Hi There I have a client with an adult site, weve recently exceed our bandwidth with our host, we have our own box, and 1,500 GB per month download, usually we hit about 100 gigs per month. Recently however, the download spiked, traffic however, remained constant. What we found in the access logs is that someone or something (eg bot) is downloading the videos, constantly, they are using a varied range of IP addresses. A line from the access log would look like this 95.25.253.212 - - [11/Mar/2011:19:58:07 -0500] "GET /media/trailers/tlof20110227a-trl6uHk.flv HTTP/1.1" 200 2485863 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.2.15) Gecko/20110303 Firefox/3.6.15" Code (markup): wher as a regular user watching a trailer i believe looks like this line 121.79.225.133 - - [11/Mar/2011:20:29:27 -0500] "GET /media/trailers/tlof20110307a-trl4HYq.flv HTTP/1.1" 200 2574294 "http://www.domain.com/mediaplayer/player.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.133 Safari/534.16" Code (markup): I was thinking block the ip's via htaccess, but they must have proxy servers or something, then i thought of using a PHP file to get the contents of the FLV file, but then that php file could just be called, and the same bandwidth issues would happen again. Can anyone think of any possible solution, this is costing us a fortune. Regards Paul
Use generated links. For apache read: http://code.google.com/p/mod-auth-token/ Code (markup): For lighttpd google mod_secdownload
Another trick is to use something like DDOS deflate. Not sure if it would help in your solution, but it does help with most minor DOS attacks.
I agree with dl on this one. Just limit the parallel downloads. What control panel does your server use?