How to Allow Googlebot in Cloudflare for Google Search Console : Submit URL 100% working

If you’re using Cloudflare to manage your website’s security and performance, you may need to ensure that Googlebot, Google’s web crawler, can access your site to index it properly for Google Search Console. Misconfigurations in Cloudflare can block Googlebot, leading to indexing issues or incomplete data in Search Console. This article provides a step-by-step guide to configure Cloudflare to allow Googlebot access while maintaining your site’s security.

Why Allow Googlebot in Cloudflare?

Googlebot crawls websites to gather information for Google’s search index. If Cloudflare’s security features, such as its firewall or bot protection, mistakenly block Googlebot, your site may not be indexed correctly, impacting your search engine visibility. Allowing Googlebot ensures that Google Search Console can verify your site, track performance, and report indexing issues accurately.

Steps to Allow Googlebot in Cloudflare for Google Search Console

Follow these steps to configure Cloudflare to allow Googlebot access:

1. Verify Googlebot’s Identity

Before allowing Googlebot, ensure that the requests are genuinely from Google. Malicious bots may impersonate Googlebot. To verify:

• Check the IP address: Googlebot typically crawls from specific IP ranges. You can verify an IP address using Google’s official documentation or tools like the host command (e.g., host <IP_ADDRESS> in a terminal) to confirm it resolves to a Google domain (e.g., *.googlebot.com or *.google.com).
• Use DNS lookup: Perform a reverse DNS lookup to ensure the IP resolves to a legitimate Googlebot hostname. For example:host 66.249.66.1The response should indicate a Google-related domain.

2. Log in to Cloudflare

Access your Cloudflare account:

• Go to cloudflare.com and log in to your dashboard.
• Select the domain you want to configure for Googlebot access.

3. Create a Firewall Rule to Allow Googlebot

Cloudflare’s firewall may block Googlebot if rules are too restrictive. Create a rule to explicitly allow Googlebot:

1. Navigate to Firewall Rules:
   • In the Cloudflare dashboard, go to Security > WAF (Web Application Firewall) > Firewall Rules.
2. Create a New Rule:
   • Click Create Firewall Rule.
   • Name the rule (e.g., “Allow Googlebot”).
3. Set Rule Parameters:
   • Field: Select “User Agent.”
   • Operator: Select “contains.”
   • Value: Enter Googlebot (case-sensitive).
   • You can also add additional conditions, such as:
     • Field: “Hostname” (ensure it resolves to *.googlebot.com or *.google.com).
     • Field: “IP Source Address” (optional, if you want to restrict to Google’s known IP ranges, available in Google’s documentation).
4. Action: Set the action to Allow.
5. Save and Deploy:
   • Click Save and then Deploy to activate the rule.

This rule ensures Googlebot bypasses security challenges like CAPTCHA or IP blocking.

4. Disable Bot Fight Mode for Googlebot

Cloudflare’s Bot Fight Mode can mistakenly flag Googlebot as a malicious bot. To prevent this:

1. Go to Security > Bots in the Cloudflare dashboard.
2. Ensure Bot Fight Mode is set to Off or configure it to avoid challenging verified bots:
   • If using Super Bot Fight Mode (available in Pro or higher plans), ensure it’s set to allow verified bots like Googlebot.
   • Alternatively, use the Verified Bots setting to automatically allow known crawlers, including Googlebot.

5. Check Rate Limiting Settings

If you’ve set up rate limiting in Cloudflare, ensure it doesn’t throttle Googlebot:

• Go to Security > WAF > Rate Limiting Rules.
• Review existing rules and exclude Googlebot by adding a condition to bypass rate limits for requests where the User Agent contains Googlebot.

6. Adjust Page Rules for Crawler Access

For finer control, use Cloudflare Page Rules to disable security features for Googlebot on specific URLs:

1. Go to Rules > Page Rules in the Cloudflare dashboard.
2. Click Create Page Rule.
3. Enter the URL pattern for your site (e.g., https://yourdomain.com/*).
4. Add settings:
   • Disable Security: Turn off features like Browser Integrity Check or CAPTCHA for Googlebot.
   • Bypass Cache: Ensure Googlebot receives fresh content by setting “Cache Level” to Bypass.
5. Save and deploy the rule.

7. Verify Robots.txt Configuration

Ensure your site’s robots.txt file allows Googlebot to crawl necessary pages:

• Access your robots.txt file (typically at https://yourdomain.com/robots.txt).
• Check for directives blocking Googlebot, such as:User-agent: Googlebot Disallow: /
• Remove or modify any restrictive directives. For example, to allow all pages:User-agent: Googlebot Allow: /

If your robots.txt is managed via Cloudflare, ensure it’s not dynamically blocking Googlebot.

8. Test Googlebot Access

After configuring Cloudflare, verify that Googlebot can access your site:

• Use Google Search Console:
  1. Go to Google Search Console.
  2. Select your property and navigate to Settings > Crawl Stats.
  3. Check for crawl errors or blocked resources.
  4. Use the URL Inspection Tool to test specific pages and confirm Googlebot can fetch them.
• Fetch as Googlebot:
  • In the URL Inspection Tool, click Test Live URL to simulate Googlebot’s crawl.
  • Ensure the response shows the page is accessible without errors (e.g., 403 Forbidden or 429 Too Many Requests).
• Check Cloudflare Logs:
  • Go to Security > Events in Cloudflare to confirm Googlebot requests are not being blocked or challenged.

9. Monitor and Troubleshoot

• Regularly check Google Search Console for crawl errors or warnings.
• Monitor Cloudflare’s analytics to ensure Googlebot traffic is being allowed.
• If issues persist, double-check your firewall rules, page rules, and robots.txt for conflicts.

Best Practices

• Keep Rules Specific: Only allow verified Googlebot user agents and IPs to avoid opening your site to malicious bots.
• Update Regularly: Google’s IP ranges may change, so periodically check Google’s official documentation for updates.
• Test After Changes: Always test crawlability in Google Search Console after modifying Cloudflare settings.
• Balance Security and Access: Avoid disabling security features for all traffic; use targeted rules for Googlebot.

If above method not works ( Also you added Cloudflare after DDos Attack )please check you enabled i am under attack mode if its enabled try to disable and submit your url to search console by manual submission it will work . After completing URL submission manually Enable the I am under Attack to save your bandwidth Resources.

Allowing Googlebot in Cloudflare ensures your website is properly indexed and performs well in Google Search results. By creating specific firewall rules, adjusting bot protection settings, and verifying access through Google Search Console, you can maintain both security and crawlability. Regularly monitor your site’s performance in Search Console to catch any issues early and keep your Cloudflare settings optimized for Googlebot.

If you encounter specific errors or need further assistance, consult Google’s Webmaster Guidelines or Cloudflare’s support documentation for detailed troubleshooting.