I see the following user agent string in the HTTP header of requests to my webserver:
Mozilla/5.0 (compatible; PRTGCloudBot/1.0; +https://www.paessler.com/prtgcloudbot; for_[licensehash])
What is the PRTGCloudBot and why does it access my webpage?
Created on Aug 10, 2015 2:29:24 PM by
Last change on Jan 4, 2023 2:03:34 PM by
13 Replies
This article applies as of PRTG 22
PRTGCloudBot is the user agent of sensors that measure availability and loading times of the monitored web pages from various locations around the world via the PRTG Cloud. It appears when you monitor your web server with the Cloud HTTP v2 sensor, for example. In this case, you will see the following user-agent string in the HTTP header of visits to your web page: Mozilla/5.0 (compatible; PRTGCloudBot/1.0; +https://www.paessler.com/prtgcloudbot; for_[licensehash])
The PRTGCloudBot accesses your web page in the defined scanning interval of your cloud sensors. For every sensor scan, you will see the user-agent string PRTGCloudBot in the HTTP header of the site request. You can define the scanning interval in the respective sensor settings in the PRTG web interface.
If you have any issues with your website because of PRTGCloudBot, contact the Paessler support team via the support form of your PRTG installation.
If you want to prevent the queries of the cloud sensors of PRTG from influencing the data of your website analytics reports (for example, when using Google Analytics), you must filter for their user agent PRTGCloudBot: Mozilla/5.0 (compatible; PRTGCloudBot/1.0; +https://www.paessler.com/prtgcloudbot; for_[license_hash]
Filtering the user agent PRTGCloudBot is the best way to exclude the traffic created by cloud sensors from analytics reports because the IP addresses used by the cloud sensors are dynamic.
Created on Aug 10, 2015 2:29:57 PM by
Last change on Dec 29, 2022 10:59:05 AM by
Any chance you could give your browser agent some custom high number? It makes it easier to filter under GA. Otherwise we will have to implement GA tags which is too much hassle.
Just as a not Site247 provides simple how-to which just works:
Log in to google.com/analytics and navigate to Admin > All Filters > New Filter and configure the following details.
Filter Name: Robot Traffic Site24x7 Filter Type : Custom Filter and select Exclude Filter Field : Browser Version Filter Pattern: \.247$
Thanks Tom
Created on Nov 12, 2015 3:06:18 PM by
Hi Tom,
Do we understand you correctly that you want the user agent to be replaced with a number, for example, 8238948892934? Sorry but this would not be a good approach because users would not be able to know who exactly does the request.
But it is possible to filter for bots in Google analytics: Introducing Bot and Spider Filtering
Google's recommendation is to filter for user agents with RegEx. So .*PRTGCloudBot.* should filter the PRTGCloudBot from GA.
Regards,
Created on Nov 13, 2015 12:48:21 PM by
Hi,
We use country blocking on our firewall for regions we know we don't need traffic from, but because you inexplicably don't allow us to delete or even disable channels of a sensor, it means both the Cloud HTTP and Ping sensor fails for Asia (which we block).
I light that I cannot prevent the sensor from using Asia or ignoring its result (unless I am missing a trick) can you provide us the IPs or at least a DNS Host Group FQDN that includes all the servers involved in conducting the test? Then I can whitelist them on our firewall and allow the checks to get through. I've added the ones I can see blocked and the sensor goes green for a shot while but then it turns yellow again, and so far it's a never ending task of looking for each one in the logs and adding an exception. And then there's no guarantee that you won't add more or remove some later on down the line.
Cheers, Fernando
Created on Jan 27, 2016 12:05:49 PM by
Ferando, thank you very much for your feedback on this. We will put this on the wish list though, and I did count your vote for this. We need to see if we can use the developer time to implement things, which were more often requested (and where as many users as possible benefit from). Your vote is counted nevertheless of course! Please bear with us.
Created on Jan 29, 2016 12:50:02 PM by
Thanks, but while waiting for a "possible" change which may never come, can we have the list of IPs or better still a DNS Host Group FQDN that includes all the servers? Then I can at least start using these sensors again.
Created on Feb 1, 2016 9:20:51 AM by
You can get to the IP Ranges by filtering the following JSON - File:
https://ip-ranges.amazonaws.com/ip-ranges.json
for
service == AMAZON region == ap-northeast-1
Be aware of the possible performance implications for your firewall though.
Created on Feb 1, 2016 11:51:12 AM by
I'd like to echo Fernando's sentiment earlier in the comments. Having a way to select which PRTG cloud locations are used would be very helpful.
Created on Feb 9, 2016 6:26:47 PM by
Identify your region from AWS List of Regions then use the following PowerShell script to retrieve the subnets:
# Retrieve a current list of subnets
$job = Start-Job -ScriptBlock {Invoke-WebRequest -Uri "https://ip-ranges.amazonaws.com/ip-ranges.json"}
$output = Receive-Job -Job $job -Wait
$webData = $output.content | ConvertFrom-Json
$subnets = $webData.prefixes | where-object {($_.region -match 'ap-southeast-2') -and ($_.service -eq 'AMAZON')}
Write-Host 'These are the region subnets:'
$subnets |FT
Created on Apr 21, 2022 6:17:51 AM by
Last change on Apr 21, 2022 6:24:59 AM by
Please register your bot with Cloudflare as a "friendly bot", they are currently blocking it in their Bot Management solution.
https://blog.cloudflare.com/friendly-bots/
https://forms.gle/dT9muX2aYRqFokkc8
Created on Aug 3, 2022 6:37:09 PM by
Last change on Aug 4, 2022 5:49:45 AM by
I've noticed that the cloud bot's user agent appears to have recently (11th Jan 2023?) changed to:
Mozilla/5.0 (compatible; PaesslerCloudBot/1.0; https://www.paessler.com; ping-http#[licensehash]
...no mention of "PRTG" in the User Agent string anymore!
Plus the presence of the "; ping" phrase in the string plays havoc with some hosting provider's own enforced ModSec rules, blocking connections and serving 406 errors.
Please can we revert back to the "Mozilla/5.0 (compatible; PRTGCloudBot/1.0; +https://www.paessler.com/prtgcloudbot; for_[licensehash])" UA string?
An example is InMotion hosting, who's custom enforced ModSec "Rule ID: 959006: System Command Injection" is triggered by the "; ping" phrase in the UA string.
Created on Feb 3, 2023 1:16:38 AM by
Hi GreatMarko,
I've just updated the backend so that the word ping or http doesn't show up anymore in that string. I hope this solves that problem.
I also wanted to mention that PRTG was dropped from the User Agent since we don't just use this service for PRTG but also for other services and we decided to use the company name instead.
Created on Feb 3, 2023 10:13:08 PM by
That's great! Thanks Greg!
Created on Feb 8, 2023 8:04:53 AM by
Please log in or register to enter your reply.
Add comment