0

I've just been given an apache2 reverse proxy server to look after. I've been asked to set up access a gis system using https which is all fine. I want to know if there's any way of configuring the vhost so it only allows access if the http header referer is as specified by me? I.e if the http header to access the gis system doesn't have the right referer, the rproxy denies access.

I'm trying:

RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_REFERER} !^(.*?)\.?(mydomain\.co\.uk|mydomain\.com) (\/?.*) [NC]
RewriteRule ^.*$ http://www.mydomain.co.uk/not_allowed_here.html [R=301,L]
Improve this question
0

1 Answer 1

Reset to default
1

I got there in the end:

> SetEnvIf Referer
> ^https?:\/\/[^.]+\.(?>mydomain\.co\.uk|mydomain\.com).*$ refererok
> 
> <Location />
>     order deny,allow
>     deny from all </Location>
> 
> <Location /set2/>
>     order deny,allow
>     allow from all </Location>
> 
> <Location /set1/>
>     order deny,allow
>     deny from all
>         allow from env=refererok </Location>
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

is this even valid? it seems that your Location tags are self-closing, instead of having content

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.