{"id":1930,"date":"2018-10-29T06:38:59","date_gmt":"2018-10-29T06:38:59","guid":{"rendered":"https:\/\/www.appservgrid.com\/paw92\/?p=1930"},"modified":"2018-10-31T09:36:45","modified_gmt":"2018-10-31T09:36:45","slug":"mod_auth_token-installation-in-apache-linuxadmin-io","status":"publish","type":"post","link":"https:\/\/www.appservgrid.com\/paw92\/index.php\/2018\/10\/29\/mod_auth_token-installation-in-apache-linuxadmin-io\/","title":{"rendered":"mod_auth_token Installation In Apache &#8211; LinuxAdmin.io"},"content":{"rendered":"<p>mod_auth_token is a apache module that can be used to sign URLs, using this it can create time based urls that expire after a certain amount of time. It will prevent hot linking as the URLs will expire. This is particularly useful with video and image sharing.<\/p>\n<p>To get started you will need to have an Apache installation already present. If you need to set this up please set <a href=\"https:\/\/linuxadmin.io\/compile-apache-2-4-source\/\">Compile Apache 2.4 From Source<\/a>.<\/p>\n<h3>Install mod_auth_token:<\/h3>\n<p>First ssh into the server and get the required packages:<\/p>\n<p>cd \/usr\/src; wget https:\/\/storage.googleapis.com\/google-code-archive-downloads\/v2\/code.google.com\/mod-auth-token\/mod_auth_token-1.0.5.tar.gz<\/p>\n<p>Un-compress the archive:<\/p>\n<p>tar xfvz mod_auth_token-1.0.5.tar.gz<\/p>\n<p>Go into the directory<\/p>\n<p>cd mod_auth_token-1.0.5<\/p>\n<p>Configure it:<\/p>\n<p>.\/buildconf &amp;&amp; .\/configure<\/p>\n<p>Install It:<\/p>\n<p>make &amp;&amp; make install<\/p>\n<p>Restart Apache to make sure it loads without a error:<\/p>\n<p>service httpd restart<\/p>\n<p>Make sure the module is loaded:<\/p>\n<p># httpd -M 2&gt;&amp;1|grep auth_token<br \/>\nauth_token_module (shared)<\/p>\n<p>You should see auth_token_module in the results<\/p>\n<h3>Configure Apache for mod_auth_token<\/h3>\n<p>You will need to edit the apache configuration and add the following to the domain you want protected by mod_auth_token:<\/p>\n<p>&lt;Location \/download\/&gt;<br \/>\n# Secret key, can be anything random<br \/>\nAuthTokenSecret &#8220;randomstring&#8221;<br \/>\n# directory to protect<br \/>\nAuthTokenPrefix \/protected\/<br \/>\n# Timeout length, this is in seconds<br \/>\nAuthTokenTimeout 300<br \/>\n# limit requsts by IP<br \/>\nAuthTokenLimitByIp off<br \/>\n&lt;\/Location&gt;<\/p>\n<p>Restart Apache again:<\/p>\n<p>service httpd restart<\/p>\n<p>To test that it is working create a php file to generate a URL<\/p>\n<p>&lt;?PHP<\/p>\n<p>$secret = &#8220;randomstring&#8221;; \/\/ AuthTokenSecret<br \/>\n$directory = &#8220;\/[protected\/&#8221;; \/\/ AuthTokenPrefix<br \/>\n$hexTime = dechex(time()); \/\/ Time in Hexadecimal<br \/>\n$url = &#8220;http:\/\/www.example.com&#8221;; \/\/ Replace this with the domain<br \/>\n$filename = &#8220;\/$filename&#8221;; \/\/ Filename<\/p>\n<p>$token = md5($secret . $filename. $hexTime);<\/p>\n<p>$url = $domainname . $protectedPath . $token. &#8220;\/&#8221; . $hexTime . $filename;<br \/>\nprint $url;<\/p>\n<p>?&gt;<\/p>\n<p>Go ahead and run that php script and it will output the URL, if you are able to access it. The module is working correctly. You can read more about mod_auth_token on <a href=\"https:\/\/code.google.com\/archive\/p\/mod-auth-token\/\">code.google.com<\/a><\/p>\n<p><a href=\"https:\/\/linuxadmin.io\/mod_auth_token-apache\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>mod_auth_token is a apache module that can be used to sign URLs, using this it can create time based urls that expire after a certain amount of time. It will prevent hot linking as the URLs will expire. This is particularly useful with video and image sharing. To get started you will need to have &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.appservgrid.com\/paw92\/index.php\/2018\/10\/29\/mod_auth_token-installation-in-apache-linuxadmin-io\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;mod_auth_token Installation In Apache &#8211; LinuxAdmin.io&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1930","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/1930","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/comments?post=1930"}],"version-history":[{"count":1,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/1930\/revisions"}],"predecessor-version":[{"id":2145,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/1930\/revisions\/2145"}],"wp:attachment":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/media?parent=1930"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/categories?post=1930"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/tags?post=1930"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}