Must strange site visitor user agent be avoided? If yes how?

About

Asked 23/2, 2021 at 17:2 Answered 15/12, 2021 at 23:4

performance .htaccess security cpanel user-agent

I am using shared hosting.
My site was showing "ERR_CONNECTION_REFUSED".
So i went to see visitors to my (SSL) site.
I found that instead of regular names in the "User Agent" list,
cpanel visitors list is showing

user agent Expanse indexes the network perimeters of our customers. If you have any questions or concerns, please reach out to: [email protected]"

I want to know whether this is harmful and if yes,
How to avoid such unknown user agents?
Is there something i should do with ".htaccess" file?
Once again, i am using shared hosting (so, i have limited accessibility).

Oppression answered 23/2, 2021 at 17:2 Comment(6)

Expanse Inc looks to be a legitimate company that was acquired by Palo Alto Networks (Dec 2020). Have you tried reaching out to the e-mail address in the message to ask why they are scanning your site?bloomberg.com/press-releases/2020-12-15/… – Sheelagh 24/2, 2021 at 6:39

Even if it looks to be a legitimate company, why are they using such strange name rather than using standard "user agent" naming format? – Oppression 25/2, 2021 at 16:33

I don't know, but the point here is that they look completely legitimate, and have been bought by one of the market leading Firewall companies. What I am trying to say here is why are you against e-mailing them directly and asking, given they have provided all the information you need to contact them? – Sheelagh 26/2, 2021 at 10:39

@JamesWilson, because no one has time for that. Nor do we care who bought them, as if that's any kind of test in legitimacy? – Raze 26/3, 2021 at 5:50

Same this is happening to me, any news? – Leven 25/9, 2021 at 12:14

I voted to close this question because it is not a programming question and it is off-topic on Stack Overflow. Non-programming questions about your website should be asked on Webmasters. Please delete your question here and re-ask it there. – Fusco 23/11, 2021 at 10:9

The ERR_CONNECTION_REFUSED you saw when accessing your website had nothing to do with the visitor you saw in cpanel. You might have had a different issue with your server configuration/shared hosting provider.

That "visitor" was an internet crawler, most likely from Palo Alto Networks, who owns Expanse. Long story short, it shouldn't cause any harm. They say that their crawlers are used to index/categorize URLs around the internet and/or to spot malicious content.

I advise you to ignore it, since there's not much you can do - I assume they have some ranges of IPs for their crawlers so you wouldn't be able to blacklist all of them anyway.

Bucky answered 15/12, 2021 at 23:4 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags