Contents
Although the flow nowadays is unlimited or not a problem due to various site optimizations and possible higher traffic it can still be a problem for the site. One of the bigger problems why is it a problem although it is unlimited the reason is very simple, it means something is not working or someone is abusing your site
Abuses which are the most common in that case are let's say you have some photograph or video clip on your site and then some other site only post a link to your image or video that is, don't put it on your site (implant) but only the link. This means that when a visitor visits his site, he normally sees the picture/video even though it is not on his hosting but on yours. Google photos can also increase the flow. If you have a lot of images and anyone opens google.com and clicks on the images and types in keywords and your images appear there, he can download and download them and thus consumes your bandwidth, even a simple view of those images on the google page is a consumption of your bandwidth and a load on your account.
Of course, this is not so significant when the number is small, but when it comes to thousands of views, gigabytes can easily accumulate.
This was exactly the example of one client who has a nutrition site and his target group is quite small. He had about 200 visits on a daily basis for a couple of years. However, suddenly every month the number of visits and the number of gigabytes in flow jumped by 500%, sometimes even more. And from 1GB of flow on a monthly level, which was achieved when the site was working regularly, it has now reached 200 GB, sometimes it was 70 GB on a daily basis. Which caused his site to run slower as resources were wasted stealing images even though he had no traffic.
Below is a guide on how to control and prevent image theft.
Hotlink protection
Hotlink protection is exactly the example described above when someone posts an image on their site without actually seeding it but uses your account to get the image loaded.
You log into cPanel and then find the option Hotlink protection
When we open that option, the configuration page will appear.
In the blue square we have the possibility to enable (enable) and to disable (disable) this option. Here we see that it is enabled.
In the second part we control which domains are able to use our images directly. The panel itself already populated our domain with variations with and without www and with http and https.
If you have another site of yours that uses images from that account, then you must also enter that domain and its variations in the first square.
In the third square here we see "jpg,jpeg,gif,png,bmp" here we enter what we block. If you have some other extension images such as webp, then put a comma and webp. These are the file extensions we block.
Check box means that if someone right-clicks, let's say, "Open image in new tab" to see your direct image, if you check that option, you enable it, and if it remains unchecked, then it means that you have blocked that as well. This is my recommendation not to tick.
Last field is a rediction that if someone "violates" these rules of yours, they will be sent to that page. You can put that on your home page if you want to generate traffic that way. This is useful if you have ads on your site, so every visit means something to you, and if you don't have any of that, you can redirect to google.com so that such visits that don't really mean anything don't waste your resources at all.
After this, save our setting by clicking on Submit.
IP Blocking
When the hotlink does not help, then there is only the blocking of the IP address. Hotlink does not help when instead of an image, a direct link is linked to pages your pictures. This is possible in wordpress because each Media that is fertilized has its own page. Let's say in this example: domen.tld/2018/01/31/kikiriki-avokado-smutic/ where your site opens but only the image opens without the page on which that image is placed. And this again generates a large number of visits that download your image/video directly from that page.
First, to find out who is abusing our content, we go to the Awstat option.
After that, it will open two options for us with and without SSL. You need to click on it magnifying glass where your site is usually now all on SSL (https) so we'll click on the magnifying glass where ssl is marked. Then a huge statistic is opened to us as in the picture below.
As you can see there are a lot of options and a huge number of statistics. What we need is a table Hosts (Top 25).
In this table, we see on the left side the IP addresses that visited our site, and on the right side, how much that IP address was opened by the page and how much traffic it consumed on our site.
In that case, they are top25 and next to them you have the links Full List, Last Visit. When there is such a large flow on only one IP address, it is an obvious abuse of your site and then you need to review it. If you know/want to do some research, you'll see that those ip addresses that get the most traffic are actually sites that steal your traffic and images.
IP address blocking. in cPanel we find the IP Blocker option
Now we need to find in those statistics the IP addresses that abuse our flow and then copy that IP address into the IP Address Or Domain field and click on the Add button. This will block that ip address from accessing our site anymore.
On the right side marked with squares is the flow that was realized as you can see it is huge megabytes and gigabytes. During the visit, the visitor achieves a maximum of a couple of megabytes of traffic. When you look at the list, anything over 50mb is most likely some kind of abuse. Therefore, mark that IP address on the left, then right-click copy and paste into IP Blocker and add it to the block.
Limiting the flow rate
If you want to prevent abuse of the flow by means of a limit, let's say you have done the first two steps and now you want to additionally protect the site so that it does not consume resources and thus be constantly available, you can do this with a flow rate limit.
In your .htaccess file located in your site folder, enter the following:
BandwidthThrottleSoft 1024 BandwidthThrottleHard 2048This will limit the flow rate to 1mb and if an IP address starts using more than that, the server will start slowing down the traffic to that IP address while others will work normally and this second number 2048 ie 2MB means that it will never allow the IP address to use more flow.
Note that this setting can be increased and decreased and deleted completely. If you think you don't have any more problems, you can completely delete this part of the code.
This setting will limit the speed of the flow only for the site/subdomain where you have set the .htaccess not for everything in the entire hosting account.
Bot blocking
If you may have some other problem, such as a bot using your flow too much, when it uses flow, it means that it is imitating visits to your site that are not real, thus blocking your site and completely burdening your account. If it is not a googlebot or a facebook bot, then it is preferable to limit or block it. Here's what it looks like when the bot causing the problem is spotted in the image below
As we can see here, the "crawl" bot made 213GB of traffic in the month, while the googlebot, which should take the most of the bots, only made 5.8GB. Another problem that can be is this facebookexternalhit that other bots use to disguise themselves, but here it is not as terrible as this crawl.
Block it through .htaccess
RewriteEngine On RewriteCond %{HTTP_USER_AGENT} crawl [NC] RewriteRule .* - [F,L]
