Downloadable products on Apache server with Nginx reverse proxy

  • Resolved developer1234321

    (@developer1234321)


    1 year, 11 months ago

    I am trying to make a woocommerce website where I have downloadable products (which can be large in size). My host is siteground.com. Siteground runs an Apache server with Nginx reverse proxy acting as a cacher. Because of the large size of the files, I want to use X-sendfile/X-Accel-Redirect for file delivery and not ForceDownload. Redirect is not an option because of lack of security.

    I have confirmed with siteground that mod_xsendfile is not installed and will not be installed so just setting woocommerce settings to use X-sendfile would failover to ForceDownload based on the logs which is not great given the large file sizes. However, siteground support suggested that because of the Nginx proxy, X-Accel-Redirect might achieve the same result. I modified the code in woocommerce/includes/class-wc-download-handler.php to explicitly use X-Accel-Redirect (despite the server being Apache) and I can confirm that this does in fact deliver the files but ONLY if I also modify the .htaccess file in the wp-content/uploads/woocommerce_uploads to allow all request which obviously defeats the purpose of having secure downloads (anyone can just access the files as long as they know the address). If the .htaccess file is left to the default of “deny from all” I will get a 403 error using X-Accel-Redirect.

    Can anyone with knowledge of siteground in particular or reverse proxies in general tell me whether I can modify the .htaccess file in such a way to allow X-Accel-Redirect delivery while not allowing direct access to the files?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi,

    Not sure if I understood everything, but it appears you are looking for assistance with the following, is this correct?

    1. You are trying to create a WooCommerce website with large downloadable products, hosted on SiteGround.
    2. You wish to use X-sendfile/X-Accel-Redirect for file delivery instead of ForceDownload, as Redirect lacks security.
    3. SiteGround’s Apache server with Nginx reverse proxy setup doesn’t have mod_xsendfile installed, and it won’t be installed.
    4. After modifying the WooCommerce code, X-Accel-Redirect works but only if the .htaccess file allows all requests, compromising file security.
    5. You are looking for advice on modifying the .htaccess file to allow X-Accel-Redirect delivery while maintaining file security, particularly from someone familiar with SiteGround or reverse proxies.

    Regarding the X-Accel-Redirect/X-Sendfile:

    X-Accel-Redirect/X-Sendfile?– Downloads are handled by the server (nginx/apache). This method requires the X-Accel-Redirect/X-Sendfile module to be installed and enabled on the server. Confirm with your web host that one of these modules is installed before using this method. It’s the most reliable method because the file is served directly to the customer and gives you the best performance. Files are also protected by an?.htaccess?file, making it secure.

    Since the question is related to a specific host, and reverse proxy, I’d suggest asking your web host about it, I am assuming you did it, may I ask what was their response?.

    Let us know how that goes.

    Hi @developer1234321 ,

    We haven’t heard back from you in a while, so I’m going to mark this as resolved – we’ll be here if you need any further help with this.

    Cheers!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Downloadable products on Apache server with Nginx reverse proxy’ is closed to new replies.