Forum Moderators: DixonJones
At first I thought it might be a glitch in the Webalizer stats, but it persisted. Then I thought perhaps it was a DoS attack, but again, there was no particular IP that was clearly the root. So I figured maybe a distributed DoS, but then, although an oddity, it's certainly not bringing the server down, and it's gone on for quite a few months now, which surely isn't indicative of any sort of "attack."
I wondered if the page was framed somewhere, so eventually I put my own bit of logging code in the page, simply tracking time, browser and referrer. It showed that there really were a high number of hits a minute on the page, from various IPs, and the browser breakdown appears to be about right. Perhaps interestingly, the referrer was almost always blank, so the framing theory seems unlikely.
Now, I accept it's at least possible that this page (an introductory piece on Pentiums) is wildly popular across the Internet... but it seems unlikely. This one page, which is about 400 words with no images, is now taking almost 10% of the bandwidth from a reasonably busy site.
So, does anyone have any ideas on what's going on, or what I can do to trace what's happening? I'm at a loss, and not even sure if any stats can help. Any suggestions appreciated - so thanks in advance.
Also I would ask whether these visitors are leaving immediately or whether they're going further into the site. If the former, I'd be wondering if somebody had mislabeled a link and you are somehow getting a lot of people looking for some very popular but irrelevant content.
You could also do a "link:www.yoursite.com/problempage.html" search on google etc and see if you find anything interesting.
Or maybe there's a meta-refresh out there somewhere, maybe a domain name you forgot about, that's funnelling traffic? That could cause an empty referrer field. Maybe that domain suddenly got listed somewhere.
That's all I can think of in the "it's not malicious" category.
>> I would start with the assumption that it's legitimate traffic and would continue to look for a referrer.
Ok, that makes sense.
>> if the referring page is coded to open your page in a new browser window, that will happen for IE visitors.
Ah, I wasn't aware of that. It would make sense to some extent because of legacy with that particular page's content, which has over time been broken down into further pages, though it has existed, in some form and with inbound links, since 1998.
>> You could check Safari or Firefox browser hits for the referrer and see if there's a dominant one.
They're predominantly IE, which again makes sense with your point above.
>> Also I would ask whether these visitors are leaving immediately or whether they're going further into the site. If the former, I'd be wondering if somebody had mislabeled a link and you are somehow getting a lot of people looking for some very popular but irrelevant content.
The stats on this aren't clear, but it _appears_ that they're not staying. Of course that's fair enough, but it's not the MO of "usual" site visitors.
>> You could also do a "link:www.yoursite.com/problempage.html" search on google etc and see if you find anything interesting.
Oh, blimey. Y'know, [embarrassed shuffling], I honestly can't believe I hadn't thought of that! Thanks. [swallows] I'll report back here when I've done it.
>> Or maybe there's a meta-refresh out there somewhere, maybe a domain name you forgot about, that's funnelling traffic? That could cause an empty referrer field. Maybe that domain suddenly got listed somewhere.
No, the site had a subdomain, then a domain, and the subdomain host account has long since been wiped and closed.
>> That's all I can think of in the "it's not malicious" category.
Hey, thanks so much for your input! I'll look into the Google link, and we're trying to get better stats on what's happening to the visitors who come to the page. And I have to say, the IE heads-up regarding referrers and new window links is definitely one for exploration. I'll take a look at non-IE referrers and see if they have a pattern.
Thanks again.
