I have CMS with a script that is executed for each file that is accessed in the folder /files.

I’ve set this up with a RewriteRule in /files/.htaccess

RewriteRule ^(.*) ../file_tracker?path=/$1

There two things the file_tracker.php script should do:

• Tracking: keep a log of how many times a file was accessed and when it was last accessed.
• Authorization: for instance files in /files/secure require a login-session.

When you have a script like this, you need to do much more, such as:

• Return a 404 status code if the file doesn’t exist – requires a file_exists check
• Output the correct MIME-type headers – this is a nightmare in PHP if you allow any filetype to be served
• Output sensible caching headers – custom E-tags?

I want this script to be as fast as possible because some pages have a lot of files, a 100ms overhead is already too much. Right now I’m thinking of a simple log to do the tracking, with a scheduled task that will do the bulk updates. Authorization will be more resource intensive but I guess I can’t avoid that. The last part I would like to have Apache do, since it seems to be very good at it: correct headers, E-tags for caching, and all that fanciness.

I’m pretty sure I can’t be the only one with this issue. Any suggestions?

Upd: I have no code to show because there is no relevant code. The things I could implement are so trivial it’s not even worth posting. This is an advance topic. ‘use header()‘ is not the kind of suggestions I’m looking for.

X-Sendfile would be the perfect solution, but it’s not enabled by default on most hosts, so I can’t rely on it.