What is OhDear uptime?

Oh Dear Crawler (user-agent: OhDearBot) is the site-scanning component of Oh Dear, a SaaS monitoring platform. It performs scheduled HTTP(S) crawls to assess uptime, TLS certificate validity, DNS/expiry, redirect hygiene, broken links, mixed-content issues, and unexpected status codes across your public endpoints. It follows links within allowed scope, respects robots.txt, uses predictable IP ranges for allowlisting, and avoids executing arbitrary JavaScript, making it low-risk for app side effects. Use cases: SRE/DevOps production monitoring; detecting regressions after deploys; content/link rot surveillance for Marketing/Docs; compliance checks for HSTS and certificate renewals; alerting fraud/security teams to defacements or hijacked redirects; validating status pages and health endpoints; tuning WAF/bot management policies to distinguish a legitimate crawler from scraping or credential-stuffing traffic in your environment.

Why is OhDear uptime crawling my site?

It’s likely being triggered by someone (your team, a vendor, or a partner) using a third‑party website monitoring service to verify availability, SSL/TLS health, redirects, headers, link integrity, and page changes across your domains/environments. These checks typically follow links and hit multiple endpoints on a schedule.

Potential negatives: small but persistent load on origin and APIs; noise in logs, analytics, and SIEM leading to skewed metrics or false alerts; WAF/ratelimit triggers if patterns look like probing; accidental execution of unsafe/idempotent‑assumed GET endpoints (e.g., unsubscribe, test callbacks); crawling of staging or hidden paths if linked, increasing exposure; premature indexing of temporary URLs via referrers; and interference with user monitoring or synthetic journeys if it contends for shared resources. Ensure critical workflows are protected against unintended GET/unauthenticated access and that monitoring traffic is accounted for in detection and capacity planning.

How to block OhDear uptime?

1) User-Agent filtering at the web server
Nginx: if ($http_user_agent ~* "Oh Dear") { return 403; }
Apache:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} "(?i)Oh Dear"
RewriteRule .* - [F]

2) IP/ASN/network blocking
Block known IP ranges or hosting ASNs used by Oh Dear if identified and unwanted.

4) Rate limiting and dynamic banning
Use Nginx limit_req / similar to throttle high-frequency requests from this bot and auto-ban offenders.

4) JavaScript token + honeypot traps
Require a JS-generated signed cookie/token for normal pages and add hidden honeypot URLs; block IPs that fail the JS check or touch honeypots.

Block and Manage OhDear uptime with DataDome

With the advanced technology behind DataDome's Cyberfraud Protection Platform, you can detect and block bots that threaten your website or application. By stopping bots in their tracks, DataDome safeguards your systems from attacks like scraping, account takeover, credential stuffing, and DDoS. This robust protection ensures the integrity of your data and enhances your overall security posture.
DataDome

See which bots and AI agents bypass your defenses

Create your account to start analyzing and mitigating malicious bots and AI-drive threats in real-time