Antileech
Aim
A simple system for reducing bandwidth leech drastically for UNIX based systems serving large files across http.
Background
Running a large website for downloading videos posed numerous problems as more and more visitors came:
- Direct bandwidth 'theft' - static links from other websites to files
- Indirect 'theft' - benign links on web forums etc.
- Large bandwidth bills which could be avoided
Hence my desire to setup a rigid system for reducing "leeching".
System
This system uses 'symbolic links' (hence the need for a UNIX based system), a scripting language (I use PHP but the actual language is irrevelant), the Apache web server (also irrelevant) and 'cron' tasks.
Method
- Store actual content "out-of-reach" of web users, so in a directory outside your web directory
- Create unique symbolic links per file request in the web directory
- Delete symbolic links older than 3 minutes
- Add .htaccess directives to redirect bad links elsewhere (front page)
Implementation
As above, you need to store your data outside your web directory eg:
/home/user/ Your home directory /home/user/files/ Actual files stored here /home/user/public_html/ Your 'web' directory /home/user/public_html/files/ Where your links will go
For each file request, you will need a function to create a symbolic link. Here is an example of what I use (in PHP):
umask("0000"); $file=$_SERVER["QUERY_STRING"]; $dir=md5(crypt("random")); mkdir("/home/user/public_html/files/$dir"); symlink("/home/user/files/$file", "/home/user/public_html/files/$dir/$file"); $url="http://my.website.com/files/$dir/$file"; header("Location: $url"); exit;
The 'umask' statement is to ensure my cronned script will be able to remove the directory created by 'nobody' later. A better approach would be to use suPHP and keep permissions tight.
The 'md5(crypt())' generates a random (unique) string for the temporary download.
One can setup the above so that a script can run from a link:
<a href="download.php?avideo.mpg">Download 'A Video'</a>
- Creates a directory such as:
/home/user/public_html/files/976d563b71/ - Creates a symlink in this directory:
amovie.mpg -> /home/user/files/amovie.mpg
- Redirects the visitor to http://my.website.com/files/976d563b71/amovie.mpg
This will behave like the real video, even though the data itself is outside of the 'web' directory.
Now comes to 'cleaning up'. A simple script cronned every 5 minutes such as (PHP again):
$root="/home/user/public_html/download"; if ($handle = opendir($root)) { while (false !== ($dir = readdir($handle))) { if ($dir != "." && $dir != ".." && $dir != ".htaccess" && $dir !== "index.php") { $made=filectime("$root/$dir"); $now=time(); $diff=($now-$made)/60; if ($diff > 5) system("rm -r $root/$dir"); } } closedir($handle); }
All that is left is to make the index.php on /home/user/public_html/files/ a simple redirect to your front page, and a .htaccess with an ErrorDocument 404 pointing to your front page (or an anti-leech page - be imaginative).
Then you will have a compact system which will be creating symbolic links per request, which will only last 5 minutes, and are pretty unique.