Don McR
Mon 11th Aug '03, 11:55pm
On August 3, 2003, the vbulletin forum on my site was targeted by the "Slurp" bot from Inktomi. For 36 hours, there were as many as 50 connections from 66.196.72.xx. I knew at the time that it was a search engine spider, but assumed that its activty would be benign. That was until I checked my logs. In that 36 hours, the spider generated 10GB of data transfer. This is over 2/3 of our monthly allotment and means that I will likely have to pay for excess bandwidth. As soon as I discovered this excess traffic, I checked the web and found out how to implement "robots.txt" to exclude bot access to the vbulletin directory. This worked, and sent the bot on its way.
I assumed the bulk of my problems were over, but this was not the case. Just this weekend, access to my site was locked due to exceeding the disk storage allotment from our ISP. An investigation revealed that the Inktomi bot had generated so much activity that the log file of its access was 155MB! I have subsequently deleted this to restore access.
I fully blame Inktomi for this mess and am in the process of seeking restitution. However, I fully realize that my prospects are slim. The reason that I am writing on this forum is to ask if there is something about the structure of vbulletin that compounds this problem. I would also like to know if there is something that can be done in the standard installation so that others to not experience a similar horror story. Obviously, I know that "robots.txt" is a solution. My guess is that few users will even be aware of the need for such a solution until after they experience an attack like I did.
I have had previous forum packages installed on my site and have been visited by "Slurp" before. However, nothing like this has ever happened. For whatever reason, once the bot hits a vbulletin forum, it appears to latch on in an endless loop. I don't know that it ever would have detached on its own.
Regards
Don McRitchie
Webmaster
Lansing Heritage Website
http://www.audioheritage.org
I assumed the bulk of my problems were over, but this was not the case. Just this weekend, access to my site was locked due to exceeding the disk storage allotment from our ISP. An investigation revealed that the Inktomi bot had generated so much activity that the log file of its access was 155MB! I have subsequently deleted this to restore access.
I fully blame Inktomi for this mess and am in the process of seeking restitution. However, I fully realize that my prospects are slim. The reason that I am writing on this forum is to ask if there is something about the structure of vbulletin that compounds this problem. I would also like to know if there is something that can be done in the standard installation so that others to not experience a similar horror story. Obviously, I know that "robots.txt" is a solution. My guess is that few users will even be aware of the need for such a solution until after they experience an attack like I did.
I have had previous forum packages installed on my site and have been visited by "Slurp" before. However, nothing like this has ever happened. For whatever reason, once the bot hits a vbulletin forum, it appears to latch on in an endless loop. I don't know that it ever would have detached on its own.
Regards
Don McRitchie
Webmaster
Lansing Heritage Website
http://www.audioheritage.org