Reputation: 11112
How can you make a php script only answer requests made from the same server?
How can I get my PHP script to only answer requests if the requesting script is on the same domain?
** Edit: The PHP file is being accessed by an ajax request and is proxy, so I don't want others directly requesting it to come up, is this possible?
Upvotes: 1
Views: 743
Answers (3)
Reputation: 20878
There is no safe way to do that. Some developers will naively use the HTTP referrer header field, but anyone smart enough to abuse your ajax interface will have no problem forging the referrer.
Upvotes: 1
Reputation: 387507
You could use $_SERVER['REMOTE_ADDR'] to compare the IP of the user requesting the page. Or you could simply make it a command line script that (obviously) requires you to run it from the command line.
edit:
You want to prevent people from using that script other than via AJAX? Impossible, as AJAX itself is executed by the client, as such the request starts there. And it will be always possible to call that script alone; you can make it harder, but you won't be able to prevent it.
Upvotes: 2
Reputation: 53850
You shouldn't be sending requests to your own server. You should include the file and execute the functions directly.
Upvotes: 0
Related Questions
- How to check if a request if coming from the same server or different server?
- PHP - Ensure GET request is from specific domain
- Resolve hostname in PHP using different name server
- PHP restrict page requests to a specific server?
- Every requests should contain a server IP
- Can I disable DNS lookup in PHP? I have the IP address and host name
- PHP - Source (hostname) of a GET request
- How to know, from what site server is getting request?
- Creating a PHP API: Checking from which server the API Request comes from
- PHP script only allow traffic from a certain domain?