Issue
We are seeing an increase in malicious and/or heavy traffic coming from IP ranges that identify as "Huawei Cloud".
Commonly, these requests may specify user agents noted below:
Mozilla/5.0 (Linux; Android 7.0; FRD-AL00 Build/HUAWEIFRD-AL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.49 Mobile MQQBrowser/6.2 TBS/043602 Safari/537.36 MicroMessenger/6.5.16.1120 NetType/WIFI Language/zh_CN
Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/42.0.2311.138 Mobile Safari/537.36 Mb2345Browser/9.0
Mozilla/5.0(Linux;U;Android 5.1.1;zh-CN;OPPO A33 Build/LMY47V) AppleWebKit/537.36(KHTML,like Gecko) Version/4.0 Chrome/40.0.2214.89 UCBrowser/11.7.0.953 Mobile Safari/537.36
Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3Resolution
You will need to evaluate options to block this traffic, including rolling your own solution (for example, blocking traffic at .htaccess, or disabling some Drupal features like specific Views/modules/etc.) and/or considering buying a WAF or CDN with security features.
Note that sometimes it is difficult to tell "good" from "bad" traffic; you may need to use information available to you like your logfiles, doing some research and testing, etc. to get a good solution. You may need to temporarily sacrifice blocking some "good" traffic along with the bad if you are in an emergency and just need to get your site back up for most of your users.
Please consult our article on Blocking excessive crawling of Drupal Views or search results for a self-service option that you can enable via Apache's .htaccess file.