A company I worked for had a hosting customer, a good-sized sporting events organization, call up one day to complain that his site was over quota. Investigation revealed that the cause of being over quota was log files, which usually indicates a surprisingly high traffic website, which happens when a customer gets FARKed. (www.fark.com).
Customer admitted that he had gotten major publicity very recently, but not enough to explain the level of logfiles which had appeared in his logs directory, which at first glance had the flavor of a denial-of-service attack.
Further investigation revealed the culprit. The customer had placed a javascript-based countdown script on his main page, which counted down days, hours, minutes and seconds to a major event (which was months away). The script preloaded its images at the beginning, which is normally good, because then you can refer to them without loading them each time. However, due to either lazy programming or failure to think it through, the developer simply had the script call itself at the end, preloader and all.
The result? EVERYONE who loaded the page and left it on their screen had a counter running. The counter reloaded nine images from the server every second.
Fix? Well, the customer disabled the script when we explained it to him. However, that was not quite a fix. Nothing you can do about all of those users who already had the page loaded and were watching the countdown (or not). NOTHING. The page itself never reloaded, so all we could do was to remove the counter images themselves (or rename the directory), which slightly reduced the amount of traffic, in hopes that the people watching the counter would stop seeing the counter, and perhaps instinctively hit RELOAD.
