Download Counter

Version

0.9.0

Contents

Download Counter

A standalone Python app to keep a tally of downloads from a website.

This app was developed for use with WordPress / NGINX / Ubuntu, but will probably work on other platforms with minimal alterations. Patches to support other common platforms are welcome.

Rationale

While there are several WordPress modules for managing downloads, in 2022 it seems that they are all large, complex modules aimed at e-commerce. From a security perspective, it is advantageous to avoid presenting a larger attack target than absolutely necessary, hence this small download counter utility.

What it does:

This app scans the server access logs and searches for downloaded files that match the given search criteria. When found, they are logged in an SQLite database, along with the download timestamp and a count of how many times the file has been downloaded.

Finally, the app generates an HTML page to display the database contents.

How it Works

Nginx logs all access traffic in its ‘access.log’. On a daily schedule the logs are rotated by default (Ubuntu / Nginx):

  • access.log -> access.log.1

  • access.log.1 -> access.log.2.gz

  • access.log.13.gz -> access.log.14.gz

  • access.log.14.gz -> deleted.

Each file downloaded from a website on the server has a log entry in the form:

Remote-IP - - [local-time-date] "GET /path/to/file.ext protocol"/
status-code bytes_sent "http-referer" "http-user-agent"

As (by default) the ‘access.log’ file only contains logs for the current day, this app should be run once per day (by a root cron job), immediately before log rotation. See the section “Log Rotation” for how to do this. (Alternatively, both ‘access.log’ and ‘access.log.1’ could be analyzed at any time of day, though this is much less efficient.)

From the log we need to find:

  1. lines containing the file search string

  2. with status code 200

  3. after the last time it was counted

The results are stored in an SQLite database, and written to an HTML file.