[consulting] scaling sites with restricted downloads
Mathieu Petit-Clair
mathieu at koumbit.org
Fri Mar 31 01:31:27 UTC 2006
Anton wrote:
> On 31/03/06, Laura Scott <laura at pingv.com> wrote:
>
>> 1) We're about to build two different music community sites that are going
>> to need to start small but (obviously) be able to scale. Controlling access
>> to uploaded mp3s etc. will be key aspects of this install. To (hopefully)
>> reduce their server needs -- because, after all, they're musicians and thus
>> aren't exactly flush -- I'm considering using public fileserver settings,
>> and chmod-ing the folder to limit access to only via Drupal. Would that
>> work? Are there limitations to this approach?
>
> Hi Laura, I don't think that will work. From the filesystems
> perspective it is Apache that is accessing it, not Drupal. It won't be
> able to tell the difference between a standard Apache request and a
> Drupal request - both are controlled with the Apache user account.
>
> That is the situation in general, but there maybe a few tricky addons
> to Apache that can do suid type stuff for PHP requests. I haven't
> tried any though.
>
Hi,
This seems right to me, but if your hosting provider let's you have
folders that are outside what Apache can access, a (php) script from
Drupal could be the only way to make the file publicly visible (and thus
control access). This could only be a matter of setting the right http
headers and doing a fopen() and fpassthru() ... (someone has to test
this out, though)
Hope it helps... (especially since this is my first post to this list :)
Mathieu
More information about the consulting
mailing list