Hi Netlify community,
I hope you’re doing well. I was wondering if you can please help me to diagnose why the bandwidth usage of the deployed site related below, suddenly increased to more that 0.5GB daily, last month it consumed around 20GB, but the normal operation of all the sites I’ve deployed didn’t exceed that much. I think I had 6 or 7 GB per month on average.
I even tried to do some optimizations regarding the cache control of the website, but it appears to be consuming a lot.
This is a Next.js website that was migrated from WordPress, but no WP files are being preserved, so the attached image is even more weird, why this website is calling the ___netlify-handler function to get those non-existing resources?
Thanks in advance for your attention and help on this.
Netlify site: wwwsaharaero
Hi Luis and sorry to be slow to get back to you!
I took a look at our traffic logs for your site and it seems that someone (not sure if you or not) scanned your site with what appears to be a popular security tool called Tenable back on 20 September.
This caused very outsized traffic for a few minutes and burned through quite a bit of your bandwidth.
It does not seem to have recurred so hopefully whomever did it won’t do it again, but we did work to keep your site up even in the face of the unexpected traffic (which was not otherwise problematic for our service; we do have limits on how much can be loaded how fast to protect you, but this tool did not go fast enough to trip them).
Hi @fool, don’t worry. I really appreciate the time you took on this. However, I still don’t understand why the Netlify handler function is making requests to the WordPress files that existed before it was migrated to Next.js. Do you know what could be happening?
The Handler function is not making any requests. (malicious) users of your site are making those requests. Bots and malicious users keep scanning websites for known vulnerabilities, so seeing those requests is fairly normal.
Thanks for your answer @hrishikesh . Is it possible to know where those requests are coming from? I still don’t get how users are finding a dead website, because as I stated before, this was a WP website, that was completely removed and made from scratch using Next.js
Hi, thank you for writing in. I shared your query with our helpdesk. We will provide you with more details privately through there. Stay tuned to your email.