Posted by P Pulkkinen on 02/01/07 00:09

"Nu" <no@spam.com> kirjoitti
viestiss�:uE9wh.489905$Fi1.59287@bgtnsc05-news.ops.worldnet.att.net...
>I want to protect myself from if someone with a fast connection hammers my
> site. It's not denial of service attacks, but offline downloaders

Sorry, if I misunderstand or miss something. I understood that you mean
persons that use some batch to fetch the _output_ of your script, perhaps
automaticly on timely basis. But not _download_ it in sense of ftp/scp.

1) Can you use $_SERVER["REMOTE_ADDR"] to identify downloaders from each
other?

2) Does it really matter if they are online or offline, if the POINT is
that some people (or machines) execute your index.php or other script
_too_often_?

3) How about this scenario:
You have two database tables:
DOWNLOADS
- download_id
- filepath
- remote_ip
- timestamp
TROUBLEMAKERS
- remote_ip
- filepath

In the END of every script execution you add an entry to downloads table.
You also check, if that filepath/remote_id-combination has become bad enough
to be inserted into troublemakers table. You use some mathematics to define
characteristics of being evil downloader.

In the BEGINNING of every script, you make a database query to troublemakers
table and if current filepath/remote_id-combination is there, stop the
execution immediately.

Downside here is that mysql traffic increases, even php traffic may
decrease. If they was a way to check evil filepath/remote_id-combinations in
apache side, of course troublemakers table could be replaced with
troublemakers-file as well or a file that would be apache magik with that
data inside.

[Back to original message]