$secure_link_expires

Description

The `$secure_link_expires` variable in NGINX holds the expiration time for a secure link, specifically defined when the `secure_link` directive is used. This variable is typically set alongside the `$secure_link` variable, which generates a unique signature for secure URL access. The expiration time it returns is defined in Unix timestamp format, indicating when the secure resource will no longer be accessible. If not set explicitly, it defaults to 0, making the link valid indefinitely unless restricted through configuration settings. When using the `$secure_link` mechanism, you typically define both the link and its expiration to offer temporary access to resources. The expiration time can be set by the `expires` parameter in the `secure_link` directive, which is specified in your NGINX configuration. By providing appropriate expiration values, such as the current time plus some valid duration (like one day in seconds), you can effectively manage access to resources based on time-sensitive parameters. This variable can be useful in scenarios where you want to enforce time-limited access to files, such as media content, download files, or other sensitive resources. By combining it with access control directives, you can create secure, short-term links for authenticated user access, enhancing your application's security profile.

Config Example

location /protected {
    secure_link $arg_md5,$secure_link_expires;
    secure_link_md5 "$uri$time$key";
    if ($secure_link = 0) {
        return 403;
    }
}