Script to stop malicious excessive downloading from websites

garydavies

New member
Genesis said:
How about adding the need for completing a captcha before images can be downloaded? And make the captcha with something that has to be calculated.

OK, just Googled it and this php script looks interesting - much more intuitive and friendly towards the regulars:
http://www.devshed.com/c/a/php/simple-and-secure-php-download-script-with-limits-tutorial/

Thank you very much. That looks interesting. My problem is that I can design a website but the scripting side is something I know little about apart from setting up a script for an online form which is pretty basic I guess. The 'adding the need for completing a captcha' aspect is not something I know anything about. I guess I need the dummies guide and I should do some homework!


I will check this and see if it is within my capabilities. Anything that will flag up or restrict excessive/malicious downloads is worth investigating. In this case the file that was downloaded over 100,000 times was not a PDF but an image (one of many on the website), but I assume the principle would work for any type of file. Many thanks again.
 

Genesis

Administrator
Staff member
garydavies said:
I will check this and see if it is within my capabilities. Anything that will flag up or restrict excessive/malicious downloads is worth investigating. In this case the file that was downloaded over 100,000 times was not a PDF but an image (one of many on the website), but I assume the principle would work for any type of file. Many thanks again.
I'm not that very knowledgeable about that script as well, but get the notion that it is applicable to all downloads. Would be nice to receive feedback from you once you've found an anti-dote, as I imagine something like this is going to happen more and more. A "new sport" of people with IP's from Texas.

Here's another one I found. It comes with a demo and is more transparent in what it does and how you can control it.
http://www.notonebit.com/projects/download-manager/

Also this YouTube tutorial looks good for showing you where the php scripts are put:
[video=youtube]
 

jaran

New member
It is alot way to prevent your data (image, file and etc) from scraping and leeching.
1. Block IP via htaccess
- You can block specific IP via cpanel. It will auto rewrite your htaccess.
2. Block referer
- You can hide your data from outside domain.
3. Anti flood protection.
- You can use cloudflare service to protect your domain with blocking specific IP
4. Captcha.
- @Genesis was explained about it.
5. Hotlinking
- Im not recommended to using this method but this way is simple enough to protect all your data.