Are you certain that this will suit your security needs? HTTP_REFERRER is easy to spoof...
On Mon, Dec 24, 2012 at 5:10 PM, Andrey Utkin < [email protected]> wrote: > I need to control access to particular directory with following logics: > if HTTP_REFERER is certain site (but not the same as in requested > document URL), then grant access; > else, authorize by password (i.e. pass basic authentication) > Reading apache 2.4 docs i found there's new directive "If", which seem > to make my task simpler. But now i have httpd 2.2 installed. It is > possible to upgrade, but i'd be grateful for description of both cases > - using latest version features, and way suitable for 2.2. > Thanks for any help. > > -- > Andrey Utkin > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
