12 {{ upvoteCount | shortNum }}
12 {{ upvoteCount | shortNum }}

Getting Slammed by Amazon S3 Bills?

by DavidBlaise
10 replies
During the past few weeks our Amazon S3 bills have skyrocketed from < $20 to over $400/month. Amazon customer service is TERRIBLE when it comes to diagnosing this type of thing, suggesting that we manually go through thousands of log files to try to figure out where the charges are coming from.

Long story short, it appears that legitimate users viewing a single 10 meg video file can generate 17 gigabytes of phantom usage (unintentionally downloading the same file dozens or hundreds of times within just a few minutes.) This issue appears to be associated with people using e Chrome version 46 browser.

From the responses we have received from both companies, it seems to me that neither Amazon nor Chrome seem particularly interested in fixing this. Chrome doesn't care because they provide their browsers for free and Amazon doesn't care because they're getting paid to serve it up.

Has anyone else had a similar problem and if so, how did you fix it?
#amazon #bills #chrome 46 #slammed
  • Profile picture of the author kilgore
    To answer your question: no, I've never experienced what you're describing. My S3 usage has never done anything unusual like that. And I've never heard of any issues like you describe with Chrome either.

    It sounds to me like you either have a bug in your application or you have bots or other traffic accessing your data and running up your bill. With that in mind, I'm not surprised Amazon doesn't want to do anything -- it's not really their job to diagnose problems with your application or secure your site from bots. Moreover, their advice to go through your logs (as unsatisfying as it might be) isn't bad.

    If I were you I'd look into something like Loggly, Sumo Logic, Logstash or one of the multitudes of others out there to try to figure this out. You should be able to quickly parse and search those logs, looking for instances where there are multiple downloads from the same IP (if that's really what's happening) or perhaps downloads from bots (if that's what's going on). You can test your Chrome theory by downloading your own file with Chrome and looking at the logs for traffic coming from your IP address. Honestly, I don't have high hopes that Chrome is causing this problem, but it shouldn't be hard to test.

    As for fixing it, it all depends on you and your application. If it's truly a Chrome bug, you can detect the User Agent and do something special for them. If it's bots, you'll need to tighten up your access policies. If it's something else, you'll need to fix your application.

    I realize my answer isn't probably the answer you're looking for but I really do think this is more likely to be a problem with your application than with S3 or Chrome. I'd also suggest you post this question over at a place Stack Overflow -- though to be fair, they'll need a lot more specific, technical information to be able to help you. (How are people accessing S3? What programming languages are you getting? What error messages are you getting? Log results? Etc. etc. etc.) As it is, all anyone can do is conjecture.
    Signature
    {{ DiscussionBoard.errors[10401893].message }}
    • Profile picture of the author David Beroff
      Sorry if this reply is way too simplistic, but sometimes what's obvious to one person isn't to another. Have you considered simply hosting the video on YouTube?
      Signature
      Put MY voice on YOUR video: AwesomeAmericanAudio.com
      {{ DiscussionBoard.errors[10401908].message }}
      • Profile picture of the author DavidBlaise
        Originally Posted by David Beroff View Post

        Sorry if this reply is way too simplistic, but sometimes what's obvious to one person isn't to another. Have you considered simply hosting the video on YouTube?
        Certainly a valid question and I DO prefer simple! We've considered YouTube and we've hosted some videos there. Problem is that people see the YouTube link in the lower right and often click through to see what else you have on YouTube. Once there, it's easy to get distracted by all the "related videos" and other shiny objects and quickly forget why they were on your site to begin with. That's why we would prefer an option that keeps them on our site free of distractions.

        Another simple approach we've tried is hosting the videos on our own servers. However, that becomes slow and is not scalable when a lot of people hit it at the same time.
        {{ DiscussionBoard.errors[10403467].message }}
        • Profile picture of the author David Beroff
          Originally Posted by DavidBlaise View Post

          Certainly a valid question and I DO prefer simple! We've considered YouTube and we've hosted some videos there. Problem is that people see the YouTube link in the lower right and often click through to see what else you have on YouTube. Once there, it's easy to get distracted by all the "related videos" and other shiny objects and quickly forget why they were on your site to begin with. That's why we would prefer an option that keeps them on our site free of distractions.
          Understood and respected. YouTube has a number of switches that you can use to turn most (not all) of the distractions off. Vimeo has a paid option that might also quickly meet your needs; not familiar with it.

