Secure static media access in a Django site

Question

I\'m building a site where registered users can upload files. Those files are then served via Apache. Only users who are logged in should be able to access those files.

Answer 1

The usual way to do this is to pass back a special header to the web server.

You can do it with nginx using x-accel-redirect as in this Django snippet.

For Apache, it should be pretty similar using the mod_xsendfile module (discussion and examples on Django users mailing list).