Excessive Facebook Bot Requests

Hi,

I am receiving up to 60,000 Facebook bot requests per week and it appears somebody is going to the developer portal on Facebook and requesting my page over and over and over.

I’m trying to stop this. It’s affecting my organic reach somehow and causing users to no longer see posts.

I am basically receiving 1 Facebook ‘scrape again’ request done per 1 organic reach my post is seen.

You can see this at Sharing Debugger - Meta for Developers

Anyway,

Ifound this page Bloquer les faux partages Facebook venant de facebookexternalhit where others are able to stop these thousands of requests and hopefully stop the clearing of the cache that’s altering the algorithm.

Is there away to make this a rule in Cloudflare?

$bon_hit = isset ( $_SERVER [ ‘HTTP_ACCEPT_ENCODING’ ] , $_SERVER [ ‘HTTP_RANGE’ ])
&& $_SERVER [ ‘HTTP_ACCEPT_ENCODING’ ] = = ‘deflate, gzip’ ;

I’m basically wanting to send a 429 too many requests for all of these requests… or is there already a rule in Cloudflare?

Any help would be greatly appreciated!

I haven’t personally tried Cloudflare rate limiting rules, but this might be handy?

Thank you for replying! I don’t think the rate limit would work because there is no way to detect a HTTP_ACCEPT_ENCODING or HTTP_RANGE field… I would then potentially be blocking legitimate shares.

I wonder if the only way I can do something like this would be with a worker?

For a worker, that seems like an incredible amount of overkill and time to block only these requests… I’m hoping there’s a better solution.

Maybe a custom Cloudflare Managed rule that I can enable? That would be sweeeeet!

I am a small business and these requests on Facebook are doing something to my organic reach and killing it by 80%. I need to do something here.


It’s basically somebody is submitting my website cache to be cleared up to 160 times for new things I post and 60,000 times / week… I hope by blocking the cache clear request, that it doesn’t allow this to keep happening. It started the worst yesterday and my traffic has declined over 50% from it. I shared something super awesome on Friday and then I get up to 2,000 requests to keep constantly clearing the cache at Sharing Debugger - Meta for Developers it’s making my organic reach stop.

I’m experiencing something very similar, I had one site take 48,000 bot hits in 24 hours. The result for me is my server is crashing, so until I can get a real resolution I’m blocking all Facebook bots under security in the WAF using the AS Number.