secure_link
The 'secure_link' directive is used to protect resources by requiring a valid secure link for access.
Description
The 'secure_link' directive adds an extra layer of protection by ensuring that requests to certain resources include a secure token. This token is generated based on a specific URL and a secret key, enabling the server to verify the authenticity and validity of the request. This directive is particularly useful for media content or download files where you want to restrict unauthorized access.
When configured, the 'secure_link' directive checks for the presence of a secure link in the request URL. The secure link typically consists of a hash that is calculated using the requested resource's URL and a secret key along with an expiration time, ensuring that links cannot be reused indefinitely. If the secure link is valid, the request proceeds; if it's not valid or absent, access is denied.
The syntax of this directive allows for specifying the format of the secure link as well as the secret key used to generate it. The directive can be used in 'http', 'server', or 'location' contexts to control access to resources effectively, enhancing the overall security posture of the application.
Config Example
location /protected {
secure_link "$arg_md5$arg_time$uri";
secure_link_md5 "secret_key";
}Ensure the secret key used for hashing is kept confidential and secure.
Be cautious with the expiration time to prevent denial of service attacks by expiring links too soon or too late.