The two modules that Lighttpd offers require that a user must first get permissions to download, and have to do so within a specified window of time after which the permission times out. The difference is in the way of getting permission: mod_trigger_b4_dl
just defines a trigger URL that a user must visit before the download is permitted, while mod_secdownload
validates against a token to be created by a backend application (for example, our login for paying customers). Therefore, we can use mod_trigger_b4_dl
to fight deep linking and mod_secdownload
to differentiate between user groups.
First, let us start with mod_trigger_b4_dl
. Let us presume that we want everyone to view (well, we cannot really control that, but at least download) a certain advertisement, for example, an image at the path /ads/342hgf.gif
, before they can access any of our high-quality content within the next 10 seconds. We can get this to work with the following configuration:
server.modules += ("mod_trigger_b4_dl...