Migrating from Lighttpd : mod_secdownload show-stopper ?

Pedro Melo melo at simplicidade.org
Fri Feb 11 12:54:25 MSK 2011

On Thu, Feb 10, 2011 at 6:22 PM, Reinis Rozitis <r at roze.lv> wrote:
>> Do you have any advices/ideas to help me mimick Lighty's
>> "mod_secdownload", please ? Actually, my application produce links like this
>> one :
>> /$prefix/$path/to/file.mp4/$hash/$timestamp
> One way to work arround this would be to use X-Accel-Redirect  (
> http://wiki.nginx.org/XSendfile) and rewrite (or with try_file) requests to
> some script (like php, perl or ruby) and make the decision on application
> level (would require just few lines of code to verify the hash/timestamp but
> you could even check against DB etc) while still pushing the file directly
> through nginx.
> Few articles:
> http://kovyrin.net/2006/11/01/nginx-x-accel-redirect-php-rails/
> http://kovyrin.net/2010/07/24/nginx-fu-x-accel-redirect-remote/

FYI, this was the route I choose when I switched from Lighttpd to
nginx. I also used mod_secdownload a lot.


Pedro Melo
xmpp:melo at simplicidade.org
mailto:melo at simplicidade.org

More information about the nginx mailing list