How to drastic reduction of EC2 data transfer cost

by

You want a drastic reduction of EC2 data transfer costs. Your bill shows that almost everything comes from Data Transfer OUT to the Internet (~1.88 TB β†’ $205.66).

I’ll break this down into all levels (coding, server, Apache, Linux, AWS) so you have a complete playbook.

πŸ”Ή 1. Coding / Application Level

Reduce payload before it ever hits the network.

  • Image optimization
    • Convert all images to WebP/AVIF.
    • Use responsive images (<img srcset>), lazy-loading.
    • Compress videos or move them to YouTube/Vimeo/CloudFront/S3.
  • Minify + bundle assets
    • Minify JS/CSS/HTML.
    • Use tree-shaking for JavaScript bundles.
  • API responses
    • Paginate results (don’t send thousands of rows).
    • Use gzip/deflate for JSON responses.
  • Client-side caching
    • Add ETag / Last-Modified headers so browsers re-use cached data.
  • Block hotlinking
    • Stop other websites from embedding your images/videos.

πŸ”Ή 2. Server (Apache / XAMPP) Level

Tune Apache so fewer bytes leave EC2.

  • Enable compression 
AddOutputFilterByType DEFLATE text/html text/plain text/css application/javascript application/json image/svg+xml
  • Enable Brotli (if supported) 
AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/css application/javascript application/json image/svg+xml

  • Caching headers 
<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresByType text/css "access plus 30 days"
  ExpiresByType application/javascript "access plus 30 days"
  ExpiresByType image/* "access plus 30 days"
</IfModule>
  • Serve pre-compressed static files
    • Generate .gz and .br versions of JS/CSS and configure Apache to serve them.
  • Move static files out of EC2
    • Store /images, /downloads, /static in S3 + CloudFront.

πŸ”Ή 3. Linux (OS) Level

Block abusive traffic directly.

  • iptables / ufw / fail2ban
    • Block scrapers sending 100k+ requests.
    • Your log showed DigitalOcean scrapers consuming massive traffic.
  • Rate-limiting
    • Use mod_evasive (Apache) or fail2ban to block excessive requests.
  • Log rotation
    • Rotate access_log daily so abuse detection works cleanly.

πŸ”Ή 4. AWS Infrastructure Level

This is where biggest savings come in.

βœ… CloudFront (CDN)

  • Place CloudFront in front of EC2.
  • Benefits:
    • No EC2 egress cost (origin β†’ CloudFront is free).
    • Cache static assets at edge β†’ repeat hits don’t cost extra.
    • CloudFront per-GB is cheaper than EC2 in most regions.
    • Protects against scrapers (with AWS WAF).
  • Savings:
    • If even 50% of 1.88 TB is cached, you save ~$100/month.

βœ… Move static files to S3 + CloudFront

  • Host heavy files (images, JS, CSS, downloads) in S3.
  • Serve via CloudFront with long TTLs + signed URLs.
  • Completely removes that traffic from EC2.

βœ… WAF / Bot Filtering

  • Attach AWS WAF to CloudFront:
    • Rate-limit: e.g., 1,000 req / 5 min.
    • Block by ASN (DigitalOcean, OVH, Hetzner).
    • Block by bad user-agents (curl, python-requests).
  • This stops scrapers before they cost you money.

βœ… Regional architecture

  • Ensure services talk within the same AZ to avoid cross-AZ transfer ($0.01/GB).
  • Use VPC Endpoints for S3/DynamoDB to avoid NAT Gateway costs.

βœ… Elastic IPs & Load Balancers

  • Avoid unnecessary traffic via EIP/ELB if you don’t need them.
  • If you must use ALB/NLB, ensure CloudFront terminates TLS and forwards traffic privately.

πŸ”Ή 5. Monitoring & Analytics

  • CloudWatch Metrics
    • Track BytesProcessed per IP/URL.
  • VPC Flow Logs
    • See top talkers at the network level.
  • Access Log Analysis
    • Find top abusive IPs/URLs weekly.

πŸ”Ή 6. Cost-Saving Checklist (Action Plan)

βœ… Immediate (this week):

  • Block top abusive IPs (DigitalOcean scrapers).
  • Enable gzip/Brotli compression in Apache.
  • Add caching headers.
  • Truncate and rotate access logs daily.

βœ… Near-term (next 2 weeks):

  • Set up CloudFront in front of EC2.
  • Migrate static files to S3 + CloudFront.
  • Enable AWS WAF for bot filtering.
  • Add signed URLs for large downloads.

βœ… Long-term:

  • Monitor CloudFront cache hit ratio.
  • Continuously optimize payload size (WebP, AVIF, minify JS).
  • Use ipset or fail2ban for auto-blocking at the server level.
  • Consider migrating app β†’ ECS/EKS + ALB + CloudFront if scaling grows.

πŸ’° Expected Savings

  • Block bots (DigitalOcean IPs): 30–60% reduction β†’ $60–120/month saved.
  • CloudFront caching (50–80% hit ratio): additional $80–150/month saved.
  • Move static files to S3 + CloudFront: saves almost all EC2 egress.
    πŸ‘‰ You can realistically cut $205 down to $40–70/month if you apply all options.

Leave a Comment