Posted on 09/28/2004 12:08:06 PM PDT by tdadams
I need some hypotheticals from the smart internet gurus here at Free Republic. I'm fairly web savvy myself, but this has me stumped for the time being.
I have a fairly popular website that over the last four months has seen its hits go from about 3,000 a day to about 20,000 a day. At times it has peaked at just over 25,000 a day. Bandwidth is normally about 700 meg a day.
This is exciting and good on one hand, but it's also a non-commercial, non-profit site, so the rising bandwidth charges are worrisome.
Well today, as I checked my statistics, it shows usage yesterday was 135,000 hits and 5.5 gig of bandwidth.
This strikes me as being beyond a reasonable deviation. I would expect this kind of spike if my site had been named a "Yahoo Pick of the Day" or something, but the logs show no such referrers.
Over eighty percent of the hits have gone to one page on my site that's loaded with hi-res graphics, which strikes me as odd. It makes me think this is some sort of denial of service attack. Only it seems that the hits aren't concentrated from a single IP address or bank of IP addresses. The distribution of the IP ranges is pretty uniform.
I have had some persistent attempts by spammers leaving "guestbook spam" in my guestbook, which gets deleted immediately. Perhaps I've pissed them off and they're launching an attack against me.
This has me really stumped. Has anyone seen a similar pattern with their site? Does anyone have any clues what might be going on?
I already have my webhost looking into it.
Check for Nimda.
I would think you need to check the server for possible porn/illegal files (ftp site).
What do the Referrers suggest?
Perhaps a popular blog or forum somewhere linked to your gallery.
Someone hot-linking to some of your hi-res graphics?
I do have some hotlinking going on and that doesn't bother me too much. I've monitored that and it has minimal impact on my bandwidth.
But this spike is far too large to be explained by that. I jumped from an average of about 20K hits a day to 135K overnight and nothing in the logs seem to indicate a single source. Like I said, I'm stumped.
To get that kind of spike, I'd have to get linked by Drudge, Yahoo, or MSN. I just can't figure out where the spike came from.
Then most of the hits would have the same referrer.
It's possible you're getting hit by a zombie network, but you're not a big fish, why would anyone care? You make any enemies recently? The behavior is also not consistant. Mostly zombies just send Syns or malformed packets or whatever(too many ways to list) and your ISP is probably handling that at the router level.
I still think someone with an interest in your travels found the page. Did you link to some posts here at FR? Does your ISP statistic reports provide a unique Visitors lists? rather than just hits? One page can be hundreds of hits.
Fan boards can drive many hits. I linked my City of Heroes Movie on the Vault for about 6 hours and had 1000 downloads. At 25mb a pop, I quickly turned it off minus 10GB of my monthy bandwidth. It doesn't take much.
Yes, I've posted some links here, but I normally see a small spike from that, no more than an extra 500 hits or so, not 110,000. I do have reports on unique visitors, but haven't been able to decipher a noticeable pattern yet.
"When 'bots Attack".
Apparently so. My stats this morning show 196K hits and 7.7 gigs of bandwidth for yesterday. Someone's having a laugh at my expense.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.