HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Question about offering downloads/downloads module

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#69283 (In Topic #14673)
Avatar

Fan in action

Hi.

I've been reading and searching but didn't find answer i'm looking for.

Download system i used was PHCDownload and it was actually pretty good.But also that system was not "protected" enough.

My question is that when i offer download, can that link be "abused"? I mean that if someone uses wget or any other aggressive method/download manager for downloading and that opens thousands of connections and eventually uses server CPU like there is no tomorrow and site is hammered down and provider closes it again..

Also in PHCDownload there was cool feature what calculated checksums, does ocPortal download module same?

I have really slow upstream and small to huge files i'm going to offer using downloads module. It would be really usefull if i can verify checksums that file is not corrupted etc and also downloader can verify file after download is completed.

Hope this was not too confusing question as my English skills are sometimes abit "buggy" :)
(many more to come, so be prepared to answer my possibly "stupid" questions :lol: )
Back to the top
 
Posted
Rating:
#69285
Avatar

Sorry, those are pretty specific things so there's currently no support.

I'd say that DOS protection like that should be done at a Firewall kind of level rather than the software level.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#69286
Avatar

Fan in action

Thanks for replying.

I hope i can gather enough knowledge and protect downloads/my site against this possible scenario.

If i ever get to know how to make/enhance existing plugins i do that checksum "field"
Back to the top
 
Posted
Rating:
#69291
Avatar

Community saint

Hi Tinfoil_Hat  (such a cool name:cool:)
You can supply an existing URL instead of uploading to the server.

File hosting Services such as hotfile.com can probably give you the peace of mind you’re looking for, while making certain that your bandwidth is never abused. If you intend to offer several large files, paying a small monthly fee would allow other users to download your files with the same privileged fast speed.
I’m subscribing to Hotfile to fetch large downloads and I like their excellent server speed, but I have never used their upload service, so I cannot vouch for it. It could be worth considering and I would do so if the download section on my site becomes too active.:)
Back to the top
 
Posted
Rating:
#69293
Avatar

Fan in action

Thanks, that name (Tinfoil Hat) has long traditions :D

Thanks for suggestion, i'm going to look that service.

Also i think i may have found solution for protecting entire site against "hammering". It needs some modifications and then i upload it to server and do testing.

If that works the way i hope it does, then i tell more about it. IMO it feels bad to "advertise" and i personally don't like that :)

EDIT: those files i host/mirror has huge "audience" average when my previous system was active was +300GB/month of traffic.


Last edit: by Tinfoil_Hat
Back to the top
 
Posted
Rating:
#69418
Avatar

Fan in action

Sadly i couldn't make it work as i'm on shared hosting :/

I asked from my provider and tehy can't enable usage for:
php_value auto_prepend_file.

I have to switch to VPS or dedicated to use that and ATM it's not possible.
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: