Here's the situation -- site I am doing a security audit on a shared hosting website that uses flat file text databases. Site owner is concerned about bandwidth usage which spikes now and again. I have grep'ped the logs in search of problems but can't find any big ones. BUT, noticed that very often an entire flatfile database is "slurped" and served via http and ends up in webserver logs. The requesting IP address, however, every time is the hosting address for the site -- the site's own IP. Further looking around and it seems the coder used the PHP 'file' function to slurp each database as needed into a big array and then manipulated the data. Clunky, yes, I know, but that's not what my question is. When he 'slurped' he did something like $dataArray = file ("http://thisdomain.com/path/to/data.txt"); Instead of $dataArray = file ("/root/local/path/to/data.txt"); So, 'file' is fetching the data with http request and the request ends up in the logs. Some of these databases are 100K, 200K, 350K in size. Question: Does this HTTP get request, which ends up in the webserver logs and which is coming from the site's own IP address, go into what WHM/Cpanel calculates as 'Bandwidth.' ?? (I've looked at FTP and email bandwidth and they're reasonable, it's http bandwidth that's spiking). Does anybody know the answer to this?