Originally prepared to choose to use FTP as a download server, but after a few days found that many are through the hotlinking way to ftp download. The server provides uploads at full speed, but the site has a very small amount of page views. Because FTP is not allowed to put hotlinking characteristics, it can only consider to discard the use, and finally decided to use HTTP download to replace.
Downloading directly with an HTTP server is not easy. Initially configured in IIS, IIS can only set the maximum download speed and maximum number of connections, this is obvious to some people who use the download tool to open the 50+ thread-bullying download of the friend is obviously not. Online search for a long time to find a use of Delphi to read the ISAPI filter and other fee software. Tried after all did not work, and then gave up, and finally found that Apache has these open source function modules, and ultimately create a perfect limit of the HTTP download server.
First of all, the meaning of the perfect limit: anti-theft chain, limit the number of client download threads, limit the download bandwidth. Here's how to implement these functions in Apache.
anti-theft chain
The traditional anti-theft chain is through the referer to judge the user antecedents, but such a method for the download tool is useless, because now the download tool can be forged referer already.
Now some popular anti-theft chain of the way is used to browse the page when a random authentication code, when the user clicks on the connection, the server will verify that the validation code is valid to determine whether to allow downloading. Or use some method to disguise the actual address of the file. But I think these are not easy to use, I used a simple and effective way to achieve the chain of anti-theft.
In fact, with cookies, with the Apache URL rewrite module is very simple to achieve anti-theft chain download.
First, when browsing the page, a special cookie is sent to the client, such as "site=3grjz.com", and hotlinking will not have the cookie.
search in Apache's httpd.conf file:
#LoadModule Rewrite_module modules/mod_rewrite.so
Remove the # in front of it, and then find the <directory/> block, adding code like the following:
Copy Code code as follows:
<directory/>
# Other configurations ...
Rewriteengine on # start URL rewrite engine
Rewritecond%{http_cookie}!^.* (?: site=3grjz.com). *$ # REDIRECT requests with no special records in cookies
Rewriterule ^.*$ error.html # REDIRECT illegal access to error page
</Directory>
This way if a hotlinking request is redirected to the wrong page because there is no special cookie, even if the actual address is exposed. As for the content of this cookie and the effective time can be set by the administrator himself, that is to say, the download tool is also unable to forge, thus preventing the server resources are hotlinking the risk.
limit Client multithreaded download operation process
Restricting multithreading now requires the use of an Apache extension Module Mod_limitipconn, here is the author's official website [Url]http://dominia.org/djao/limitipconn2.html[/url], Download the appropriate version of the module file to the Apache installation directory under the modules directory, and then search in the httpd.conf file:
#LoadModule Status_module modules/mod_status.so
Remove the # in front of it and add:
Extendedstatus on
LoadModule Limitipconn_module Modules/mod_limitipconn.dll
# If you're not downloading the win version, please change the file name to the filename you downloaded
Copy Code code as follows:
<ifmodule mod_limitipconn.c>
<location/> # Here represents a limit to the root directory, which is the full limit, which can be modified as needed
Maxconnperip 2 # This represents up to two threads at a time
Nolimit html/* # This indicates that the HTML directory is unrestricted
</Location>
</IfModule>
This allows more than 2 thread requests from the same client to be rejected, limiting the client's multithreaded downloads.
Limit download Bandwidth Operation flow
This also requires extended module support, the module is MOD_BW, the author's official website [Url]http://ivn.cl/apache/[/url] can be downloaded to. It is also placed under the modules directory and then added in the httpd.conf file:
LoadModule Bw_module Modules/mod_bw.dll
Then find <directory/> block, add:
Copy Code code as follows:
<directory/>
# Other configurations ...
Bandwidthmodule on # Start bandwidth throttling
Forcebandwidthmodule on # Start bandwidth throttling
Maxconnection All 2000 # Maximum connection number 2000
Bandwidth all 200000 # Single client maximum bandwidth 200KB
</Directory>
This limits the number of simultaneous connections up to 2000, and the maximum 200KB download bandwidth per client.
To this end, our perfect limit HTTP download server is configured to complete, restart your Apache these functions will be effective. Because Apache and these modules are open source for free, we don't have to pay for it, we don't have to buy third-party software, we just need to know more about the use of these software. Do not pray for everything there is a good thing, do it yourself will have a different harvest.