Welcome to WebmasterWorld Guest from 54.226.46.6

Forum Moderators: phranque

Message Too Old, No Replies

Stop people from leaching my site.

What CGI/Methods.

     

EliteWeb

12:08 am on Jan 8, 2002 (gmt 0)

WebmasterWorld Senior Member eliteweb is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Hello Webmasterworld!

I have a large site with thousands of files for people to download. (not the one in the profile) I have run into a few peopple using programs like Interanarchy to leech the whole website, by following links and saving it all.

Driving my site to sends gigs of data, in the end costing me.

Any suggestions or cgi's etc you recommend?

EliteWeb

amoore

3:09 am on Jan 8, 2002 (gmt 0)

10+ Year Member



There are a few tricks to prevent this.

One is to not allow downloads unless the referer that the browser provides is from your site. Not very effective because some people don't send referers anyway, some like to use an ftp client other than a browser after they have navigated your site to the downloads area, and the bad guys can fake it. It is rather easy to implement.

Another way is to put a link on every page to a CGI script. If this script is called, it should ban that IP address from your webserver for a little while (maybe a minute or 5.). Then you make the links "unclickable" by not including any text in it. This way, a regular browser will never see the link and click on it, but a site mirroring script will see it and try to mirror it. When it does it gets banned. I'm not sure if I explained that well, but your links should look something like:
<a href="/banme.cgi"></a>
notice there's no text there to click. You might want to use a better name for the script than that.

There are other ways, but these are two that provide big "bang for buck"

Tapolyai

3:14 am on Jan 8, 2002 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



An other way is to log the IP with time in a small DB, and put a counter to it. Increment the counter every time the same IP gets a file.

When the counter reaches your max alloted downloads, lock out the IP address or send a simple text file stating that they have reached their limit within say 24 hours.

You can either make the cgi self cleaning, ie. update the db by dropping first every IP that is stale, or just run a cron job once an hour to do the same.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month