1

Is there something like mod_secdownload (which is available for lighttpd) also available for Apache 2.x?

The mod provides expiring URLs, so that it is possible to prevent hotlinking of files. A similar feature is used by Amazon S3.

The server application has to generate a hash with a secret code and an expiry timestamp so that URLs only live for a given duration of time.

The closest thing I could find is mod_auth_token, but that seems to be Apache 1.3 only.


Additional Hints:

  • As suggested by HD: mod_auth_token works great with Apache 2.x
  • If you need some hints on how to use it: Info Page at nixbit.com
BlaM
  • 3,816
  • 5
  • 26
  • 27

1 Answers1

2

Are you sure that mod_auth_token doesn't work with Apache2? I compiled the module with apache2-devel and also I see some apache2-mod_auth_token rpm packages in rpm.pbone.net

hdanniel
  • 4,253
  • 22
  • 25
  • Seems to actually work. Thought it was only Apache 1.x because I can't find absolutely NO documentation about it. Any hints? How do I use it? – BlaM Sep 27 '09 at 10:57
  • Great! It works! *jump* *happy* – BlaM Sep 27 '09 at 11:09