I have a site that seems to be using a lot of bandwidth. The stats list the users which have visited by number. (IE: xx.xx.xx.xx) I assume this number is traceable, but how do I find out if this is a legitimate user or a hacking attempt on the site.One user has used about 25 % of the bandwidth and I am concerned about it. Is there a way to find out where this user is coming from and perhaps ban them if I deem it to be neccessary?

Reply

Give this site a shot. Use the link "Reverse DNS lookup"

http://www.dnsstuff.com/

Reply

Search engines have a tendancy to suck a little more bandwidth than they deserve - and illegitimate spiders which do not follow 'robots.txt' rules (such as those used by spammers) are notorious for using up one's entire monthly bandwidth limit.

The PHP function gethostbyaddr() looks up the hostname corrosponding to the IP address passed to the function, allowing you to identify known spiders (such as Google or Yahoo! and the like) by the hostname (or if you know all of the IP addresses used by nodes on their respective networks). The major search engines also always identify themselves in the 'User Agent' header - but this can obviously be forged by anyone.

Reply

i am ever got this sort of problems
i just don't know how to do with that.
and the only thing i think we can do is changing to the server that give more bandwidth that will made us don't worried about that.
guangdian

Reply

That works wonderfully. Thanks Buffalohelp. And the others are good, too. Thanks to all.

Reply

just ban the ip or sourounding ip if it's using that much bandwidth. forget about the hows or whys. i wouldn't be concerned since in the meantime he can be using up another 25%.

now there are two possibilites that come to my mind. you either havea lot of pictures or games or something that uses a lot of bandwidth and he's a legitimate user who likes your site, OR you may have an enemy you pissed off who knows your web address and is using up your bandwidth intentionally to block your visitors eventually. so be weary of that. i've never done it but thought about it i did spam email accounts to fill 'm up where they weren't able to recieve further emails until they had to delete them 1 by 1 in my older more imature days.....

but seriously, i would ban the ip until you can figure out how to control your bandwidth and monitor your visitors more effectively. i believe you can ban ip's through the htaccess hidden file that trap allows you to modify(sob web hosts don't) or there may be something in cpanel to ban ip's. in any case, i've never had to do this but i'm sure it's something simple

if your site uses alot of bandwidth and is a popular site, i would suggest setting up a system where your users have to fill out a form before they can access certain directories where your bandwidth might be at risk and have their ip and email address saved on record tor refer back to it if you ever have problems in the future. i dunno. use your imagination. you will come up with something



good deal. i didn't read your post before i posted. that is definately a possibility. especially if it's a relatively new site(don't know if it is or not) because i heard the same thing you just stated about search engines using a little more bandwidth(for some reason that i don't know why) but if the site was submitted to tons of search engines using a script or software then i acan also see that being a problem as well. but he said it was coming from one ip hmmm

i do know in cpanel, i believe it's called webalizer, it will show if it was a spider from google or msn, etc....don't quote me. i could be mistaken.

 

 

 

Reply