# Freaking me out...........



## ratssass (Jan 8, 2013)

.......to the point i've removed 6 yrs worth of work from my site.
 I've noticed a huge increase in traffic on my site over the last month.I mean like well over a 1000% increase.Looking into it,I've found a malicious url with the following ISP info.....

IP Address:66.249.74.13[IP To Location-IP To Country]
Hostname:crawl-66-249-74-13.googlebot.com[Domain To Location  -Domain Country-Domain To IP]
IP Blacklist Check:Not Blacklisted    [Blacklist Check]
IP Lookup Location For IP Address: 66.249.74.13Continent:North America (NA)Country: United States  
	

	
	
		
		

		
			





 (US)Capital:WashingtonState:CaliforniaCity:Mountain ViewPostal:94043Area:650ISP: GoogleOrganization:GoogleTime zone: America/Los_AngelesAdditional IP Lookup Info for IP Address: 66.249.74.13Continent Lat/Lon: 46.07305 / -100.546Country Lat/Lon: 38 / -98City Lat/Lon: (37.4192) / (-122.0574)IP Language:	EnglishIP Address Speed:Corporate Internet Speed	[Check Internet Speed]
IP Currency:United States dollar($) (USD)

IDD Code:+1



This ISP has shown up several (but not the 1000's) times in the last month.Why would someone from Palo Alto California have any interest in the 2-4 local tracks I shoot at back here in NY?Any ideas?Is this being routed through Google?


----------



## snowbear (Jan 8, 2013)

I'm guessing it's the crawler from Google.  Ever notice that when you get search hits, a part of the web page text is listed?  Crawlers get the info for the SEs.  You can place a file in the main folder of your site that tells the crawler bots what pages they can and can't "look" at index; do a search on robots.txt.

Edit: It's Google.
66.249.74.13 - Whois information for IP 66.249.74.13 - Find IP Address


----------



## dewey (Jan 8, 2013)

Looks like a normal web spider to me... what makes you say it's a malicious link?  Was it in a comment or??


----------



## Bitter Jeweler (Jan 8, 2013)

Well, Google IS malicious. So, yeah.


----------



## thetrue (Jan 8, 2013)

Google is evil, but I use it daily....


----------



## ratssass (Jan 8, 2013)

just went to look again............now its a place in china hittin' it 3x/sec.



Tue 08 Jan 2013 08:57:23 PM MST Type Gallery Error Location http://lapointephotography.net/store/main.php?g2_path=2010+Racing+Season/Spencer+5-29-10/&g2_page=8&g2_GALLERYSID=01f124c568689c4299a62345b67634e0 User Id 5 Client 180.76.5.182 Summary Parent 7 path 2010 Racing Season Referer null Details  
 Error (ERROR_MISSING_OBJECT) : Parent 7 path 2010 Racing Season *in* modules/core/classes/helpers/GalleryFileSystemEntityHelper_simple.class *at line* 98 (GalleryCoreApi::error) *in* modules/core/classes/GalleryCoreApi.class *at line* 1952 (GalleryFileSystemEntityHelper_simple::fetchChildIdByPathComponent) *in* modules/core/classes/helpers/GalleryFileSystemEntityHelper_simple.class *at line* 53 (GalleryCoreApi::fetchChildIdByPathComponent) *in* modules/core/classes/GalleryCoreApi.class *at line* 1901 (GalleryFileSystemEntityHelper_simple::fetchItemIdByPath) *in* modules/rewrite/classes/RewriteSimpleHelper.class *at line* 45 (GalleryCoreApi::fetchItemIdByPath) *in* ??? *at line* 0 (RewriteSimpleHelper::loadItemIdFromPath) *in* modules/rewrite/classes/RewriteUrlGenerator.class *at line* 103*in* modules/rewrite/classes/parsers/modrewrite/ModRewriteUrlGenerator.class *at line* 56 (RewriteUrlGenerator::_onLoad) *in* init.inc *at line* 166 (ModRewriteUrlGenerator::initNavigation) *in* main.php *at line* 197*in* main.php *at line* 104*in* main.php *at line* 88Request variables: Array(    [path] => 2010 Racing Season/Spencer 5-29-10/    [page] => 8    [GALLERYSID] => 01f124c568689c4299a62345b67634e0)


----------



## ratssass (Jan 8, 2013)

dewey said:


> Looks like a normal web spider to me... what makes you say it's a malicious link?  Was it in a comment or??



