How to prevent a single IP from downloading traffic?

Please ask a question
My server was downloaded with 300G of traffic in one day.
I saw that the IP was downloaded from a single IP, but the next day it was downloaded from another IP. Change the IP the next day

The server stopped due to arrears within a few days
How to prevent this problem

How to judge and handle it using PHP or JAVA

Reply content:

Please ask a question
My server was downloaded with 300G of traffic in one day.
I saw that the IP was downloaded from a single IP, but the next day it was downloaded from another IP. Change the IP the next day

The server stopped due to arrears within a few days
How to prevent this problem

How to judge and handle it using PHP or JAVA

Is a single download link under attack or is it unstable?

If the attack is caused by constantly changing the download address, you can consider using the firewall iptables or third-party traffic control software in the Linux environment.

The following are several recommended iptables configuration blog posts for reference.

iptables automatically blocks malicious high-traffic IPs
iptables settings to limit traffic
How to use IPtables to limit network traffic (4)

Put the IP into a map and clear the map once every day at 0 o'clock. When downloading, you can judge whether it has been downloaded. Of course, you can also control the number of times. After how many times it has been downloaded, it will no longer be downloaded.

I researched this issue and saw that nginx has this functional module, https://www.nginx.com/resourc..., I won’t translate it into English.
+++Separation line 1, time: 2016-10-9 10:30:34+++
I feel that the answer to the question is still not perfect enough. The traffic of http requests should be divided into two types: request and response. Access is restricted through nginx This function can only solve the problem that requests from specified IP are not processed and the response does not return data. It can probably reduce about 90% of the traffic. Then the remaining 10% of the request traffic is processed as early as possible. I saw other people’s answers and used it. Iptables limits, which is one step earlier than nginx processing. It is a solution, but it is not perfect yet. Is there a better solution? As I just said, the sooner it is dealt with, the better. You can ask the server provider to implement IP filtering restrictions at the routing level. Well, this requires relatively large authority to do, and it may also be related to the network planning flexibility of the server provider you are using. , so is there a more awesome way? Of course there is. Every time he is redirected to the download address of a large domestic Internet company's large file (already CDN accelerated), I can't say this address. Now it can be done in one line. The code fixes the header("Location: https://www.qunimabi.com/bigf... ").
+++Separating line 2, time: 2016-10-9 10:46:05+++
It said that it can be done with one code, but it still feels unscientific. It is best to use the lua module of nginx to determine whether the specified IP is in the blacklist. Then add header to redirect to the large file download address.