Prevent direct access to files but allow download from site
nginx-forum at forum.nginx.org
Thu Mar 12 02:36:06 UTC 2020
I would generally say this is not possible in the way you describe it. There
are two ways, however, this could be implemented:
1. You use one-time links to content files: all content retrieval URLs will
get a parameter expires=X (how long the link should be valid) and a
signature (e.g., an HMAC with a secret only known to the NGINX server).
Retrieval won't go through mere file access, but a handler that verifies the
addtional parameters. If they check out, you redirect to an internal
location serving the file.
2. You use a session context: whenever a page validly serving a link to a
certain content is delivered, you set a cookie. Retrievals to files require
the cookie to be present. No cookie, no access.
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,287297,287305#msg-287305
More information about the nginx