Host name validation in php

Question

How to validate the host name in PHP?

That is if suppose am running my application server on IP:192.168.1.77 and if the request contains the Host name other than 192.168.1.77 it should not allow the further processing.

Any help or suggestion would be appreciated.

Answer 1

I'll throw a unauthorized page. With error stating that there is mismatch in host name

What for? This is something the web server will already deal with if it's set up properly:

If you are using name-based virtual hosts, the ServerName inside a section specifies what hostname must appear in the request's Host: header to match this virtual host.

There's no need to additionally check for this in the PHP script.

It will be an additional security na? Thats what my clients requirement is

It is entirely pointless and will not add any security whatsoever. However, I guess there's no harm in doing it, either.

Answer 2

I guess you mean address, not hostname.

if ($_SERVER['REMOTE_ADDR'] !== '192.168.1.77') die(header("Location: /")); 

if you really wan't to check the users hostname, use this

if ($_SERVER['REMOTE_HOST'] !== '192.168.1.77') die(header("Location: /")); 

More info http://php.net/manual/en/reserved.variables.server.php

Answer 3

I think this is something you will have to do server side from within your web server's configuration. (.htaccess)

order deny, allow
deny from all
allow from 192.168.1.77