Massive spike in requests from Yandex, anyone else?

We have recently seen a massive spike in requests that appear to be from Yandex, a Russian search engine.
For example 42,000+ requests to a few URLs of our company portal (SAML authentication URLs) over the past 24 hours. Has anyone seen a similar spike? We have blocked these requests using a Cloudflare firewall rule.

Here is how the traffic identifies itself:
User-agent: Mozilla/5.0 (compatible; YandexBot/3.0; +

Followup: We fixed what was essentially a DDOS by Yandex by setting up a robots.txt and denying their bot. Once their bot saw our updated robots.txt it stopped flooding us.

That’s quite the spike for a bot that wants you to believe it is legit.

Take a look at this to verify whether the bot actually belongs to Yandex:


This topic was automatically closed after 30 days. New replies are no longer allowed.