$secure_link_expires
$secure_link_expires returns the expiration timestamp for a secure link in NGINX.
Description
The $secure_link_expires variable in NGINX holds the expiration time for a secure link, specifically defined when the secure_link directive is used. This variable is typically set alongside the $secure_link variable, which generates a unique signature for secure URL access. The expiration time it returns is defined in Unix timestamp format, indicating when the secure resource will no longer be accessible. If not set explicitly, it defaults to 0, making the link valid indefinitely unless restricted through configuration settings.
When using the $secure_link mechanism, you typically define both the link and its expiration to offer temporary access to resources. The expiration time can be set by the expires parameter in the secure_link directive, which is specified in your NGINX configuration. By providing appropriate expiration values, such as the current time plus some valid duration (like one day in seconds), you can effectively manage access to resources based on time-sensitive parameters.
This variable can be useful in scenarios where you want to enforce time-limited access to files, such as media content, download files, or other sensitive resources. By combining it with access control directives, you can create secure, short-term links for authenticated user access, enhancing your application's security profile.
Config Example
location /protected {
secure_link $arg_md5,$secure_link_expires;
secure_link_md5 "$uri$time$key";
if ($secure_link = 0) {
return 403;
}
}Ensure that the secure link directive is properly set up; otherwise, this variable may not return valid values.
Avoid relying on this variable for links that should be valid indefinitely unless explicitly defined to do so in the configuration.