Crawl-delay directive set where server needs rate limiting
Issue No: 165
Category: Crawl Behaviour
Issue type: Suggestion
Priority: STANDARD
Description
This audit verifies that a crawl-delay directive is declared when a site is explicitly marked as requiring crawler-side rate limiting. It helps reduce request burst pressure and supports stable crawl throughput.
How do we capture it
- Read project-level crawl policy input for the target host to determine whether server-side protection requires slower bot request pacing. This must come from explicit configuration, not heuristic inference.
- For each audited host, request the robots file at /robots.txt using HTTP GET.
- Record HTTP status code, content type, response size, and response bytes for diagnostics.
- If response is successful and text-based, parse robots directives line-by-line according to robots grammar conventions:
- Identify User-agent groups.
- Capture Crawl-delay values within each group.
- Preserve original token values for traceability.
- Normalize parsed values:
- Trim whitespace.
- Convert decimal tokens to numeric seconds when valid.
- Reject negative, zero, or non-numeric values as invalid.
- Determine effective crawl-delay for the applicable bot policy by checking the most specific matching User-agent group first, then fallback to wildcard group when applicable.
- Mark compliance only when all required conditions are true:
- Server rate-limiting requirement flag is true.
- robots.txt is fetchable and parseable.
- Effective crawl-delay exists and is a valid positive numeric value.
- Mark non-compliance when required flag is true and crawl-delay is missing, malformed, or non-positive.
- Record parser and fetch failures distinctly so operational issues are separable from policy issues.
- Constraint: this check is based on raw HTTP responses and robots text only; no browser rendering or JavaScript execution is used.
What to store
| Field | Type | Comment |
|---|---|---|
host TEXT | TEXT | Audited host/domain for robots crawl-delay validation. |
rate_limit_required BOOLEAN | BOOLEAN | Explicit configuration flag indicating crawl-delay is required for this host. |
robots_status_code INTEGER | INTEGER | HTTP status code returned by robots.txt request. |
has_robots_file BOOLEAN | BOOLEAN | True when robots.txt is successfully retrieved. |
effective_user_agent TEXT | TEXT | User-agent scope used to resolve crawl-delay value. |
crawl_delay_raw TEXT | TEXT | Raw crawl-delay token as parsed from robots.txt. |
crawl_delay_seconds NUMERIC | NUMERIC | Normalized positive crawl-delay value in seconds when valid. |
has_valid_crawl_delay BOOLEAN | BOOLEAN | True when effective crawl-delay exists and is valid positive numeric value. |
crawl_delay_violation BOOLEAN | BOOLEAN | True when crawl-delay is required but missing or invalid. |
parser_error_code TEXT | TEXT | Parser or fetch error classification such as FETCH_FAILED or INVALID_VALUE. |
checked_at TIMESTAMPTZ | TIMESTAMPTZ | Timestamp when crawl-delay audit completed. |
Condition for trigger
A trigger is raised only when the host is explicitly marked as requiring rate limiting and crawl-delay policy is absent or invalid.
-
Trigger Rule 1: Required Crawl-delay Missing
- Target Field:
crawl_delay_violation - Evaluation Logic:
rate_limit_required = TRUE AND has_valid_crawl_delay = FALSE - Severity: SUGGESTION
- Diagnostic Message: "This host is configured as rate-limit sensitive, but robots.txt does not provide a valid crawl-delay directive."
- Target Field:
-
Trigger Rule 2: robots.txt Unavailable When Delay Required
- Target Field:
robots_status_code - Evaluation Logic:
rate_limit_required = TRUE AND (has_robots_file = FALSE OR robots_status_code >= 400) - Severity: SUGGESTION
- Diagnostic Message: "Rate-limit-sensitive host does not expose a usable robots.txt for crawl-delay policy declaration."
- Target Field:
Sources
- RFC 9309 - Robots Exclusion Protocol: https://www.rfc-editor.org/rfc/rfc9309
- Google Search Central - robots.txt specifications: https://developers.google.com/search/docs/crawling-indexing/robots/robots_txt
- Bing Webmaster Guidelines - robots.txt and crawl control: https://www.bing.com/webmasters/help/webmaster-guidelines-30fba23a
- Yandex robots.txt directive reference: https://yandex.com/support/webmaster/controlling-robot/robots-txt.xml
Long description
Rate-limiting policies exist to prevent crawler traffic spikes from saturating origin resources, especially on constrained infrastructure or burst-sensitive endpoints. The crawl-delay directive can communicate desired pacing to crawlers that support it, reducing concurrent request pressure and smoothing fetch distribution over time.
Common failure scenarios checked by the crawler:
- Hosts marked as rate-limit sensitive with no crawl-delay directive in robots.txt.
- Crawl-delay present but malformed or non-numeric.
- Directive defined only in unrelated User-agent blocks and not effective for the evaluated bot policy.
- robots.txt fetch failures preventing policy retrieval.
- Zero or negative delay values that do not represent valid throttling.
Support for crawl-delay varies by crawler implementation, so this audit is advisory and policy-oriented. It is still useful for documenting intent, aligning crawl governance, and reducing avoidable load where supported.
How to Fix
For hosts that require reduced crawl pressure, publish a valid robots.txt with an explicit positive crawl-delay value in the correct User-agent scope and ensure the file is consistently reachable. Align the declared value with infrastructure capacity and monitor server load after deployment to confirm stable crawl behavior.