In my "Recent Activities" tab in my site administration.........


----------



## ratssass (Jan 8, 2013)

sheezus.................i don't know anything about this chit.In 6 yrs,Ive never even met the guy that set up/kinda maintains my site.I think his name is Chalie,and he only communicates w/3 girls we call the angels...


----------



## Chris R (Jan 8, 2013)

You can block entire continents from accessing your site if you'd like... If people from China, Russia, or any other spam-bot-heavy country have no business visiting your website, block them in .htaccess. You can generate the list here: Block Visitors by Country | IP2Location.com

Once you do this, you'll notice a huge decrease in this type of traffic.


----------



## snowbear (Jan 8, 2013)

I wouldn't worry a whole lot.  When I was maintaining the web page for the local 9-1-1 association, I'd see the crawlers all the time.  I used the text file I mentioned to try and keep them on the main index page - it seemed to work pretty well.


----------



## ratssass (Jan 8, 2013)

thanks guys.........i'll have to figure this out........


----------



## ratssass (Jan 8, 2013)

snowbear said:


> I wouldn't worry a whole lot.  When I was maintaining the web page for the local 9-1-1 association, I'd see the crawlers all the time.  I used the text file I mentioned to try and keep them on the main index page - it seemed to work pretty well.



i overreacted??i've got everything backed up,so i could just load everything after i get this figured out


----------



## snowbear (Jan 8, 2013)

I didn't say that, just that I wouldn't worry too much.  You want to make regular backups, anyway, and you want to keep tabs on everything.  Look up the robots.txt (sorry, I don't remember the syntax but IIRC it's pretty basic) and check out the link Chris R provided.

edit: Here's a list of robot crawlers: http://www.robotstxt.org/db.html


----------



## Derrel (Jan 8, 2013)

You aren't "the guy" who maintains the server that hosts all of the "*Hot! live! nude!*" girls' pictures are, are you, by any chance???? lol


----------



## unpopular (Jan 8, 2013)

I'm going to write a script that pings your site several times per hour, just to futz with you.


----------



## thetrue (Jan 8, 2013)

unpopular said:


> I'm going to write a script that pings your site several times per hour, just to futz with you.


I'll set up a proxy here that you can use to further confuse... Hehe


----------



## Derrel (Jan 8, 2013)

I'd be happy to mirror for ya'll...


----------



## unpopular (Jan 8, 2013)

sweet. Now we just need a fake URL that it ties back to, like www.identity4sale.com


----------



## rexbobcat (Jan 8, 2013)

My professional observation tells me that your site is slowly being converted and routed into a pornography site.


----------



## ratssass (Jan 9, 2013)

rexbobcat said:


> My professional observation tells me that your site is slowly being converted and routed into a pornography site.



seriously?


----------



## dewey (Jan 9, 2013)

ratssass said:


> rexbobcat said:
> 
> 
> > My professional observation tells me that your site is slowly being converted and routed into a pornography site.
> ...



No.

At least I hope no... I'm optimistic it was sarcasm.  

Bots and spiders, while sometimes annoying, are also usually harmless.  Google is not evil, although they are a business and they make money - so sure - they must be evil LOL.  Anyway - if having this sort of traffic bothers you there are ways to block it.  It really depends on your web host - it's sometimes easier or more difficult based on the host.  I had a similar experience about a year ago... all from China.  It stopped after a few weeks... and I'm assuming my site is now in all of the Chinese search engines.  

You can also contact the host and open up a help ticket.

Deep breathing.


