Tips on figuring out sudden spike in hits

Website URL

freschscorner.infinityfreeapp.com

Other Information

I run a small website which hosts a translation of a webnovel. I barely get any attention and no hits. Suddenly, at 12:15, I get an email from infinityfree saying I used 50% of my hits. One minute later, at 12:16, I got another email informing me I hit the limit and my account is deactivated. Then, I got another email telling me my account was suspended for spam.
The website is down and cloudflare labels it a phishing site, and support informed me that despite the account being listed as blocked for “abuse”, it’s just down because I somehow hit the hits limit.

My only guess on how I got such a sudden spike in hits is I got DDOSsed. Not sure how likely that is. Support informed me that they don’t track such things, so it’s up to me to figure out what happened and hopefully mitigate whatever caused the site to go down.

I’m completely new to hosting websites and barely know anything, so I’d appreciate it if anyone can point me in the right direction. As far as I know, CloudFlare is not something I can manage as it’s a free domain, and seemingly it didn’t do anything in the first place. Once I get access to my site, I’ll see if I can check my statistics WP plugin to see what the heck happened, and of course back up the site in case it goes down again.

After checking my site, the statistics plugin said I got 20ish views in total. That doesn’t seem right.

Robots cannot execute the script that the analytics software used. Plugins are not magic.

Read:

5 Likes

Yup, I read that page already, but nothing in the article really helped me. It’s a very simple website with very few assets, and my average hit usage was very low in the first place. Only one time did it spike up and hit the limit, which I can see on the panel’s statistics page. That’s where my suspicion of a DDOS comes from.
Is there anything I can do to figure out what’s causing this, for future reference? I believe it’s unlikely for me to figure out anything retroactively, but it’d be good if I set up such a system in case this happens again.

You need to optimise your site.

Each page view is roughly equivalent to 110 hits. Is that low?

4 Likes

Alright, I’ll have to dig into how to optimize the site.
Still, it feels a bit off. Even if each pageview is 110 or so hits, I get an average of 120ish pageviews, with no more than 200 in total, that’d be around 20k-25k hits at most, right?

Plus

These are not included by your plugin but still counted as hits by the hosting account.

5 Likes

Asking the same question over and over is unlikely to yield different results, especially when everyone including the article says that it’s not possible.

You are free to deem this as “unhelpful” of course, but sitill, it’s unlikely to change anything.

4 Likes

Alright. So I have to be very conservative when measuring resources. Thanks.

I’m just trying to figure out a starting point on how to counter this problem. I’m not complaining, was just giving context. My apologies if it came across that way.

Thanks to KangJL’s image, I have a starting point on how to measure hits, and I know where to start googling to make my website more efficient.
Just to clarify, the statistics on cpanel over the past few months never got close to 50% of the hit usage, nevermind 100%. That’s why when I suddenly hit the limit, I thought it was some sort of attack, not an underlying issue with my site. Using the chrome network analysis tool I found a few things that caused a lot of hits, and disabling/deleting them has reduced my per-page hit count from 130ish to 70. Will keep looking for ways to optimize the site.

1 Like

i have a few tip to lower the hit, first is try not to host all of your image, css, js file on infinityfree if possible, for image i can recommend you to use imgur or imgbb, for css you can use github, for js you can use cloudflare free cdn (i think this tip only work if your site is custom build), if you think thats too much work then try not to create mutiple file for your site, like put css and js on same place of the page, like instead of you can just put your js script on the site like . The tip sound simple but it dramatically reduce the hit of the page. I hope this helpful to you.

2 Likes

It is very helpful, thank you. CSS being hosted on github is nothing new to me, I have done that before. I don’t upload many images, I think I’ve only got the website logo, and three or so images, so they should be alright for now. Cloudflare is out of the question because I don’t own the domain.

That hits usage does not look high enough for a DDoS attack. My guess is you got it by a web scraper or bot (potentially a vulnerability scanner or AI scraper).

You have a free subdomain so not much you can do to avoid this, my recommendations are to get a custom domain and drastically reduced number of hits required per load

8 Likes

So there isn’t much I can do about such spikes then, huh? Alright, thanks for the pointers.
I thought infinityfree would block such scrapers or bots…
I’ll work on improving my site’s hit usage in the meantime.

It’s impossible to block all scrapers and bots. There are companies that spend thousands if not millions of dollars a year and they still fail (think Google, Microsoft, etc)

4 Likes

well, that’s unfortunate.
Guess all I can do is maximize my website’s efficiency, and pray I don’t get hit again.
Thanks for clarifying.

The security system does a reasonable job, but its not infallible.

I had the same problem, and the best fix i found was using a custom domain, and using cloudflare to help reduce hits.

You can get a free .pp.ua domain if you want to go down this route.

you can see how at this link:

4 Likes

will take it into consideration, but I think for now I’ll monitor and see how often I get hit. If it’s a one-off or infrequent, I think I might just tank the hits. Not like my website gets traffic anyways, it’s more a hobby. Appreciate the help.

2 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.