WhatsApp's web crawler for link previews
About this crawler
WhatsApp is a web crawler identified by the regular-expression pattern WhatsApp in the User-Agent request header. It is categorised as social-preview. Use the regex above to detect, log, allow, or block WhatsApp traffic in your web server, CDN edge rules, or robots.txt.
Block-rate · top 25k sites
0.065%
Technical details
- Name
- Pattern
WhatsApp- Tags
- social-preview
- Reference
- https://www.whatsapp.com/
- Added
- 2016/11/15
- rDNS suffixes
.facebook.com,.fbcdn.net,.fbsv.net,.tfbnw.net,.whatsapp.com,.whatsapp.net- Instances
- 25 known sample(s)
rDNS verification (FCrDNS)
Verify a request is genuinely WhatsApp with forward-confirmed reverse DNS: the client IP's PTR record must end in one of the suffixes below and a forward A/AAAA lookup of that hostname must return the same IP. UA strings alone are spoofable; FCrDNS is not.
.facebook.com.fbcdn.net.fbsv.net.tfbnw.net.whatsapp.com.whatsapp.net
Sample User-Agent strings
WhatsApp
WhatsApp/0.3.4479 N
WhatsApp/0.3.4679 N
WhatsApp/0.3.4941 N
WhatsApp/2.12.15/i
WhatsApp/2.12.16/i
WhatsApp/2.12.17/i
WhatsApp/2.12.449 A
WhatsApp/2.12.453 A
WhatsApp/2.12.510 A
WhatsApp/2.12.540 A
WhatsApp/2.12.548 A
WhatsApp/2.12.555 A
WhatsApp/2.12.556 A
WhatsApp/2.16.1/i
WhatsApp/2.16.13 A
WhatsApp/2.16.2/i
WhatsApp/2.16.42 A
WhatsApp/2.16.57 A
WhatsApp/2.19.92 i
+ 5 more samples in crawlers.json
Block this crawler
robots.txt — disallow WhatsApp:
User-agent: WhatsApp
Disallow: /
Apache .htaccess — return 403:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} WhatsApp [NC]
RewriteRule .* - [F,L]
Nginx — return 403 inside a server block:
if ($http_user_agent ~* "WhatsApp") {
return 403;
}
← back to all crawlers