How to allow redirection from specific domains - Apache

HenriqueBarcelos
February 5, 2019
88 views
0 votes
2 Answers

I have a registration page from my website portal but I want to allow it to be loaded only if the previous domain was the PayPal domain (for example). That way I would garantee that even if a bot scanned my WordPress instance (which is not difficult), it could not register.

I know that mod_rewrite can prevent hotlinking, and allow specific domains to load that content.

RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?mydomain.com [NC] RewriteRule .(jpe?g|gif|bmp|png)$ https://example/404.jpg [NC,L]

But is it possible using a normal URL? That is, not a file, but a page?

Answers

- pangeam
- February 5, 2019 at 9:32 am
- 0 votes
0
You could use (assuming your registration link is, e.g. /wp-login.php?action=register)
```
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?paypal.com [NC]
RewriteCond %{QUERY_STRING} ^action=register$
RewriteRule ^wp-login.php index.php [NC,L]
```
..to redirect to index.php if someone tried to register without coming from paypal (headers can be spoofed, of course)
Login or Signup to reply.

- oTradeMark
- February 18, 2019 at 10:18 pm
- 0 votes
0
Yes, you can use the HTTP_REFERER for any URL. Add this to your .htaccess:
```
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?paypal.com [NC]
RewriteCond %{REQUEST_URI} ^/your-registration-url$ [NC]
RewriteRule ^your-registration-url$ https://website.com/404 [R=301,L]
```
That would redirect anyone visiting your registration URL not having paypal.com as the referrer to a website.com/404 or whatever page you choose to redirect them to.
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.

How to allow redirection from specific domains – Apache

Answers