?
Solved

Redirect and Allow  From Another Site?

Posted on 2014-10-02
10
Medium Priority
?
105 Views
Last Modified: 2014-10-18
I have a one-page Drupal site,  https;//mydrupalsitecom/

I only want to allow visitors from https://www.thissite.com/custompage

Any other visitors should be redirected to https://www.thissite.com/

Best in .htacesss or does this need some custom PHP coding to put into Drupal?
0
Comment
Question by:sandshakimi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
10 Comments
 
LVL 59

Expert Comment

by:Julian Hansen
ID: 40359115
Something like this - modify IP address to IP of site you want to match against.
Options -Indexes
Options +FollowSymLinks

RewriteEngine on
RewriteBase /

RewriteCond %{REMOTE_ADDR} !^192.168.X.X$ [NC]
RewriteRule ^(.*)$ http://www.yourdomain.com/ [L,R=301]

Open in new window

0
 

Author Comment

by:sandshakimi
ID: 40359148
Both sites are on same IP.

Can I use URL?
0
 
LVL 59

Expert Comment

by:Julian Hansen
ID: 40359225
Don't think so.
0
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

 
LVL 59

Accepted Solution

by:
Julian Hansen earned 1500 total points
ID: 40359226
Oh - wait - if you want to work on a click through then you can use HTTP_REFERER

This only works if you arrive at the site by clicking a link.

So something like this
Options -Indexes
Options +FollowSymLinks

RewriteEngine on
RewriteBase /

RewriteCond %{HTTP_REFERER} !^www.theacceptabledomain.com$ [NC]
RewriteRule ^(.*)$ http://www.yourdomain.com/ [L,R=301]
                                          

Open in new window

0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 40359337
HTTP_REFERER can be set by the request, so if there are any security implications to your design, consider this risk carefully.  Especially carefully if it's a U. S. Government site, since the hacker community will be thrilled to find security lapses.  It's very easy for a 'bot script to look like a Firefox browser, referred by Google, or any other site.
0
 

Author Comment

by:sandshakimi
ID: 40359343
Cool

Can you explain what the code is actually doing?
0
 
LVL 59

Assisted Solution

by:Julian Hansen
Julian Hansen earned 1500 total points
ID: 40359481
# Only these lines are relevant - the others are standard htaccess preamble

#This line is a test condition - it is checking to see if the Referring domain
# is NOT EQUAL to www.theacceptabledomain.com
# it expects regular expression syntax here '^' means start of line
# '$' means end of line
# '!' means NOT 
# %{HTTP_REFERER} is the means for accessing a server variable
# [NC] means make a case insensitive (No Case) comparison)
# So if the referring domain is equal to the one shown then allow the request to proceed

RewriteCond %{HTTP_REFERER} !^www.theacceptabledomain.com$ [NC]


# if it is not equal then fire the rule (RewriteRule)
# Again Regular expression syntax is used
# ^(.*)$ means match everything in the requested URL
# and redirect to http://www.yourdomain.com - you could pass the matched information
# to the URL with this syntax - the $1 means the first matched expression
# RewriteRule ^(.*)$ http://www.yourdomain.com?url=$1 
# [L,R=301] means L this is the last rule - don't do any more processing, R=301 means
# tell the requesting agent this is a 301 redirect (permanently moved)


RewriteRule ^(.*)$ http://www.yourdomain.com/ [L,R=301]

Open in new window

0
 

Author Comment

by:sandshakimi
ID: 40359669
On mydrupalsite.com, what happens when the 1) visitor refreshe the page, or 2) copy/paste URL in a seperate Tab?
0
 
LVL 59

Expert Comment

by:Julian Hansen
ID: 40359743
They will get to the site.

You would need to implement something in the script (php) side of things to record where a client comes from and then continue to block them.

However, that is easily circumvented by clearing the cookies on the machine.

As Ray alluded to in his post - this at best is a convenience - you can't stop people coming to the site if there is an open url to do so.
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 40360161
If you need to protect data from public exposure, the only sure way is this: Do not put the data on the internet.  Less sure, but the more practical solution that many publishers choose is client authentication, via a username and a password.  
https://www.drupal.org/project/protected_pages
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this. Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it i…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question