Jump to content
surfdean

1.22 Gb From One Host/ip ?

Recommended Posts

In my Awstats, i found a particular host, ip24-251-175-189.ph.ph.cox.net who has sucked down 1.22 Gb of data in two days, Feb 22,23.

 

It was almost all images, as I have 1.5 Gb of jpgs of bandwidth used of 1.55 total gb for the month.

 

I only have less than 2MB of images on my site.

 

What was this person doing?

 

How can I stop this from happening in the future because it

1. screws up my stats

2. might push me over my bandwidth usage limit

 

I imagine it's hopeless to try to contact this person, but how might I try?

 

TIA

dean

Share this post


Link to post
Share on other sites
Do you have hotlinking protection turned on?

 

 

Ummmm. huh? I just checked Cpanel and no I don't.

 

But. I don't understand how they could, for only 2 days, constantly beat my site's jpgs to transfer death and then stop.

 

Wouldn't the specific IP continue to pull my bandwidth over a longer period of time?

 

Before I gung-ho the hotlinking...

Are there disadvantages to turning on hotlinking?

It reads that it stops people from showing my pics from another site. Is there any way I can find out what site? Of course ip24-251-175-189.ph.ph.cox.net doesn't exist anymore.. :)

 

dean

Share this post


Link to post
Share on other sites

Hopefully someone more technically knowledgable on this will respond, but it sounds like to me that someone downloaded all the pics that they wanted from your site and then moved on.

Share this post


Link to post
Share on other sites
Hopefully someone more technically knowledgable on this will respond, but it sounds like to me that someone downloaded all the pics that they wanted from your site and then moved on.

 

That's the weird thing. I only have 2 MB of images.

 

did they download all of my images 800 times?

why might someone do that?

 

could they be infected by some worm/virus/troj/etc?

 

d

Share this post


Link to post
Share on other sites
That's the weird thing. I only have 2 MB of images.

 

did they download all of my images 800 times?

why might someone do that?

 

could they be infected by some worm/virus/troj/etc?

 

d

Probably not hotlinking by the way. I just noticed you had posted the host IP. So it's probably some guy, not some website. Could have been hammering your site for whatever reason. Tough to tell sitting here. The support folks might do some logging that could help you out. If you're so inclined, you could also call Cox and let them know you suspect foul play and see what they can tell you.

 

By the way, nice site. Makes me miss the good 'ole days surfing in Hawaii.

Share this post


Link to post
Share on other sites
Probably not hotlinking by the way.  I just noticed you had posted the host IP.  So it's probably some guy, not some website.  Could have been hammering your site for whatever reason.  Tough to tell sitting here.  The support folks might do some logging that could help you out.  If you're so inclined, you could also call Cox and let them know you suspect foul play and see what they can tell you.

 

By the way, nice site.  Makes me miss the good 'ole days surfing in Hawaii.

 

thanks for the tip... I'll wait to see if I get more TCH feedback on this. I would call Cox, but I'm in Costa Rica and the phone charges here are ridiculous.

 

thanks for the kudos... Actually the first thruster surfboard I owned was a garduque, and that alone intrigued me enough to check your site.... funny blog. (paraphrase) "teurettesguy grounds his son for not agreeing that the garbage disposal sounds like a wookie taking a sh^%."

 

LOL. haven't had a good snickerlaugh in a while...

 

d

Share this post


Link to post
Share on other sites
LOL. haven't had a good snickerlaugh in a while...

Glad I could help. And I've regretted selling that surfboard since the day I did. Not that it would do me a lot of good out here in the desert, but still...

Share this post


Link to post
Share on other sites
That's the weird thing. I only have 2 MB of images.

 

did they download all of my images 800 times?

why might someone do that?

 

could they be infected by some worm/virus/troj/etc?

 

d

 

Who knows? There are some strange people out there! I'd second timhodge's recommendation to ask the TCH tech's to take a look if you're still concerned.

Share this post


Link to post
Share on other sites
Hopefully someone more technically knowledgable on this will respond, but it sounds like to me that someone downloaded all the pics that they wanted from your site and then moved on.

 

That's the weird thing. I only have 2 MB of images.

 

did they download all of my images 800 times?

why might someone do that?

 

could they be infected by some worm/virus/troj/etc?

 

d

 

there are specific programs, I think they used to be called trawlers or spiders that can be configured to scan the net and download sites containing keywords or images. My quess is that it was a misconfigured program that repeatedly either downloaded your whole site or just the images on the site. It's a way to go "shopping" for images. I think google and yahoo use similar programs to index sites.

Share this post


Link to post
Share on other sites

Some bots get caught in loops, infinite or otherwise.

 

I'd block the IP number in .htaccess and not worry anymore about it.

 

Well, I'd probably have a look in the logs first, to see exactly what was goin on.

Share this post


Link to post
Share on other sites
Some bots get caught in loops, infinite or otherwise.

 

I'd block the IP number in .htaccess and not worry anymore about it.

 

Well, I'd probably have a look in the logs first, to see exactly what was goin on.

 

 

Apparently some HTML coders get caught in infinite loops too... I have a slideshow on my index page that keeps on rotating through over and over and over and over and over and over... you get the picture... over and over again.

 

Seems like this person just had my page up and either left their computer on or perhaps had a *crash that left a connection open to that page. At any rate, it's my own fault for not having a max number of loops for the slideshow...

