Nginx-accesskey Usage Records

Nginx third-party module ngx_http_accesskey_module to implement the download file anti-theft chain 1, the specific installation tutorial: HTTP://WWW.CNBLOGS.COM/TINYWAN/P/5983694.HTML/2, Nginx configuration file

Location/hls {                Alias/tmp/hls;        }
location/download {           accesskey on             ;           Accesskey_hashmethod  MD5;           Accesskey_arg         "key";           #accesskey_signature   "password$remote_addr";           accesskey_signature   "PASSWORD121.1.206.18/1";           Alias/tmp/hls;        }

which
AccessKey is a module switch;

Accesskey_hashmethod for encryption MD5 or SHA-1;

Accesskey_arg is the keyword parameter in the URL;

Accesskey_signature is the encrypted value, which is a string of mypass and access IP. I am in this is set to the specified IP address, in order to let only that one IP address can play the stream can either

/download for you download the directory "has turned on the anti-theft chain"

/hls "No anti-theft chain" in place for m3u8 to store files

It can be seen that the two modules of the common one folder/tmp/hls;

3. Test permissions

Pass Curl Test

"1" gets the MD5 encryption value:

[email protected]:/home/www# echo-n Password121.1.206.18
c7e2d8f498920f1a86e4c95d4a58a27e -

MD5 encryption value is: c7e2d8f498920f1a86e4c95d4a58a27e

Echo-n does not output line breaks, md5sum encryption method

"2" did not bring the test results: 403 Forbidden

[email protected]:/home/tinywan$ curl-i/HTTP IP address (here is the live node IP address)/download/s0000_8.m3u8http/1.1 403 Forbiddenserver:nginx/1.8.1date:fri, Oct 07:46:07 gmtcontent-type:text/htmlcontent-length:168connection: Keep-alive<HTML><Head><title>403 Forbidden</title></Head><Bodybgcolor= "White"><Center><H1>403 Forbidden</H1></Center><HR><Center>nginx/1.8.1</Center></Body></HTML>

"2" carry the test result of the correct key: can get to the m3u8 file under the HLs file

[Email protected]:/home/www# curl-i http//IP address (here is the live node IP address)/download/s0000_8.m3u8?key= c7e2d8f498920f1a86e4c95d4a58a27ehttp/1.1 Okserver:nginx/1.8.1date:fri, Oct 07:26:39 GMTContent-Type: Application/vnd.apple.mpegurlcontent-length:255last-modified:fri, Oct 07:26:34 Gmtconnection:keep-aliveetag : "5809c32a-ff" accept-ranges:bytes#extm3u#ext-x-version:3#ext-x-media-sequence:368#ext-x-targetduration:5# extinf:5.013,s0000_8-368.ts#extinf:5.013,s0000_8-369.ts#extinf:5.014,s0000_8-370.ts#extinf:5.013,s0000_8-371. Ts#extinf:5.013,s0000_8-372.ts#extinf:5.014,s0000_8-373.ts

Test result for "3" carrying the wrong key: 403 Forbidden

[Email protected]:/home/tinywan$ curl-i http//IP address (here is the live node IP address)/download/s0000_8.m3u8?key= C7e2d8f498920f1a86e4c95d4a58a271234http/1.1 403 Forbiddenserver:nginx/1.8.1date:fri, OCT 2016 07:46:07 Gmtcontent-type:text/htmlcontent-length:168connection:keep-alive<HTML><Head><title>403 Forbidden</title></Head><Bodybgcolor= "White"><Center><H1>403 Forbidden</H1></Center><HR><Center>nginx/1.8.1</Center></Body></HTML>

The key value is based on the user's IP, so you can avoid being hotlinking.

Nginx-accesskey Usage Records