Control of Web site video resources-access to video via URL is forbidden

Source: Internet
Author: User

general static file download is not through PHP, directly from the Web server sent to the client. But sometimes need to implement the file download permissions control, and so on, need to pass the PHP program to do permission verification. The simple and rude approach is to verify the permissions in the PHP program, and then read the contents of the file before sending it to the client. This approach does satisfy the requirements, but it is clear that sending static file content from PHP is far less efficient than sending static files directly from the Web server and consumes more resources. How can we implement dynamic permission verification and send static files efficiently? Such demand is certainly not an exception, and it is quite common. So, there is the Apache mod_xsendfile module, as well as the Nginx x-accel.

Apache Mod_xsendfile Module Homepage: https://tn123.org/mod_xsendfile/
In Debian, you can install this module directly apt-get install Libapache2-mod-xsendfile.
Note In Debian6, the Xsendfile module version in apt Warehouse is 0.9, while Xsendfilepath, xsendfileignorelastmodified, and Xsendfileignoreetag The directive was introduced in version 0.10. Therefore, the use of the Xsendfilepath command in version 0.9 will appear "Invalid command ' Xsendfilepath ', perhaps misspelled or defined by a module not included in T He server Configuration "error, the workaround is to use the 0.9 introduction of the XSENDFILEALLOWABOVE directive, or upgrade the Xsendfile module to the latest version(Recommended upgrade version)

Nginx X-accel Home:http://wiki.nginx.org/X-accel
Nginx does not need to install additional modules, directly configured on the line.
Note in Nginx, when the X-accel-redirect header is set, Nginx removes the backend application custom header (such as X-abc-def), leaving only the headers of some special back-end application settings (such as Content-type, Content-disposition, etc.), so there is no way to send a custom response header to the client. To prevent this from happening, you need to do some setup:

Location/protected/ {   internal;    /opt/www/files/;   Add_header X$upstream _http_x_abc_def;}

attention is $upstream _http_x_abc_def, not $upstream _x_abc_def
This will be able to tell Nginx to send static files, but also to send a custom HTTP response header

Control of Web site video resources-access to video via URL is forbidden

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.