bearclaws75
asked on
.htacess: how to check if referrer was site XYZ?
I have two websites:
1) mysite-AAA.com
2) mysite-BBB.com
Mysite-AAA.com contains a folder with a number of PDFs that need to be password protected:
--> mysite-AAA.com/pdf_files/
To prevent users from directly linking to the PDFs, i added the .htaccess file below. When the user logs into mysite-AAA.com, a cookie ("fileaccess") is set. If the cookie has not been set, the user is redirected to the "sign in" page.
Now I want to link to these files from mysite-BBB.com. The user won't see the links until they have logged into mysite-BBB.com.
The problem is that I can't check for a cookie because the .htaccess lives on mysite-AAA.com.
I thought I could add a new condition to check to see if the referring site was mysite-BBB.com...but the PDFs are not loading properly when linked to from mysite-BBB.com.
The files DO load properly if the user is logged into mysite-AAA.com.
Any better suggestions for handling this?
1) mysite-AAA.com
2) mysite-BBB.com
Mysite-AAA.com contains a folder with a number of PDFs that need to be password protected:
--> mysite-AAA.com/pdf_files/
To prevent users from directly linking to the PDFs, i added the .htaccess file below. When the user logs into mysite-AAA.com, a cookie ("fileaccess") is set. If the cookie has not been set, the user is redirected to the "sign in" page.
Now I want to link to these files from mysite-BBB.com. The user won't see the links until they have logged into mysite-BBB.com.
The problem is that I can't check for a cookie because the .htaccess lives on mysite-AAA.com.
I thought I could add a new condition to check to see if the referring site was mysite-BBB.com...but the PDFs are not loading properly when linked to from mysite-BBB.com.
The files DO load properly if the user is logged into mysite-AAA.com.
Any better suggestions for handling this?
# NOTE: This is the .htaccess file in the mysite-AAA.com/pdf_files/ directory
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_COOKIE} !fileaccess= [NC]
RewriteCond %{HTTP_REFERER} !mysite-BBB.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9\-]+\.)?mysite-BBB.com/.*$ [NC]
RewriteRule .* /index.php?page=sign_in [NC,L,QSA]
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks!