|
|
|
|
|
|
by simonw
5971 days ago
|
|
|
nginx has a feature that's perfect for this kind of thing: x-accel-redirect (also available in other web servers): http://kovyrin.net/2006/11/01/nginx-x-accel-redirect-php-rai... The nginx team added another feature that's even more efficient for this recently (doesn't require a dynamic piece of code execution for each hit) - a module that creates "secure links" for protecting static resources: http://wiki.nginx.org/NginxHttpSecureLinkModule (I think this feature would be a lot more useful if you could create links that expire after a certain amount of time). Amazon S3 has a similar feature, which they call "query string authentication": http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.... - again, you can generate a link to a static resource which is signed with your secret key and will only work for a specific amount of time. Last I saw, that's how Basecamp deals with download links for private files. |
|
|