Is it secure to use $_SERVER['HTTP_REFERER'] to secure web sites?

I am using $_SERVER['HTTP_REFERER'] to secure all of my web site. Is it safe? or session variables are safer? If it's not safe why it's not safe.
thanks much for respeond in advance
Who is Participating?
WarpsehConnect With a Mentor Commented:
Hi! no, referrer is not secure, it comes in the user's headers, so it can be changed. Use session variables instead. And remember to regenerate session id when the user logs in, for example.
The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.

Use Session variables.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.