You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Boyle Owen <Ow...@swx.com> on 2006/04/12 09:16:28 UTC

RE: [users@httpd] Restricting the number of times a file canbedownloaded.

> -----Original Message-----
> From: david0005 [mailto:david0005@optusnet.com.au] 
> Sent: Mittwoch, 12. April 2006 06:00
> 
> I am actually well aware of all of the technical meanings of the word
> bandwidth. However, I was using the word in the colloquial 
> sense -- that
> is bandwidth as a limited commodity which costs money.

Err... this is a technical mailing list about HTTP; bandwidth has a very precise meaning in that context. If you use it in a "colloquial sense" you are bound to confuse...

> 
> After a certain limit my host charges by the megabyte. So I 
> do not want
> to pay for anyone to view this video clip, just the people that I send
> the link to. So yes I am talking about controlling access. 

This makes things much clearer (at last). In this case, I would suggest you simply put the resource in it's own directory and password protect it with Basic Auth (see http://httpd.apache.org/docs/2.2/howto/auth.html). Then you give the user a username and password in the mail you send. If you like, you can even put the username and passwd in the URL (see http://www.devx.com/tips/Tip/5604). However, this won't stop password-sharing so you might write a short CGI that scrubs the user from the password file after they've accessed the file.

Alternatively, you could limit access by IP or domain (see http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow) but you'd have to know in advance the IP/domain that clients would come from. 

To do the job "properly", you will eventually need server-sided logic (CGI, PHP, ASP, JSP, etc.). The URL would lead to a handler that would keep count of the number of downloads per client and control access directly. You'd need a way of identifying clients (eg, cookies) and of maintaining state (eg, DB, file..). It's non-trivial.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


> However I do
> not care if a recipient emails the video clip as an attachment to a
> friend. I just do not want that friend accessing my web 
> server. Making a
> scalar count of the number of times the file has been downloaded would
> also serve my purpose as it would allow me to cap the 
> bandwidth cost of
> this mail out. I am not concerned about the number of concurrent
> connections so I do not need throttling. I am concerned about 
> minimising
> the number of megabytes of data delivered by my web server.
> 
> > Now I'm even more confused... Are you talking about 
> controlling access? (ie, you
> >  don't want someone who gets a copy of the mail to
> >  access the file?)
> 
> Yes. But I don't care if they receive the file as an attachment.
> 
> Regards,
> 
> David
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org