I run a file hosting platform, and am struggling to work out how to handle IDM (internet download manager) connections.
When a file is requested, I create a download token, which expires after 10 download attempts, however IDMs just KEEP making requests, literally hundreds per minute. And I can’t figure how to tell them to “stop” trying to open new connections, and just use the 10 you have open.
The problem is, to prevent attacks, I also have rate limiting, and due to the vast numbers of requests these IDMs make, legitimate users are often getting rate limited and they don’t understand why.
I can’t find any info only at all about how to correctly let IDMs know there is a limit on connections, or that the token has expired, or that they risk being blocked if they keep makign requests…
Has anybody encountered anything like this before?