• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question High traffic website, but from where?

S

SalvadorS

Regular Pleskian
Hello,

I have a website with 20Gb of http traffic everyday. But I check the logs and all seems to be normal not such that traffic at all. I don´t see from where these stats comes. Also web-stats are active in this domain and numbers does not match at all.

Anybody can tell me how I can know from where that http traffic comes?

Thank you
 
Hi there,
if you want to find the ip addresses which are connected to the server right now, just run
Code: 
ss -tan state established | grep ":80\|:443" | awk '{print $4}'| cut -d':' -f1 | sort -n | uniq -c | sort -nr
This output counts the connections to the whole server right now.

If you want to know the count for a special website in a special time range, just do this:
Code: 
mkdir /root/datastats
cd /var/www/vhosts/system/<yourdomain>/logs
for i in *; do find $i -mtime -3 -type f -exec cp -a {} /root/datastats \;; done
To copy all logs from <yourdomain> in a temporary folder. Please replace <yourdomain> with your domain name.
You also can replace the -3 with any number you want, it represents the days you wanna check.

Code: 
cd /root/datastats
for i in *; do [[ ${i:(-3)} == ".gz" ]] && gunzip $i ; done
for i in *; do grep -rh "\[19/Dec/2021" ./$i > $i.accessed; done
cut -f 1 -d ' ' *.accessed | sort -n | uniq -c | sort -nr | less
To check the files. Replace 19/Dec/2021 with the day you wanna check. The last command shows you the count and ip connected to the website.
 
Dear Fabian,

Thanks a lot for this. It helped a lot. I checked all the IPs but I don´t find any "out of normal" ... most visits are from google... nothing strange found with the IPs, still don´t know why the traffic are so high...
 
SalvadorS said:
Dear Fabian,

Thanks a lot for this. It helped a lot. I checked all the IPs but I don´t find any "out of normal" ... most visits are from google... nothing strange found with the IPs, still don´t know why the traffic are so high...
Click to expand...
How do you measure the traffic from the website? Within Plesk itself?
 
So, the traffic is measured by month.
You checked above the log of one single day.
You could modify the commands above to the following:
Code: 
mkdir /root/datastats
cd /var/www/vhosts/system/<yourdomain>/logs
for i in *; do find $i -mtime -30 -type f -exec cp -a {} /root/datastats \;; done
cd /root/datastats
for i in *; do [[ ${i:(-3)} == ".gz" ]] && gunzip $i ; done
cut -f 1 -d ' ' * | sort -n | uniq -c | sort -nr | less
Don't forget to delete the /root/datastats folder first.
With this commands, you will get the stats of the last 30 days (if stored).
Please note that the commands can last a little time running.
 
You must log in or register to reply here.

Similar threads

E
Question Optimize a high traffic website
Replies
5
Views
6K
ChristophRo
ChristophRo
B
Issue High latency, unreliable performance & 522 errors on a Plesk server that ran fine for 6+ months
Replies
1
Views
229
Sebahat.hadzhi
Sebahat.hadzhi
stvnthomas
Issue Missing AWStats
Replies
4
Views
1K
paskuale
P
S
Issue Plesk Control Panel search and specific pages/actions are extremely slow, while website works fine.
Replies
3
Views
1K
SirAdams
SirAdams
michaeljoseph01
Question How to block non-mail traffic to certain ip?
Replies
1
Views
991
MarkM
MarkM
Back
Top