What is Ahrefs Site Audit?

AhrefsSiteAudit is a web crawler used by Ahrefs’ SEO auditing tool to perform in-depth technical SEO analysis on websites.

Why is Ahrefs Site Audit crawling my site?

It’s crawling your site because someone is auditing your domain using Ahrefs. It collects data on page speed, broken links, duplicate content, and SEO issues.

Threat research insights on Ahrefs Site Audit

All data in this section are produced by DataDome's Galileo Threat Research team from our proprietary detection network and reviewed by human analysts.

Verified Bot A verified bot has high identification strength
Verified
Robots.txt Compliance Whether this bot respects robots.txt directives
Not respected
Identification Strength How confidently DataDome can identify this bot
High

Traffic origins

Top 15 countries by bot traffic

US US 100.0%

Most used autonomous system (AS)

Top 5 by traffic share

Ahrefs Pte Ltd
100.0%
Traffic Occupancy
0.01%

On average, occupy 0.01% of the traffic from bots in the directory

Authorization Rate
100%

Businesses decide to authorize this bot 100% of the time

How to block Ahrefs Site Audit?

To block the AhrefsSiteAudit bot from accessing your website, you can implement several server-side configurations that effectively prevent the bot from crawling your site. Here are some effective methods:

 

1. Modifying .htaccess file:
For websites running on Apache servers, you can block the bot by configuring the .htaccess file. This method involves denying access based on the User-Agent string that identifies the bot. Add the following lines to your .htaccess file:


RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} AhrefsSiteAudit [NC]
RewriteRule .* - [F,L]

This configuration uses mod_rewrite to check the User-Agent header for the presence of “AhrefsSiteAudit” and returns a 403 Forbidden status, effectively blocking access.

 

2. Implementing server-side firewall rules:
If you have access to your server’s firewall, you can set up rules to block incoming HTTP requests based on their User-Agent strings. This method involves identifying the IP addresses or ranges used by AhrefsSiteAudit (if consistent) or blocking by User-Agent string directly at the firewall level.

 

3. Using server configuration files:
For Nginx users, similar to the .htaccess method for Apache, you can block the bot by adding conditions in your server configuration:


if ($http_user_agent ~* "AhrefsSiteAudit") {
return 403;
}

This snippet checks for “AhrefsSiteAudit” in the User-Agent string and returns a 403 status code if found.

 

Each of these methods has its strengths and limitations, and the choice of method may depend on your specific server environment and how critical it is to block this specific bot. Always ensure that changes are tested in a staging environment before applying them to live servers to avoid unintended disruptions.

DataDome

See which bots and AI agents bypass your defenses

Create your account to start analyzing and mitigating malicious bots and AI-drive threats in real-time