I need to create a site which has downloadable files in a library. The
site will be accessed via username/password login done in the Rails app.
However, I need the actual downloadable files to be protected as well.
I’ll be running the rails app on a mongrel cluster.
I’ve looked at using lighttpd as the web/proxy server and the
mod_secdownload module which looks nice. However, I’d rather not use
lighttpd is possible.
Ideally, I’d like to use Apache or nginx as the web/proxy server but the
lack a similar mod_secdownload module.
Does anybody have any recommendation on how to achieve protected
downloads without lighttpd or reverting to long random URLs (which is
not that secure).