          Originally Posted by DavidBlaise View Post

          Another simple approach we've tried is hosting the videos on our own servers. However, that becomes slow and is not scalable when a lot of people hit it at the same time.
          Well, that's not an automatic conclusion, (with all due respect); it's only when you use servers that weren't really intended for that sort of load. You need to use a beefier hosting solution... which is exactly what you are/were doing with Amazon S3. i.e., You're paying for them to deliver a large amount of data quickly, and that's exactly what they are doing.

          So their suggestion to go through the logs is actually reasonable, but you don't have to do so manually; there's quite a bit of software that can do this. My (uninformed) hunch is that the others above are likely correct, that you have content which likely is supposed to be behind a paywall, but you may have uninvited guests. If that's the case, you may have to randomize the URL's, so as to give each paying customer their own, private access; yes, there's software to do this, as well.

          If (for some unlikely reason) the issue really is with S3, (which I highly doubt), I can get you another similar-class host, (Rackspace), for $5/mo. PM me, since I don't feel like getting banned again for answering a relevant question with a relevant answer which includes a URL.
          Signature
          Put MY voice on YOUR video: AwesomeAmericanAudio.com
          {{ DiscussionBoard.errors[10403521].message }}
    • Profile picture of the author DavidBlaise
      Originally Posted by kilgore View Post

      To answer your question: no, I've never experienced what you're describing. My S3 usage has never done anything unusual like that. And I've never heard of any issues like you describe with Chrome either.

      It sounds to me like you either have a bug in your application or you have bots or other traffic accessing your data and running up your bill. With that in mind, I'm not surprised Amazon doesn't want to do anything -- it's not really their job to diagnose problems with your application or secure your site from bots. Moreover, their advice to go through your logs (as unsatisfying as it might be) isn't bad.

      If I were you I'd look into something like Loggly, Sumo Logic, Logstash or one of the multitudes of others out there to try to figure this out. You should be able to quickly parse and search those logs, looking for instances where there are multiple downloads from the same IP (if that's really what's happening) or perhaps downloads from bots (if that's what's going on). You can test your Chrome theory by downloading your own file with Chrome and looking at the logs for traffic coming from your IP address. Honestly, I don't have high hopes that Chrome is causing this problem, but it shouldn't be hard to test.

      As for fixing it, it all depends on you and your application. If it's truly a Chrome bug, you can detect the User Agent and do something special for them. If it's bots, you'll need to tighten up your access policies. If it's something else, you'll need to fix your application.

      I realize my answer isn't probably the answer you're looking for but I really do think this is more likely to be a problem with your application than with S3 or Chrome. I'd also suggest you post this question over at a place Stack Overflow -- though to be fair, they'll need a lot more specific, technical information to be able to help you. (How are people accessing S3? What programming languages are you getting? What error messages are you getting? Log results? Etc. etc. etc.) As it is, all anyone can do is conjecture.
      Thank you for your thorough response. You've certainly given us some good places to start. We have not yet begun to fight!
      {{ DiscussionBoard.errors[10403499].message }}
  • Profile picture of the author Rob Whisonant
    It really sounds more like your S3 bucket has been listed on blackhat and file sharing sites.

    Re's
    Rob Whisonant
    Signature
    FREE Email Marketing Quick Start Course! Start Building a Profitable Email List Today!
    {{ DiscussionBoard.errors[10402091].message }}
    • Profile picture of the author DavidBlaise
      Originally Posted by Rob Whisonant View Post

      It really sounds more like your S3 bucket has been listed on blackhat and file sharing sites.
      That's what we thought initially. However, from what we have been told, the log files don't appear to support that theory. Still investigating, however. Thank you!
      {{ DiscussionBoard.errors[10403488].message }}
  • Profile picture of the author Market4Keyword
    You wrote that Youtube is not good enough since people click on
    the "Youtube" logo and then get distracted by all the related videos
    shown.

    Just a suggestion for you : check out Vimeo.com . Similar to Youtube.
    They also offer a "Pro" service. Even Ebay uses their service.
    Really good for video hosting. And it's not too expensive as well.

    https://vimeo.com/pro

    You can try them for free.
    {{ DiscussionBoard.errors[10403581].message }}
  • Profile picture of the author kimanierick
    if there is such a problem, then I have not noted it or am too ignorant. Will try and see if your theory might be true. I suggest then you consider vimeo. it might for you since you have discredited you tube which would have been the best resort. i hope you will find the best option. thanks
    Signature
    Top Paying Network
    {{ DiscussionBoard.errors[10403656].message }}
  • Profile picture of the author Jesus Perez
    Vimeo Pro is the answer. I don't recommend S3 for video sharing and don't understand why others do. It gets really expensive, really fast.
    Signature

    {{ DiscussionBoard.errors[10404467].message }}

Trending Topics