This module is not included in the Nginx official installation package.
This module blocks access to all URLs that do not contain legitimate access tokens (anti-theft chain). Access tokens can be generated by visitors ' IP or other server variables, so you can control the download behavior of the client well.
Configuration instance:
Location/download {
&http://www.aliyun.com/zixun/aggregation/37954.html ">NBSP; AccessKey on;
Accesskey_hashmethod MD5;
Accesskey_arg "Key";
Accesskey_signature "Mypass$remote_addr";
}
The user can get the download address like this: http://example.com/download/file.zip?key=09093abeac094.
Instructions
AccessKey
Statement: accesskey [On|off]
Default: AccessKey off
Can be used in: Main, server, location
Turn on the Access-key function.
Accesskey_arg
Statement: Accesskey_arg "character"
Default: AccessKey "Key"
Can be used in: Main, server, location
The URL contains the get parameter for the access key.
Accesskey_hashmethod
Statement: Accesskey_hashmethod [MD5|SHA1]
Default: Accesskey_hashmethod MD5 (MD5 encryption by default)
Can be used in: Main, server, location
Encrypt access key with MD5 or SHA1.
Accesskey_signature
Statement: accesskey_signature "character"
Default: Accesskey_signature "$remote _addr"
Available in: Main, server, location
This value is used to generate the access key. (In other words, this value is encrypted with MD5 or SHA1). The reason for joining $REMOTE_ADDR is to have access key contact a specific machine (via an IP address). Be careful to add your own ciphertext to protect acccess key and prevent being cracked. (For example, "mypassword$remote_addr".) )
Installation
First download the module source code: file:nginx-accesskey-2.0.3.tar.gz
Unzip, then edit the "config" file and replace "$HTTP _accesskey_module" with "Ngx_http_accesskey_module". Then compile:
./configure--add-module=path/to/nginx-accesskey