Use Apache to build a perfectly limited HTTP download server
- 2020-05-10 23:22:38
- OfStack
At first, I was going to choose FTP as the download server, but after a few days, I found that a lot of FTP was downloaded through hotlinking. The server is constantly pumping out uploads, but the page views of the site are paltry. Since FTP is inherently hotlinking disabled, it was considered to be abandoned and decided to use HTTP download instead.
It is not easy to download directly from the HTTP server. Initially configured in IIS, IIS can only set the maximum download speed and the maximum number of connections, which is obviously undefeneable for those who use the download tool 1 to open 50+ threads to download arbitrarily. After searching N for a long time on the Internet, I found an unknown ISAPI Filter written in Delphi and some other charging software. When I tried it, it didn't work, so I gave up. Finally, I found that Apache had these open source functional modules, and finally created a perfectly limited HTTP download server.
First of all, say the meaning of perfect limit: anti-hotlinking, limit the number of client download threads, limit the download bandwidth. The following 11 shows how to implement these functions in Apache.
hotlinking prevention
's traditional anti-hotlinking method relies on Referer to determine where the user is coming from, but this method is of little use to download tools that have long been able to fake Referer.
's popular anti-hotlinking method is to generate a random captcha while browsing the page. When the user clicks on the connection, the server will verify that the captcha is valid and decide whether to allow the download or not. Or you can disguise the actual address of the file in some way. However, I think these are not very easy to use, I used a simple and effective way to achieve hotlinking.
is actually using Cookie, URL Rewrite module with Apache is very simple to achieve anti-hotlinking download.
When first browses the page, it sends a special Cookie to the client, such as "Site= 3grjz.com".
searches Apache's httpd.conf file:
# LoadModule rewrite_module modules/mod_rewrite so
Get rid of the # in front of it and find it again < Directory / > Block, in which the following code is added:
<Directory />
# Other configurations ...
RewriteEngine On # Start the URL Rewrite engine
RewriteCond %{HTTP_COOKIE} !^.*(?:Site=3grjz.com).*$ # for Cookie There is no special record of the request to redirect
RewriteRule ^.*$ error.html # Redirect illegal access to the error page
</Directory>
This way if a hotlinking request is redirected to the error page because there is no special Cookie, even if the actual address is exposed. As for the content of Cookie and the effective time, it is completely up to the administrator to set, which means that the download tool can not be forged, thus preventing the risk of server resources being hotlinking.
limits client multithreaded download operation flow
limit multithreaded now need to use a Apache mod_limitipconn extension module, here is the author of the official website [url] http: / / dominia org/djao/limitipconn2 html [/ url], first download for your version of the module file to Apache modules directory under the installation directory, and then in httpd. conf file search:
# LoadModule status_module modules/mod_status so
Remove the # before it and add:
ExtendedStatus On
LoadModule limitipconn_module modules/mod_limitipconn dll
If you are not downloading version, please change the file name to the file name you downloaded
<IfModule mod_limitipconn.c>
<Location /> # This represents the limit root, or all limits, which can be modified as needed
MaxConnPerIP 2 # This means at most two threads at the same time
NoLimit html/* # Here said html Directory is not restricted
</Location>
</IfModule>
Requests from more than two threads from the same client will be rejected, limiting the multi-threaded downloads on the client side.
limits the download bandwidth operation flow
extension module is required for the same, the module is mod_bw, in the author's official website [url] http: / / ivn cl apache / [/ url] can be downloaded to. Again, put it under the modules directory and then add it to the httpd.conf file:
LoadModule bw_module modules/mod_bw dll
To find the
<
Directory /
>
Block, add:
<Directory />
# Other configurations ...
BandwidthModule On # Startup bandwidth limitation
ForceBandwidthModule On # Startup bandwidth limitation
MaxConnection all 2000 # Maximum number of connections 2000
Bandwidth all 200000 # Maximum bandwidth for a single client 200KB
</Directory>
This limits the maximum number of simultaneous connections to 2000 and the maximum download bandwidth of 200KB per client.
At this point, our perfectly limited HTTP download server is configured, and restarting your Apache will take effect. Since Apache and these modules are open source and free, we don't need to pay a penny for them. We don't need to buy third-party software. We just need to know more about how to use the software. Don't pray for good things, do it yourself once will have a different harvest.