[edit] Synopsis

This module is not distributed with the Nginx source. See the installation instructions.

This module denies access unless the request URL contains an access key. Keys can correspond to remote IP addresses or other variables, so that downloads may be dynamically restricted to certain clients.

Example configuration:

location /download {
  accesskey             on;
  accesskey_hashmethod  md5;
  accesskey_arg         "key";
  accesskey_signature   "mypass$remote_addr";
}

A client might then be directed to, e.g., http://example.com/download/file.zip?key=09093abeac094.

[edit] Directives

[edit] accesskey

syntax: accesskey [on|off]

default: accesskey off

context: main, server, location

Enables access-key restrictions.

[edit] accesskey_arg

syntax: accesskey_arg "string"

default: accesskey "key"

context: main, server, location

The URL argument that contains the access key.

[edit] accesskey_hashmethod

syntax: accesskey_hashmethod [md5|sha1]

default: accesskey_hashmethod md5

context: main, server, location

Whether to use MD5 or SHA-1 for key creation.

[edit] accesskey_signature

syntax: accesskey_signature "string"

default: accesskey_signature "$remote_addr"

context: main, server, location

The string to hash to create an access key. Include the $remote_addr variable to make keys unique to client IP addresses. Be sure to include a secret phrase as well to protect the integrity of your keys. (E.g. "myPassWord$remote_addr".)

[edit] Installation

Download the module source here: File:Nginx-accesskey-2.0.3.tar.gz

Unpack, edit the "config" file, replace "$HTTP_ACCESSKEY_MODULE" with "ngx_http_accesskey_module", and then compile nginx with:

 ./configure --add-module=path/to/nginx-accesskey

[edit] Credits

Originally developed for OWOX project