MetricSpot audit traffic
MetricSpot runs SEO and AI-readability audits on URLs that users explicitly submit. If your firewall is blocking us, here's how to let us through.
Audit traffic comes from this IP
178.105.101.224
Audit traffic uses a standard Chrome user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Why we use a standard user-agent
WordPress security plugins (Wordfence, Shield Security NotBot) and Cloudflare Bot Fight Mode pattern-match the word "bot" in user-agents and force a JavaScript interstitial we can't solve in 15 seconds. Audit traffic uses the same UA as a regular Chrome user, so identification for allowlisting happens by IP - 178.105.101.224, a single static IP - rather than by UA.
How to allowlist 178.105.101.224
- Cloudflare
- Cloudflare → your site → Security → WAF → Tools → IP Access Rules. Action: Allow. Value: 178.105.101.224. Zone: This website.
- Wordfence (WordPress)
- Wordfence → Firewall → Tools → Allowlisted IP Addresses. Paste 178.105.101.224 and save.
- Sucuri
- Sucuri Firewall → Settings → Access Control → Whitelist IP Addresses. Add 178.105.101.224.
- AWS WAF
- AWS WAF → if your site is behind CloudFront, switch the region selector to Global (CloudFront) first (a regional Web ACL can't attach to a CloudFront distribution) → Web ACLs → your ACL → Rules → Add rule → IP set match. Create an IP set with 178.105.101.224/32 and an Allow rule that runs before your blocking rules.
- nginx
- Allow the IP before any deny rule:
- Apache
- Apache 2.4+ uses Require ip:
# In your server { ... } block, before any deny rules
allow 178.105.101.224;
deny all;# In .htaccess or vhost config
<RequireAll>
Require ip 178.105.101.224
</RequireAll>FAQ
- Why does my audit fail with "firewall blocked"?
- Your site returned an HTTP 4xx or 5xx response before we could analyse the HTML. The most common cause is a WAF rule blocking new IPs. Allowlist 178.105.101.224 and re-run the audit.
- Do I need to allowlist the user-agent too?
- No - we use a regular Chrome user-agent. Allowlisting by IP is enough.
- What does MetricSpot do with my site's content?
- We fetch the HTML of the URL you submit, run our 91 audit rules locally on our server, and store the score + findings in your account. We don't redistribute your content and don't follow links to other pages on the same site.
- Can I block MetricSpot?
- Yes - deny 178.105.101.224 at your firewall. Audits for your URLs will fail with an unreachable error, which the requesting user will see.