New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
What is using bandwidth for particular user in DA
Hi,
I recently noticed that one of my user is consuming a lot of bandwidth daily. However, domain is hosting just a basic company info kind of website. I am suspecting that his site might be compromised as they are running some CMS.
The server is running DA with litespeed. On examining its access log, I can't see anything suspicious other than regular page requests.
Looking into pointers to find more info about this domain using such amount of bandwidth. Please note, I don't want to bother this user unless I have concrete info.
Comments
Ask the users ? If he gives authorization, check his files.
While compromised website is a thing, some people are also "pretty sneaky" on their own .
Sometimes users are sneaky but in my case , this user is trustworthy. In such cases they generally comes to me for advises.
Update: As I was still investigating the issue, found that their website is indeed compromised, and its very sneaky. If someone visits their site from Google, there deeper pages redirect to some other site. If you visit those pages directly, its fine.