Cloudflare IP - User Agent Google Bot?

Hi

I was analyzing my log files and detect a lot of visits from Google bots, when I verify the bots there were a lot that were marked as “Spoofed” so I check the IPs and show me that were Cloudflare IPs’ (172.69.71.74 and 172.69.69.84 as an example, log file has a lot more) .

So, when Google bot visit my site that uses Cloudflare, Cloudflare is sending his IP as the Remote Host but leaves the original User Agent from google bot (Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)) ?

I attach the image so you can see the results.

Thanks for your support

That suggests two things

  1. You are not rewriting client addresses on a server level. You need to do that, otherwise you logs will always carry the proxy addresses. https://support.cloudflare.com/hc/en-us/articles/360029696071-Restoring-original-visitor-IPs-Option-2-Installing-mod-remoteip-with-Apache has more on that.
  2. Your server is publicly open and accepts connections from addresses other than Cloudflare. Ideally that should not be possible as your server is otherwise vulnerable to attacks which connect directly instead of going through Cloudflare.