lighttpd自带一个叫mod_secdownload的模块,是通过lighttpd这个web server来构造一个虚拟的url给用户,并且这个虚拟的url会自动超时失效,从而实现防盗链功能。

从官方文档可以看到secdownload构造的url为:

?View Code TEXT
The generated URL has to have the format:
 
<uri-prefix>/<token>/<timestamp-in-hex>/<rel-path> 
which looks like "yourserver.com/bf32df9cdb54894b22e09d0ed87326fc/435cc8cc/secure.tar.gz"
<token> is an MD5 of
a secret string (user supplied)
<rel-path> (starts with /)
<timestamp-in-hex>

php例子:

?View Code PHP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

<?php
 
$secret = "verysecret";  //加密字符串,必须跟lighttpd.conf里边保持一致
$uri_prefix = "/dl/";    //虚拟的路径,必须跟lighttpd.conf里边保持一致
 
# filename
$f = "/secret-file.txt";  //实际文件名,必须要加"/"斜杠
 
# current timestamp
$t = time();
 
$t_hex = sprintf("%08x", $t);
$m = md5($secret.$f.$t_hex);
 
# generate link
printf('<a href="%s%s/%s%s" mce_href="%s%s/%s%s">%s</a>',
       $uri_prefix, $m, $t_hex, $f, $f);
?>

lighttpd.conf的配置

?View Code TEXT
server.modules = ( ..., "mod_secdownload", ... )
 
secdownload.secret          = "verysecret"   #加密字符串
secdownload.document-root   = "/home/www/servers/download-area/"  #文件存放目录
secdownload.uri-prefix      = "/dl/"  #虚拟的路径
secdownload.timeout         = 120   #文件下载超时时间,默认为60秒

详细可以看官方文档:http://trac.lighttpd.net/trac/wiki/Docs%3AModSecDownload 相关文章: