2

How to rewrite this PHP code into .htaccess rules?

$url = "$_SERVER[HTTP_HOST]";
if(strrpos($url, "m.cloudcms.co") === false){
    header("HTTP/1.0 403 Forbidden");
    echo '<h1>Forbidden Access</h1>';
    echo '<p>You have reached this page in error.</p>';
    exit;
}

Here is my .htaccess:

deny from all
allow from m.cloudcms.co
# caching static files
<IfModule mod_headers.c>
    <FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|bmp|js|css|swf|woff|svg|ttf|otf|eot)(\.gz)?$">
        Header unset Pragma
        Header unset ETag
        Header set Cache-Control "max-age=-1, no-store, no-cache, must-revalidate"
    </FilesMatch>
</IfModule>
FileETag None
<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresDefault M-1
  ExpiresByType text/html M-1
  ExpiresByType image/gif M-1
  ExpiresByType image/jpeg M-1
  ExpiresByType image/png M-1
  ExpiresByType text/css M-1
  ExpiresByType text/javascript M-1
  ExpiresByType application/javascript M-1
  ExpiresByType application/x-javascript M-1
  ExpiresByType text/xml M-1
  ExpiresByType image/svg+xml M-1
  ExpiresByType application/x-font-ttf M-1
  ExpiresByType application/x-font-truetype M-1
  ExpiresByType application/x-font-opentype M-1
  ExpiresByType application/vnd.ms-fontobject M-1
  ExpiresByType application/x-font-woff M-1  
</IfModule>


# For servers that support output compression, you should pick up a bit of
# speed by un-commenting the following lines.

php_flag zlib.output_compression On
php_value zlib.output_compression_level 9

which is now doing the 403 Forbidden message for both cloudcms.co and m.cloudcms.co

Improve this question
7
  • yes there is, did you do any research? Commented May 6, 2013 at 20:28
  • Have You tried Deny from m.cloudcms.co? Commented May 6, 2013 at 20:30
  • yes, and everything I've searched for comes up with allow from m.cloudcms.co, however, that is if I am coming from a host that is named that Commented May 6, 2013 at 20:30
  • Normally it shoul be Allow from all and Deny from m.cloudcms.co Commented May 6, 2013 at 20:32
  • 2
    As I understand You want to allow acces only from m.cloudcms.co? In that case Deny from all and Allow from m.cloudcms.co Commented May 6, 2013 at 20:35

1 Answer 1

Reset to default
2

You need to determine what the URI you want to match against is, then using rules in the document root (or some appropriate place) you can make the same types of checks.

The "$_SERVER[HTTP_HOST]" is essentially the %{HTTP_HOST} variable. And to return a 403, you can simply use the F flag in a rule:

RewriteCond %{HTTP_HOST} !^m.cloudcms.co$ [NC]
RewriteRule ^(.*)$ - [L,F]

Here, the URI that is being matched is (.*), or everything. If you want to narrow it down to something more specific, you need to modify the regular expression to match.

For /file.php: 

RewriteRule ^file\.php$ - [L,F]

For everything in the directory /some/path/:

RewriteRule ^some/path/ - [L,F]

etc.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

DOH! forgot about rewrite! this did the trick. so let me ask you this, your personal opinion now... do you think that I should throw the 403 error, or simply them to m.cloudcms.co?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.