PHP: Adding security with http referer [duplicate]

https://stackoverflow.com/questions/22314166

PHP
http-referer

12-06-2023
|

Pergunta

Im Kinda A Noob With PHP,
I want to keep my page accessible only from a link
etc. I only want to allow people who clicked a link to my page from example.com
and others like from google.com to redirect to another page on my site etc. a error message
How Could I Do This?

Solução

if(isset($_SERVER['HTTP_REFERER']))
    $referer_host = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);
else
    $referer_host = '';
if($referer_host != 'example.com')
{
    header('Location: http://example.com/error');
    exit;
}

People not sending (correct) referers for various reasons will be entirely excluded from your page.

Of course bookmarking your site etc. will also not work.

As headers can be faked by the client at will, I would not call this a "security" feature.

Licenciado em: CC-BY-SA com atribuição

Não afiliado a StackOverflow