I'm trying to help a potential customer that is trying to protect her
content (various .pdf documents and some .jpg files) from being stolen
by people with site ripper programs and resold elsewhere. She employs
uid/password protection to her site, but most site rippers can use
uid/passwords, so it doesn't keep anyone from buying access to her site,
plugging the uid/password they get into the ripper, and reselling her
content.
I've thought of a couple of way I might be able to protect her content,
and I was hoping someone with a similar problem might offer some
suggestions.
1) Put a very small link in every page that a person browsing the site
wouldn't see to a cgi that would put the IP address of the http request
in the ACL to block it for an hour. The site ripper would traverse the
link and trigger the CGI, but the casual user wouldn't touch it because
they wouldn't see it.
2) Set up some kind of firewall that would block for an hour anyone
making more than X number of http requests in a minute.
Is there anything else that anyone can think of, like creating a script
to monitor the http logs for signs of a ripper and block it? Does
anyone have any practical experiences with this that could offer
suggestions?
Thanks,
John
