?
Solved

Apache mod_rewrite, restrict non-referrers, allowing www

Posted on 2006-06-16
4
Medium Priority
?
692 Views
Last Modified: 2008-02-26
Hello,

I asked this question yesterday, and got a great solution.
http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21887572.html

My question is:  In the following .htaccess file (that uses mod_rewrite), how
do I allow referrers with the "www" and without it?


RewriteEngine On
# detect the referrer, match on all other domains
RewriteCond %{HTTP_REFERER} !(http://domain\.com(.*)?$)
# This rule fills all requests with the content of the /denied.html file
RewriteRule ^.*$ /denied.html [L]


Thank you,

Eric
0
Comment
Question by:instantprofits
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
4 Comments
 
LVL 30

Expert Comment

by:callrs
ID: 16926261
Replace line 3 with:
RewriteCond %{HTTP_REFERER} !(.*\.domain\.com(.*)?$)
0
 
LVL 30

Expert Comment

by:callrs
ID: 16926266
No, Nvm. That will catch www.domain.com but not domain.com
brb
0
 
LVL 30

Expert Comment

by:callrs
ID: 16926311
RewriteCond %{HTTP_REFERER} !((\w+):\/\/(([^/:]+\.)|)domain\.com(:\d*)?([^# ]*))

This will allow http://www.domain.com but exclude e.g. http://thedomain.com

0
 
LVL 30

Accepted Solution

by:
callrs earned 2000 total points
ID: 16926328
The above will allow http ftp://  as well as http://, etc.
But to make it ONLY for http:
RewriteCond %{HTTP_REFERER} !((http):\/\/(([^/:]+\.)|)domain\.com(:\d*)?([^# ]*))
0

Featured Post

Limited time offer using promo code EXPERTS30

Designed with a wealth of functionality and convenience, ATEN's new Thunderbolt™ 2 Sharing Switch takes your Thunderbolt setup to the next level. Now through September 15, 2017, Experts Exchange members get 30% off the US7220 on the ATEN USA eShop using promo code EXPERTS30.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month13 days, 5 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question