X-sendfile or x-accel-redirect

Has anyone had any luck enabling either Apache2’s X-Sendfile or Ngninx’s X-Accel-Redirect initiated from php inside the default public_html for a domain that tries to send a protected file from say for example the private directory in the domain folder for a user? I have tried every solution I can find on Google such as:
Add XSendfile On and XSendfilePath set to the domain folder the private folder inside of that as well as the users home folder.
I have put tried all of those in template files under /use/local/Heston/data/templates/web/apache2/<customeTemplate[.tpl|.stpl]> and chose that template for the domain and have restarted apache2 and hestiacp after every attempt. I also did much of the same with the Nginx as well. I also tried placing the necessary lines in both the location or directory blocks as well as at the virtual host and server blocks. I have even tried htaccess. The only error I sometimes see in the logs is that it says the it will not send a file outside of the root and then sends a 404. Sometimes the request in the browser shows a 404 sometimes it shows a empty file of 0 bytes. I have confirmed php has access because I overroad the openbaseDir setting to allow /private for the time being. I can use readfile however that drastically reduces performance and breaks with large files. I really could use some direction because although I don’t know how or why it seems that the configuration will not allow me to send files outside of the document root. I even tried setting it up briefly to be inside public_html and it still 404’d so I don’t know where my configuration may be going wrong but a simple guide with example configuration files and php and an outline of the directory structure form a working example would set me on my way to getting it setup right. I would greatly appreciate anyone’s help with this. Thanks again.

I know we use in Hestia:

And the nginx config looks like:

I never used it outside Hestia

That helped. I ended up moving the directory to the public_html domain folder. I then mapped the directory name to an internal location of the same name with a mapping very similar to that Nginx config. I used the default include file formatting ‘nginx.conf_xaccelredirect’ and I had to remove the trailing slashes for the root path which is an absolute path to directory. Because I always use Nginx and apache I opted to making sure the firewall does not allow direct access to 8080 or any of the apache2 ports. With those changes the files can now be served via the php header 'X-Accel-Redirect: ’ with the directory name and then the path to the authorized file. I have confirmed that accessing the directory directly results in the expected 404 I have also be able to access the file from the php now too. Its likely better to use Nginx to guard this directory rather than the fs or any other means since it is served just after some php authorization checking. Thanks for your help it set me in the right direction.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.