modaven Posted October 31, 2006 Share Posted October 31, 2006 Good afternoon- I have browsed the forums as well as the web looking for an answer to this question. Hope someone out there can help. I need to create a .htaccess file that will only allow the files in the folder to be seen if the "referer" is from a particular site (or possibly two sites). I have found a lot of solutions out there for people who want to block specific sites, but I can't seem to figure out how to only allow specific sites. I have done some trial and error based on some of the things I have found, but with no luck. Any ideas? Thanks in advance! David Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted October 31, 2006 Share Posted October 31, 2006 Hi David, Welcome to the forums I haven't tested it, but try; >RewriteEngine on RewriteBase / RewriteCond %{HTTP_REFERER} !^http://www\.your_domain_name\.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://www\.OKdomain1\.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://www\.OKdomain2\.com/ [NC] RewriteRule ^.*$ http://www.your_domain_name.com/not_allowed_here.htm [R=301,L] or I'd try something along those lines anyway - with the not_allowed_here.htm being a page I redirected all those I don't want to. Quote Link to comment Share on other sites More sharing options...
TCH-Thomas Posted October 31, 2006 Share Posted October 31, 2006 Welcome to the forum, David. Quote Link to comment Share on other sites More sharing options...
modaven Posted October 31, 2006 Author Share Posted October 31, 2006 Thanks, Andy! I'll give that a try this evening after I take the little one out for some trick-or-treating. That way I'll be good an hopped up on sugar when I try it out! Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted October 31, 2006 Share Posted October 31, 2006 Welcome to the forums David Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted October 31, 2006 Share Posted October 31, 2006 Welcome to the forums and the family David Quote Link to comment Share on other sites More sharing options...
carbonize Posted October 31, 2006 Share Posted October 31, 2006 Just remember that not everyone sends a refer. Some firewalls actively block the refer. Quote Link to comment Share on other sites More sharing options...
modaven Posted November 9, 2006 Author Share Posted November 9, 2006 Hi David, Welcome to the forums I haven't tested it, but try; >RewriteEngine on RewriteBase / RewriteCond %{HTTP_REFERER} !^http://www\.your_domain_name\.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://www\.OKdomain1\.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://www\.OKdomain2\.com/ [NC] RewriteRule ^.*$ http://www.your_domain_name.com/not_allowed_here.htm [R=301,L] or I'd try something along those lines anyway - with the not_allowed_here.htm being a page I redirected all those I don't want to. So I have been trying different variables of the above for a couple days not with no luck. I can get the page to redirect to the "not_allowed_here", but everything goes there, even the request from the referer I want. Here's what I am using, but is not working... >RewriteEngine on RewriteBase / RewriteCond %{HTTP_REFERER} !^http://www\.yahoo\.com/ [NC] RewriteCond %{HTTP_REFERER} !^http://www\.google\.com/ [NC] RewriteRule ^.*$ http://www.totalchoicehosting.com [R=301,L] The site I am trying to get to is www.vzbmarketcenter.com. Based on what I have above, I would think that anything coming from yahoo.com, www.yahoo.com, google.com or www.google.com would be able to get through, but anything else would go to www.totalchoicehosting.com. I also tried getting rid of the "\"'s, but got the same results. Sorry, I am not up on the syntax of this, which is probably my problem. Any thoughts? Thanks again!!! David Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted November 9, 2006 Share Posted November 9, 2006 Hi David, You would need to include your own domain name in the list (otherwise you won't be able to link from one page to another ....) I also suspect you will also need to include a blank (or no refferer) since if you type it in your browser it does not have any refferer. Quote Link to comment Share on other sites More sharing options...
modaven Posted November 10, 2006 Author Share Posted November 10, 2006 Andy- Thanks again! It was the fact that I was missing my own URL that was keeping it from working. I left the referer = "blank" out because I don't want people to be able to type in the URL, they have to come from the site on the list. Thanks again!!! David Quote Link to comment Share on other sites More sharing options...
TCH-JimE Posted November 13, 2006 Share Posted November 13, 2006 Hi David, One problem you will have is that some versions of norton no longer give a referrer as a header, and hence you will not be able to block them, joys of the internet! JimE Quote Link to comment Share on other sites More sharing options...
carbonize Posted November 13, 2006 Share Posted November 13, 2006 It's not only Norton that can block refers. Quote Link to comment Share on other sites More sharing options...
modaven Posted November 13, 2006 Author Share Posted November 13, 2006 It's not only Norton that can block refers. Yeah, it is my customer that is requiring that we limit the site to only be accessible by people coming from their site, and this is the only way I know of doing that. So seems that it is what it is. Thanks again, all! David Quote Link to comment Share on other sites More sharing options...
carbonize Posted November 13, 2006 Share Posted November 13, 2006 Basically you'll have to make it so th escript only allows if the referer is the allowed site or if it is blank. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.