I have htaccess allowing access through a link to a Wordpress site (siteA.com) only through one specific URL (siteB.com) and denying all others.
This does it for me...
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http?://siteA.com/
RewriteRule ^ - [L]
RewriteRule ^ - [F]
ErrorDocument 403 /forbidden.html
BUT it doesn't load siteB.com stylesheet.
I'm looking for a htaccess rule that would allow me to access a site if only accessed through a specific link. Security here is not an issue.
TL;DR; While you can try playing around with htaccess, there is no reliable way to do what you want.
The simple answer is that request to stylesheet has your main page as the referrer. To see this, navigate to your site, open Dev Tools (F12 in Chrome), then switch to Networks tab, select your CSS and look at request headers.
For example, the page for this question has this URL:
http://stackoverflow.com/questions/40220527/htaccess-allow-only-specific-url-doesnt-load-its-css
And the request for CSS has this in its headers:
Referer: http://stackoverflow.com/questions/40220527/htaccess-allow-only-specific-url-doesnt-load-its-css
Overal, it's a very, very bad idea to filter based on the Referer or any request header for that matter, as they are very easily spoofed.
<Limit GET POST PUT> order deny,allow deny from all allow from .*domain\.com.* </Limit> that should work, but doesn't for some reason. Really hoping for some help here.order deny allow, etc. applies to the client, not to what you're redirecting to. If you really want a very dirty solution, then you must allow referer from SiteA and SiteB, because referer being itself is the indication of loading CSS, images, javascript and all other assets. However, I repeat, this is very dirty and does not offer any kind of protection. Oh, and it totally kills any SEO, as anybody accessing your site from search engines won't be allowed in.