----------



## ratssass (Jan 9, 2013)

Thanks,Dewey.
If they are harmless,that's a huge relief.However,they are bothersome in the sense that I try to track which type of shots,along with which teams are being viewed.It's just a small site basically dedicated to 2 local tracks,with a couple others thrown in.While it isn't much,it does help defray expenses.That is why I was freaking out.Why would anyone not local be interested in anything I have going on?
 Also,I was wondering if this was something at the server level,or the site level?
 This isn't really anything I have time to spend researching,and trying to figure out.I'm thinking that unless its something I can fix easily,I need to get in touch with the mystery man that set my site up.


----------



## dewey (Jan 9, 2013)

I understand, and yes if you're trying to track which files are more popular it will drive you nuts.  On the other had any reasonable tracking system can be set to filter out these erroneous clicks.

As far as whether it's a brute force website sort of 'attack' or it's just spiders checking every single file you could use just about any tracking software.  Google Analytics offers some really good views of what's what with your website.  You may want to give it a try if you don't already use it.

Have you seen a noticeable increase in the bandwidth usage or just more traffic?


----------



## Alex_B (Jan 9, 2013)

Welcome to the WWW ... if you open an umbrella, you should be not afraid of it getting wet in real rain. If you put up something on the web, it will be seen, downloaded, crawled by bots. 
If you do not like that, shut down your site. But there is no reason to do this as all is totally harmless and just the way things work.


----------



## dewey (Jan 9, 2013)

Maybe you should google "empathy" Alex.


----------



## Alex_B (Jan 9, 2013)

dewey said:


> Maybe you should google "empathy" Alex.



I did google "reality" instead. Because I thought it would be more helpful to to calm down false fears 

(Didn't intend to sound nasty in any way here)


----------



## ratssass (Jan 9, 2013)

dewey said:


> Maybe you should google "empathy" Alex.



...really!!
for those who choose to help,i thank you,for the rest,try the "How Much Should I Charge" threads


----------



## Alex_B (Jan 9, 2013)

I thought my post helpful, as it reflects reality. 
If it did not help, then I got either your question wrong, or misconceived the psychology behind your question. In any case if this is so, please just ignore my answer.


----------



## rexbobcat (Jan 9, 2013)

ratssass said:
			
		

> seriously?



No no I was just kidding.

Notice how I said "professional" when I don't really l know jack**** about SEO and such.


----------



## Chris R (Jan 9, 2013)

Doing a quick Google search of the Chinese IP you say is hitting your site reveals that it is an IP owned by Baidu.com which is China's #1 search engine. They are basically the Google of China. If a malicious bot was attempting to access your site, chances are they would have already if they could. Most bots like that just crawl around the web attempting very specific exploits on websites.

So... yeah... you're waaaaaaaaay overreacting here, but if foreign countries have no business accessing your site, simply block them using the link I provided last night.


----------



## Chris R (Jan 9, 2013)

ratssass said:


> Thanks,Dewey.
> If they are harmless,that's a huge relief.However,they are bothersome in the sense that I try to track which type of shots,along with which teams are being viewed.It's just a small site basically dedicated to 2 local tracks,with a couple others thrown in.While it isn't much,it does help defray expenses.That is why I was freaking out.Why would anyone not local be interested in anything I have going on?
> Also,I was wondering if this was something at the server level,or the site level?
> This isn't really anything I have time to spend researching,and trying to figure out.I'm thinking that unless its something I can fix easily,I need to get in touch with the mystery man that set my site up.



Install (or have installed) Google Analytics. It'll provide you with all this data in a nice, clean, and easy to read way.


----------



## unpopular (Jan 9, 2013)

ratssass said:


> dewey said:
> 
> 
> > Maybe you should google "empathy" Alex.
> ...



Awwwww. You come here expecting free network advice and then are inconvenienced by snarky replies. Poor, poor ratssass.


----------



## ratssass (Jan 9, 2013)

blow me


----------



## vtf (Jan 9, 2013)

google=skynet!


----------



## unpopular (Jan 9, 2013)

ratssass said:


> blow me



Such naughty language!


----------

