Restrict POST Request The Server

About

Asked 20/7, 2012 at 17:19 Answered 20/7, 2012 at 17:28

I want to restrict all POST request that comes from other server via .htacces if they try to post any from other server thing they will get redirected to home page or 404 etc. I tried this

<Limit POST>  
order deny,allow  
deny from all 
allow from 127.0.0.1
</Limit>

Note:- GET request are allowed from all servers. Only to block POST requests.

Kone answered 20/7, 2012 at 17:19 Comment(1)

Your code seems to work fine for me. Maybe you only had to correct the name of .htaccess file. (double "s") – Altazimuth 19/1 at 2:25

That block will only prevent POST requests from hosts other than 127.0.0.1, and you will get a 403 Forbidden response. You could try using mod_rewrite and replace the <LIMIT> with:

RewriteCond %{REQUEST_METHOD} POST

# allow the server to POST to itself
RewriteCond %{REMOTE_ADDR} !127.0.0.1   

# allow POST from trusted users
RewriteCond %{REMOTE_ADDR} !123.456.789.123   

# send all other post requests to 403 forbidden
RewriteRule ^ / [F]

If you would prefer to send post request to the home page of your site instead replace [F] in the last line with [R,L]

You'd replace the / with where your "home page" is if it isn't just /.

Catacaustic answered 20/7, 2012 at 17:28 Comment(2)

that's great stuff. Thanks. Quick question. if i want to allow some more server to allow. i need to include RewriteCond %{REMOTE_ADDR} !SOME IP ADDRES am i right. – Kone 20/7, 2012 at 17:30

What about allowing a domain and its subdomains? – Leland 15/5, 2019 at 14:46

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags