Solved

Apache mod_rewrite, restrict non-referrers, allowing www

Posted on 2006-06-16
4
686 Views
Last Modified: 2008-02-26
Hello,

I asked this question yesterday, and got a great solution.
http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21887572.html

My question is:  In the following .htaccess file (that uses mod_rewrite), how
do I allow referrers with the "www" and without it?


RewriteEngine On
# detect the referrer, match on all other domains
RewriteCond %{HTTP_REFERER} !(http://domain\.com(.*)?$)
# This rule fills all requests with the content of the /denied.html file
RewriteRule ^.*$ /denied.html [L]


Thank you,

Eric
0
Comment
Question by:instantprofits
  • 4
4 Comments
 
LVL 30

Expert Comment

by:callrs
ID: 16926261
Replace line 3 with:
RewriteCond %{HTTP_REFERER} !(.*\.domain\.com(.*)?$)
0
 
LVL 30

Expert Comment

by:callrs
ID: 16926266
No, Nvm. That will catch www.domain.com but not domain.com
brb
0
 
LVL 30

Expert Comment

by:callrs
ID: 16926311
RewriteCond %{HTTP_REFERER} !((\w+):\/\/(([^/:]+\.)|)domain\.com(:\d*)?([^# ]*))

This will allow http://www.domain.com but exclude e.g. http://thedomain.com

0
 
LVL 30

Accepted Solution

by:
callrs earned 500 total points
ID: 16926328
The above will allow http ftp://  as well as http://, etc.
But to make it ONLY for http:
RewriteCond %{HTTP_REFERER} !((http):\/\/(([^/:]+\.)|)domain\.com(:\d*)?([^# ]*))
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question