How to implement a bot match with only IP ranges and no user agent (Copyscape)

[oboxodo]

Hi there,

I'm wanting to implement a Copyscape < BotMatch class with the IP ranges mentioned in Copyscape's docs which currently state:

How do I use Copyscape for pages that require a login?

There are three possible approaches. The simplest solution is to configure your web server to allow all requests from the Copyscape servers. Possible IP addresses are: 162.13.83.46, the range 212.100.243.112-116 and the range 46.4.250.49-52. Alternatively, create a copy of your website which is not password protected in a secret directory on your server, and point Copyscape to the pages in that secret directory. The final option is to set up your web pages so that a special secret parameter on the URL can bypass the password protection. For example ?bypass=414293047 could be added to the URL.

So I'm thinking something like:

module Legitbot
  # https://www.copyscape.com/faqs.php#password
  class Copyscape < BotMatch
    ip_ranges %w[
      162.13.83.46
      212.100.243.112
      212.100.243.113
      212.100.243.114
      212.100.243.115
      212.100.243.116
      46.4.250.49
      46.4.250.50
      46.4.250.51
      46.4.250.52
    ]
  end

  rule Legitbot::Copyscape, %w[I don't know what to put in here] # <-- here's the problem
end

Can we add a rule which would only look for the IP but not the user agent?

[alaz]

You do not have to have a rule. The rule definitions are used to find a proper bot instance, but you can call checks explicitly:

if request_from_copyscape?
  Legitbot::Copyscape.fake?(ip)
  Legitbot::Copyscape.valid?(ip)
end

Otherwise, you could simply white list these IP addresses and not use Legitbot for these. There is no much sense in validating a bot that does not present itself and has only limited set of source IP addresses. The whole idea of "validating" is about requests that pretend to be from a bot, but need to be validated.

[oboxodo]

Makes sense. Thanks for your reply.