Module mod_payment

This 3rd party module provides support for access control based on OpenPGP-secured micropayment tickets. Such tickets can be generated, for example, by the ePoint payment system, but this module is by no means limited to that single on-line payment solution.


Apache must be configured to identify requests for paid URIs.  mod_payment registers (with Apache) a handler type of payment for this purpose.

To configure Apache to handle all files (within the scope of the directive) as ones requiring payment:

SetHandler payment

To configure Apache to handle files (within the scope of the directive) with the specified extension(s) as those requiring payment:

AddHandler payment pay

Consult the Apache documentation for more information regarding these and other directives which affect request handling (such as Action).


The micropayment tickets are binary OpenPGP messages, containing a signed binary sequence consisting of an unrestricted service identifier followed by a four-octet payment value. Essentially, tickets are signed receipts from the payment provider that at a given point of time the customer paid a given amount for the given service.

Micropayment tickets can be passed to the server either within the URL of the request or as http cookies. In the first case, they are appended to the end of the request URL as a URI-encoded binary sequence assigned to some variable. In the second case, they are encoded in upper-case hexadecimal

Resources handled by this module will respond with a 402 Payment Required error status, unless an acceptable payment ticket is provided. The corresponding error message can be turned into a gateway to the payment service using the ErrorDocument directive.



Syntax: PaymentKey file-path
Context: directory, .htaccess

Tells Apache the location of the binary OpenPGP public key file of the payment provider


Syntax: PaymentID ([0-9A-F][0-9A-F])+
Context: directory, .htaccess

Defines the service ID. Only payments for this service are accepted.


Syntax: PaymentMin [0-9]+
Context: directory, .htaccess
Default: PaymentMin 1

Minimum payment. Payments of less than this amount are not accepted.


Syntax: PaymentSec [0-9]+
Context: directory, .htaccess
Default: PaymentSec 3

The service is provided for this many seconds for the minimal payment.

See also: PaymentMin


Syntax: PaymentAdd [0-9]+
Context: directory, .htaccess
Default: PaymentAdd 0

Seconds of service in addition to PaymentSec that can be purchased for each additional payment unit beyond PaymentMin.


Syntax: PaymentCookie *
Context: directory, .htaccess
Default: PaymentCookie ticket

HTTP Cookie name for the payment ticket.