Nginx secure link module with TTL

Brice Figureau brice+nginx at
Sun Jul 19 13:23:34 MSD 2009


I'm proud to announce the release of a nginx patch (not an external 
module) to add an expiration system to the nginx secure link module 
system. The idea is to attach a timestamp to the url, and nginx can 
check the url has expired (in which case the access to the download is 

All the gory details, including the patch, and with examples and PHP 
snippets to compute the HMAC and the full url are in my blog article:

Igor: I'd really like this patch to be merged to nginx, I'm ready to 
help if you're interested. The patch is small, and works in production 
on several site with load without any issue. Nginx configuration is 
completely compatible with secure link deployement without TTL.
Also I'm really sure there a lots of people wanting this feature (a 
quick check of the archive seems to reveal this).

Brice Figureau
My Blog:

More information about the nginx mailing list