the original IP address back.</li></ul><p>I don’t know if similar steps have been published for other legitimate crawlers.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/5041361#notice-9886576">In conversation</a><time datetime="2025-05-13T03:23:37+09:00" title="Tuesday, 13-May-2025 03:23:37 JST">about a month ago</time> <span>from <span><a href="https://westergaard.social/objects/3978d3ec-623a-45ba-8d32-8ebd2579633a" rel="external" title="Sent from westergaard.social via ActivityPub">westergaard.social</a></span></span><a href="https://westergaard.social/objects/3978d3ec-623a-45ba-8d32-8ebd2579633a">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4616484">Untitled attachment</a></label><br></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/4616486">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
kasperd (kasperd@westergaard.social)'s status on Tuesday, 13-May-2025 03:23:37 JSTkasperd
in reply to
- Neil Craig
@tdp_org This is interesting information and certainly something I will consider making use of myself.
All legitimate crawlers should make it easy to verify the authenticity of the requests they make. I know that for Googlebot the recommended way to verify the authenticity of the request is as follows:
- Do a reverse lookup of the IP address.
- Verify that the resulting name is under the googlebot.com domain.
- Do a forward lookup of the name to verify you get the original IP address back.
I don’t know if similar steps have been published for other legitimate crawlers.
In conversationabout a month ago from westergaard.socialpermalink
Attachments
1. Untitled attachment
2. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice