Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Don Y Newsgroups: sci.electronics.design Subject: Re: Chinese downloads overloading my website Date: Thu, 7 Mar 2024 12:40:32 -0700 Organization: A noiseless patient Spider Lines: 32 Message-ID: References: <7qujui58fjds1isls4ohpcnp5d7dt20ggk@4ax.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Date: Thu, 7 Mar 2024 19:40:40 -0000 (UTC) Injection-Info: dont-email.me; posting-host="413e233e00eb8789d7cf8b4b19b5637a"; logging-data="1288706"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19C2vCB1YuLYL5E0bNbRWoW" User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Cancel-Lock: sha1:aYX/Wo2xNEx6DBYFcit57zXA6Kw= Content-Language: en-US In-Reply-To: <7qujui58fjds1isls4ohpcnp5d7dt20ggk@4ax.com> Bytes: 2367 On 3/7/2024 10:49 AM, legg wrote: > Got a note from an ISP today indicating that my website > was suspended due to data transfer over-use for the month. (>50G) > It's only the 7th day of the month and this hadn't been a > problem in the 6 years they'd hosted the service. > > Turns out that three chinese sources had downloaded the same > set of files, each 262 times. That would do it. > > So, anyone else looking to update bipolar semiconductor, > packaging or spice parameter spreadsheets; look at K.A.Pullen's > 'Conductance Design Curve Manual' or any of the other bits > stored at ve3ute.ca are out of luck, for the rest of the month . > > Seems strange that the same three addresses downloaded the > same files, the same number of times. Is this a denial of > service attack? Of sorts. You might look at the *times* to see if it looks "mechanical" or "human initiated". You could change your "service" to one that delivers *requested* content; email driven so you can insert your own metering function in that loop. Or, a combination of the two -- hide the content and return a one-time, unique, time-limited URL as the result of an *approved* email request... [Or, you can *hide* your site and only make it available by invitation]