Rewrite module and secure download

gog nginx-forum at
Thu Jan 14 16:28:43 MSK 2010

I stumbled upon the exact same problem today while moving our site from Lighttpd to nginx.

This is how we solved it:

Link to our protected files look like this:


and this is our location directive:

        # PDF download
        location /pdf {
            secure_download on;
            secure_download_secret $request_addr;
            secure_download_path_mode file;
            if ($uri ~ "^/pdf/(.+\.pdf)$") {
                set $filename $1;
            add_header Content-Disposition "attachment; filename=$filename";

As you can see from the example we are extracting the filename from the request uri and setting the appropriate header.

Posted at Nginx Forum:,30777,41125#msg-41125

More information about the nginx mailing list