 

I shoulda checked the logs earlier... I'm just glad i didn't take any action against them. :oops:

 

dean

Share this post


Link to post
Share on other sites

I would bet that the person is/was running some sort of website on their Cox account and using your images for their pages. However, instead of downloading them, then uploading them to their own server, they are linking to them from your domain. aka leeching.

It is a similar thing to hotlinking and can be protected against with the same methods.

 

EDIT: I did a little checking, and this person is running cable internet. With that type of bandwidth usage on your site, I would also imagine that this person was experiencing extremely high usage on their account and Cox shut them down for running a website on their account (not allowed).

 

Not much you can do about this particular person now, since the IP address is no longer responding.

Share this post


Link to post
Share on other sites
I would bet that the person is/was running some sort of website on their Cox account and using your images for their pages.  However, instead of downloading them, then uploading them to their own server, they are linking to them from your domain. aka leeching.

It is a similar thing to hotlinking and can be protected against with the same methods.

 

EDIT: I did a little checking, and this person is running cable internet.  With that type of bandwidth usage on your site, I would also imagine that this person was experiencing extremely high usage on their account and Cox shut them down for running a website on their account (not allowed).

 

Not much you can do about this particular person now, since the IP address is no longer responding.

 

Okay. I've realized that this WAS entirely my own fault, as my slideshow (of three whopping images) was repeated from this IP ad nauseum. I have since modified the javascript code for the slideshow to allow for a new variable for maxloops. This way, I can have visitors only loop through the slides 10 or 15 times before the show stops.

 

I'm not really worried about this person. Now I think it was someone without bad intentions.

 

It sounds like I might want to turn on Hotlinking anyway, although I hesitate to stop people from doing something that they are not doing yet. Perhaps after I get the gallery uploaded...

 

Thanks for all your help!!!!

 

dean

Share this post


Link to post
Share on other sites
Okay. I've realized that this WAS entirely my own fault, as my slideshow (of three whopping images) was repeated from this IP ad nauseum. I have since modified the javascript code for the slideshow to allow for a new variable for maxloops. This way, I can have visitors only loop through the slides 10 or 15 times before the show stops.

 

I'm not really worried about this person. Now I think it was someone without bad intentions.

 

It sounds like I might want to turn on Hotlinking anyway, although I hesitate to stop people from doing something that they are not doing yet. Perhaps after I get the gallery uploaded...

 

Thanks for all your help!!!!

 

dean

 

dean,

hotlinking protection is a good idea. over time people will find your images and some of them will try to use them by direct link to the image file. allowing only authorized domains this type of access is a good way to save bandwidth not to mention protecting your property.

Share this post


Link to post
Share on other sites
dean,

hotlinking protection is a good idea. over time people will find your images and some of them will try to use them by direct link to the image file. allowing only authorized domains this type of access is a good way to save bandwidth not to mention protecting your property.

 

Even if I do hotlink protection, which I'll turn on in a moment, what's to stop somebody from downloading the image to their machine/server and using it anyway?

 

dean

Share this post


Link to post
Share on other sites
Even if I do hotlink protection, which I'll turn on in a moment, what's to stop somebody from downloading the image to their machine/server and using it anyway?

It just keeps them from stealing your bandwidth, not the images themselves.

Share this post


Link to post
Share on other sites
Even if I do hotlink protection, which I'll turn on in a moment, what's to stop somebody from downloading the image to their machine/server and using it anyway?

It just keeps them from stealing your bandwidth, not the images themselves.

 

OK. That's good.

 

Thanks for all the help everyone!

dean

Share this post


Link to post
Share on other sites
dean,

hotlinking protection is a good idea. over time people will find your images and some of them will try to use them by direct link to the image file. allowing only authorized domains this type of access is a good way to save bandwidth not to mention protecting your property.

 

Even if I do hotlink protection, which I'll turn on in a moment, what's to stop somebody from downloading the image to their machine/server and using it anyway?

 

dean

 

my coding is rusty, but there is a way to disable right clicks for a given page, i.e., the page your image is on. without the right click, a person can not "save image as.."

which does give you some more protection. people will always be able to "grab" the image via a screen grabber (like hyperSnap). So, if your FTP is set up right, and right click disabled, no one can "download" your images. they can use a screen grabber off of the local machines screen.

Share this post


Link to post
Share on other sites

Just as an FYI ...

 

Most (maybe all) browsers use something called "cache" ... images, html, javascript, flash .... are all saved on their computer for future access if needed to bring the pages up more quickly.

 

So even though you may disable the right-click, your images are stored on the hard drive of most visitors to your website.

 

:)

Share this post


Link to post
Share on other sites
Just as an FYI ...

 

Most (maybe all) browsers use something called "cache" ... images, html, javascript, flash .... are all saved on their computer for future access if needed to bring the pages up more quickly.

 

So even though you may disable the right-click, your images are stored on the hard drive of most visitors to your website.

 

:)

 

I guess then my best protection is to just have low res (i.e. 72dpi) images on the site that are not very large...

 

Ni modo,

dean

Share this post


Link to post
Share on other sites
I guess then my best protection is to just have low res (i.e. 72dpi) images on the site that are not very large...

Yes and watermarking your images isn't a bad idea either.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...