all my sites that receive ssl cloudfare have a problem with yandex search engine. When crawling my sites it receives a 307 redirect. After that my sites drop out of this search engine and I’m loosing to much(
I am afraid I don’t seem to be able to reproduce that
$ curl -I -H 'User-agent: Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)' https://dvercy-kamina.by HTTP/2 200 date: Thu, 18 Jun 2020 10:19:05 GMT content-type: text/html;charset=utf-8 vary: Accept-Encoding accept-charset: utf-8 x-rocket-domain-eq: dvercy-kamina.by x-rocket-domain: mem x-rocket-site: mem x-rocket-home-page-by-site: 902009 x-rocket-home-page: mem x-rocket-siteinfo: mem x-rocket-viewer: good x-app: a9 x-gate: b1 x-gate-blk: p18 x-variti-ccr: 1014679002:1 p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cf-cache-status: DYNAMIC expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server: cloudflare
Clouflare itself typically does not return 307s. I’d check the server logs for these requests.
There is an assumption that Yandex makes a lot of calls to cloudfare, and cloudfare at some point begins to give 307.
Here’s a screenshot of the story of how Yandex adds and removes my landing page
As I said earlier, Cloudflare would not send a 307. Should Cloudflare block them, that is typically a error of the 400 range.
Yes, it’s true. But! Now I will share some information from tech suport from yandex (sorry, translation may be not perfect):
There is information about 307 redirects and Yandex. After long conversations, it turned out that the problem with Yandex occurs when the site is configured on Cloudflare. The "Skypark"protection service at some points considers requests that go through Cloudflare to be suspicious. And it sends them redirect 307.
“Cloudflare for us, when you turn on protection the same” bot “, if we will put Cloudflare to trusted list, we also weaken the protection in case of an attack through Cloudflare”
Thus, Cloudflare cannot be added to any trusted list. Solution Options:
- leave with Cloudflare, returning our IP
The point is that it is not specifically your site that can be considered incorrect and fall under these redirects. There are a bunch of sites configured for cloudflare servers, and all these sites are on the same IP addresses, this is the mechanism for issuing cloud certificates. From the point of view of the protection service, requests come from the same pool of IP addresses (CloudFlare network). The protection service sees a bunch of requests from the same addresses. Which at the same time request different domains. That is, protection does not work on visits to a particular site, but on the aggregate set of requests from different sites configured for a cloudflare.
I am not quite sure what you were trying to say with this or what Skypark is supposed to be but that 307 does not come from Cloudflare.
This topic was automatically closed after 14 days. New replies are no longer allowed.