Solved

Apache mod_rewrite, restrict non-referrers, allowing www

Posted on 2006-06-16
4
680 Views
Last Modified: 2008-02-26
Hello,

I asked this question yesterday, and got a great solution.
http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21887572.html

My question is:  In the following .htaccess file (that uses mod_rewrite), how
do I allow referrers with the "www" and without it?


RewriteEngine On
# detect the referrer, match on all other domains
RewriteCond %{HTTP_REFERER} !(http://domain\.com(.*)?$)
# This rule fills all requests with the content of the /denied.html file
RewriteRule ^.*$ /denied.html [L]


Thank you,

Eric
0
Comment
Question by:instantprofits
  • 4
4 Comments
 
LVL 30

Expert Comment

by:callrs
ID: 16926261
Replace line 3 with:
RewriteCond %{HTTP_REFERER} !(.*\.domain\.com(.*)?$)
0
 
LVL 30

Expert Comment

by:callrs
ID: 16926266
No, Nvm. That will catch www.domain.com but not domain.com
brb
0
 
LVL 30

Expert Comment

by:callrs
ID: 16926311
RewriteCond %{HTTP_REFERER} !((\w+):\/\/(([^/:]+\.)|)domain\.com(:\d*)?([^# ]*))

This will allow http://www.domain.com but exclude e.g. http://thedomain.com

0
 
LVL 30

Accepted Solution

by:
callrs earned 500 total points
ID: 16926328
The above will allow http ftp://  as well as http://, etc.
But to make it ONLY for http:
RewriteCond %{HTTP_REFERER} !((http):\/\/(([^/:]+\.)|)domain\.com(:\d*)?([^# ]*))
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DNS Question 7 61
htaccess question 5 69
Webmin Bandwidth Monitoring not working 10 100
Redirect and Rewrite URL using .htaccess 38 114
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
I designed this idea while studying technology in the classroom.  This is a semester long project.  Students are asked to take photographs on a specific topic which they find meaningful, it can be a place or situation such as travel or homelessness.…
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now