serving images with send_file performance issue

Action caching will help improve matters, but if you need to authenticate for every image, you are already in a bad place for performance.

Lighttpd and I'm sure other servers have a way of serving 'secure' downloads. This works by putting a token into the URL for each image when you generate the HTML. This token will expire shortly, so only that user will be able to read those images. The images are then served directly by the web server (but only if the token is valid). I've seen this technique used for downloading purchased MP3 files, and it worked as advertised.

More info (including a Rails example) at the mod_secdownload page:

I have a plugin that extends Rails Action Caching to use the X- Sendfile header on lighttpd or the equivalent on nginx to send the cached file, so your Rails code only needs to care about action caching, and all the magic will be enabled by the server configuration.

More info here:

There's a gem that is supposed to take care of this on Mongrel, although I haven't tried it. We're about to tackle the same issue so if you use this and it works for you would you mind dropping us a line?