I m running a blog and i have 3k UV per day but the problem is that i m facing bandwidth theft and as i m using distributed server from lunarpages.com they are saying that i m using too much resources, some how i stopped the hotlinks, now i want to know how to find the bandwidth theft, I never know who is copying my content with the help of rss and is it possible any leak in wordpress.
You could check to see if there is one single IP address that is accessing and see if it's connected to a site. Then ban access from that IP.
Monit might be able to help you out with an alert. It is scriptable and allows you to send email alerts. I don't know what you use to monitor your bandwidth, but if you can make Monit recongnize it, then you can setup an alert when you are going over the limits you specify. I love it. It works great. But I don't have bandwidth problems so I don't monitor my bandwidth. Thanks, Fred
An usual way is to track your domain log files, if you find an IP or domain you want to block you can use different ways to do it: mod_access, mod_rewritten or iptables. I like to use tail (Linux) via ssh to track my log files in real time: #tail -f domain.log Those command returns always the last 10 records within your log file. Catch the IP and ban it
1) install mod_security 2) place this rule in your mod_security file - SecFilterSelective “HTTP_REFERER†“(giga|gigaloader.com|gigaloader)†This rule will stop those skiddies who like to flood using the above. This solves most cases. 3) figure out where the bandwidth raping is coming from - direct admin: /etc/httpd/logs/domains/domain.log cpanel: /usr/local/apache/domlogs/domain.log 4) For attacks/bandwidth raping coming from other domains (hot linking or etc) simply: SecFilterSelective “HTTP_REFERER†“(newdomains.com|new.com|newdomains)†5) You can also you this rule in your .htaccess but I suggest using it server wide 6) For further assistance PM me or contact me @ zsecure.net