A protectserve URL is made up of the following components:
- filepath = The path to the file you're serving, this must be uploaded to your /Protected/ folder.
- rules = this is a set of key / value pairs which control URL access, seperated by semi-colons
- hash = an HMAC-256 hash comprised of the rules and your secret key obtained from cachefly, which ensures your rules cannot be tampered with.
- Set this to a value in seconds since unix epoch time (unix time()) format at which point this object will expire, example: expiretime=1123369886 To ensure this works properly, ensure that your server which generates your links keeps it's time sync'd via NTP.
- Set this to the base64 encoded URL which you would like to send visitors to if the conditions set in the rules are not met, or if the hash is tampered with.
- Set this to the authorized remote ip address.
A ProtectServe URL looks like this:
Example PHP Code to generate a ProtectServe URL which expires in 1 minute:
$secret = "mysecret";
$filepath = "paidcontent.wmv";
$splashpage = "http://www.website.com/protected.php";
$b64splash = base64_encode($splashpage);
$expiretime = time() + 60;
$user_ip = $_SERVER['REMOTE_ADDR'];
$rules = "expiretime=$expiretime;ip=$user_ip;badurl=$b64splash";
$hash = hash_hmac('sha256',$rules . $filepath, $secret, FALSE);
$link = "http://username.cachefly.net/Protected/$rules/$hash/$filepath";