Claude fired rapid curl requests at DDG from production server IP — IP blocked, server had to be rebuilt
Resolved 💬 6 comments Opened Apr 15, 2026 by GoR-XarraY Closed May 24, 2026
Severity: CRITICAL — Production server IP burned, forced rebuild
Date: 2026-03-15
What happened
Claude sent multiple rapid curl requests to DuckDuckGo HTML endpoint from Box 2 (production scraping server) with zero delays — to "test if it works." DDG immediately CAPTCHA-blocked the IP.
This was the SECOND IP-burning incident in two days (Yelp was the day before, 2026-03-14).
The user had explicitly warned about aggressive request behavior multiple times. After this incident, they had to destroy and rebuild the Box 2 server entirely to get a clean IP.
Explicit rules violated
- "NEVER hit any site with rapid sequential requests — minimum 10-15s between ANY requests"
- "NEVER send more than ONE request to test if a site works. ONE. Then STOP and report to user."
- "When in doubt, ASK before sending ANY request to ANY external site"
These rules were written into the global CLAUDE.md specifically because of prior IP incidents.
Impact
- Production server IP (Box 2) burned by DDG
- Server had to be destroyed and rebuilt from scratch — lost all configuration, setup time
- This was the second IP-burning incident in 24 hours
- User wrote explicit global rules after this — which were then violated again in future sessions
Requested resolution
- Refund of session credits + cost/time of server rebuild
- Fix: "Testing" a new scraper source must NEVER mean firing rapid requests. One request, wait, report. This must be enforced.
This issue has 6 comments on GitHub. Read the full discussion on GitHub ↗