Bandwidth

I am being hammered here, and I’m not yet sure how, despite much looking at access / error and referrer logs.
Emails from the server:
12 November – ” Your site romanticrobot.net has exceeded its bandwidth quota in the period beginning on 2004-11-01.
Your quota is set to 1048576000 bytes ( 1000.0 MB ), and your site has consumed 307492763 bytes ( 293.248 MB ) beyond that quota.

12 December – “your site has consumed 399392301 bytes ( 380.89 MB ) beyond that quota.”

12 January – “your site has consumed 1229761524 bytes ( 1172.792 MB ) beyond that quota.”

That last jump is pretty bloody high. Referrer logs showed little, but what is strange is that in about 4 places on my site I have a small php script. The location of said script is not visible unless you view the source, and if you try the location in your browser, you get instantly banned and I get an email telling me your IP. I’ve had one (IP 81.208.60.199), so if it’s a script that is systematically downloading the site, it’s clever – and that rules out a script.
Biggest directory hit is this one /T2/ so I guess I have to work out just wtf is killing my site this way.

It’s not that I’ve got to worry about anything – my hosting is fine – it’s just the sheer pointlessness of this exercise. I note that Gary seems to have the same problem. Maybe we should compare notes ?

7 thoughts on “Bandwidth

  1. Single pages, like your guide – pages might be contributing to most of the bandwidth. Does you serverstats tool not tell you about the largest contributors?
    Analyzing raw logs is a pain in the neck.

    Let me know if you need any help with extra bandwidth :)

  2. Webalizer says, quite oddly, that my server is one of the biggest users. Other IP’s and MSNBot are now banned so I’ll give it a week and see what’s what.

    I’m used to 100meg/day for the domain and there will always be an odd blip, but this is odd – unless WP just gained another 50,000 users and they all need my advice ;)

  3. Comment spamming attempts will burn through your bandwidth as well. I’m trying to make time to have an in-depth look at it because I’m getting hammered (for my site). It’s no good blocking all the referral IP’s because they are proxies or zombies. But all the referral sites are being hosted on one server and I’m getting a mail together to tell the admins to pull their f@&$%^$ finger out – probably a co-located box so it’s not going to stop soon.

    I could give up a good portion of my life checking off the zombies v proxies and telling the zombies owner to unplug…but hell I have a life! ;)

    You need good log analysis software Mark…I don’t like webalizer :)

    I’ll drop you a mail though to compare notes.

  4. I’m using Mac/Unix analysers right now Mark…and I cant remember what I used on windows…I’ll track it down though.

    @Xerocool, Mark is pretty good with htaccess ;) But it’s impossible to defender against these bandwidth suckers if it’s a constant and determined flow. Nothing appears on the site but bandwidth is still being chewed through.

    These guys are strange ones…thought I had an angle on what they’re doing but now it’s just switched back to comment spamming attempts…

Comments are closed.