So I go to check my web stats yesterday with Urchin and find a weird anomaly in my traffic, it has more than tripled for the month of December. My average traffic use is around 15GB a month, for December it’s going to be about 50GB, this of course worried me. Having worked in the web hosting industry for the past 3 years I know what a traffic spike usually means: You are hacked.
Luckily this was not the case in my situation, after about 3 hours of sleuthing I found the culprit that was causing my traffic spike: A single image that I posted over 1 year ago. An image of Jason Alexander (George on Seinfeld) wishing everyone a happy Festivus. The traffic came from a both Google image search and myspace.com, I am guessing that someone at Myspace went to Google and did an image search for the word “Fesivus” and hot linked the image from Mercwear, sucking down my bandwidth at an average rate of 600k/sec.
It is amazing how fast the image spread at Myspace.com, I did some traffic sniffing on the server and noticed over 30 hits in 25 seconds from different profiles on the site. The evil part of me wanted to replace the image with something vulgar however the cheapskate in me did not want to pay for even more bandwidth.
Below are some of the Urchin pages that show the traffic:
Total hits for the image file:
Total hits from Google and Myspace:
Total transfer over the last 5 days for the image:
404 error count since I enabled the hotlink protection:
I found that the best way to stop this was to simply disallow hotlinking to Mercwear, I did this by utilizing a tool called Hotlink Blocker from www.helicontech.com, if you use IIS for your webserver I highly recommend checking it out.
I also use my Robots.txt file to exclude all of my images from being indexed by Google, this will cut down on the possibility of this happening again, adding the following code to your robots.txt will stop the Google image crawler from indexing your images: