#allow access from paypal only
SetEnvIf Referer "^https://www\.paypal\.com" auth_referral
Order Allow,Deny
Deny from all
AuthType Basic
AuthName "FRBSF"
AuthUserFile "/path/to/my/.htpasswds/public_html/passwd"
Require valid-user
Allow from paypal.com
Allow from env=auth_referral
Satisfy any
ASKER
ASKER
SetEnvIf Referer "^https://www\.paypal\.com" auth_referral
You can also try SetEnvIfNoCase. That may help the referer get picked up. Hosts whose names match, or end in, this string are allowed access. Only complete components are matched, so the above example will match foo.apache.org but it will not match fooapache.org. This configuration will cause Apache to perform a double reverse DNS lookup on the client IP address, regardless of the setting of the HostnameLookups directive. It will do a reverse DNS lookup on the IP address to find the associated hostname, and then do a forward lookup on the hostname to assure that it matches the original IP address. Only if the forward and reverse DNS are consistent and the hostname matches will access be allowed.
ASKER
ASKER
# password protection except for PayPal
AuthType Basic
AuthName "FRBSF"
AuthUserFile "/home4/w3ndy321/.htpasswds/public_html/frbsf/passwd"
Require valid-user
Allow from 64.4.248.8
Allow from 64.4.249.8
Allow from 173.0.84.40
Allow from 173.0.84.8
Allow from 173.0.88.40
Allow from 173.0.88.8
Allow from 173.0.92.8
Allow from 173.0.93.8
ASKER
ASKER
Web development includes all aspects of presenting content on intranets and the Internet, including delivery development, protocols, languages and standards, server software, browser clients, databases and multimedia generation.
TRUSTED BY
ASKER
SetEnvIf Request_URI "^/wc-api/WC_Gateway_Paypa
since PayPal might not send back referrer info.