Maybe you can limit the times per hour that a single IP address can
download something from your web site.
For example max 50 download per file per hour for a single IP address.
This prevents current and future abuses...
---
Marco Bambini
http://www.sqlabs.net
http://www.sqlabs.net/blog/
http://www.sqlabs.net/realsqlserver/
On Jan 30, 2007, at 1:58 PM, [EMAIL PROTECTED] wrote:
Last night, a single user (or, at least, a single IP address)
in China that self-identified as running windows98 and
Mozilla 4.0 attempted to download sqlite-3.3.12.tar.gz
24980 times and sqlite-source-3_3_12.zip 25044 times
over about a 5 hour period, sucking up significant
bandwidth in the process.
I've seen this type of thing before and have on occasion
banned specific IP addresses from the website using
iptables -A INPUT -s <ipaddress> -j DROP
But lately, there have been so many problems coming from
win98 and moz4 that I'm thinking of banning all traffic
that self-identifies as such in the User-Agent string of
the HTTP header.
Thoughts anyone? Are there less drastic measures that might
be taken to prevent this kind of abuse?
--
D. Richard Hipp <[EMAIL PROTECTED]>
----------------------------------------------------------------------
-------
To unsubscribe, send email to [EMAIL PROTECTED]
----------------------------------------------------------------------
-------
-----------------------------------------------------------------------------
To unsubscribe, send email to [EMAIL PROTECTED]
-----------------------------------------------------------------------------
