Nginx Series Tutorial: Http Access Key Module

This module is not included in the Nginx official installation package.

This module blocks access to all URLs that do not contain legitimate access tokens (anti-theft chain). Access tokens can be generated by visitors ' IP or other server variables, so you can control the download behavior of the client well.

Configuration instance:

Location/download {
&http://www.aliyun.com/zixun/aggregation/37954.html ">NBSP; AccessKey on;
Accesskey_hashmethod MD5;
Accesskey_arg "Key";
Accesskey_signature "Mypass$remote_addr";
}

The user can get the download address like this: http://example.com/download/file.zip?key=09093abeac094.

Instructions

AccessKey

Statement: accesskey [On|off]

Default: AccessKey off

Can be used in: Main, server, location

Turn on the Access-key function.

Accesskey_arg

Statement: Accesskey_arg "character"

Default: AccessKey "Key"

Can be used in: Main, server, location

The URL contains the get parameter for the access key.

Accesskey_hashmethod

Statement: Accesskey_hashmethod [MD5|SHA1]

Default: Accesskey_hashmethod MD5 (MD5 encryption by default)

Can be used in: Main, server, location

Encrypt access key with MD5 or SHA1.

Accesskey_signature

Statement: accesskey_signature "character"

Default: Accesskey_signature "$remote _addr"

Available in: Main, server, location

This value is used to generate the access key. (In other words, this value is encrypted with MD5 or SHA1). The reason for joining $REMOTE_ADDR is to have access key contact a specific machine (via an IP address). Be careful to add your own ciphertext to protect acccess key and prevent being cracked. (For example, "mypassword$remote_addr".) ）

Installation

First download the module source code: file:nginx-accesskey-2.0.3.tar.gz

Unzip, then edit the "config" file and replace "$HTTP _accesskey_module" with "Ngx_http_accesskey_module". Then compile:

./configure--add-module=path/to/nginx-accesskey