[consulting] scaling sites with restricted downloads
Gary Feldman
dpal_gaf_consult at marsdome.com
Fri Mar 31 03:17:39 UTC 2006
Anton wrote:
>On 31/03/06, Laura Scott <laura at pingv.com> wrote:
>
>
>>1) We're about to build two different music community sites that are going
>>to need to start small but (obviously) be able to scale. Controlling access
>>to uploaded mp3s etc. will be key aspects of this install. To (hopefully)
>>reduce their server needs -- because, after all, they're musicians and thus
>>aren't exactly flush -- I'm considering using public fileserver settings,
>>and chmod-ing the folder to limit access to only via Drupal. Would that
>>work? Are there limitations to this approach?
>>
>>
>
>Hi Laura, I don't think that will work. From the filesystems
>perspective it is Apache that is accessing it, not Drupal. It won't be
>able to tell the difference between a standard Apache request and a
>Drupal request - both are controlled with the Apache user account.
>
>That is the situation in general, but there maybe a few tricky addons
>to Apache that can do suid type stuff for PHP requests. I haven't
>tried any though.
>
Couldn't you set up basic authentication for the folder from the Apache
side, with no intent of actually using it that way? Drupal (or more
precisely, PHP) would still be able to access the directory.
Gary
More information about the consulting
mailing list