Msg#: 4571032 posted 8:26 am on May 6, 2013 (gmt 0)
Hi, I have a PHP application running on our company's LAN. Recently, my supervisor asked me to make it available for the world so that interested partners can check online the invoices generated by the said application.
I would like internet users to access a form that processes users input without logging in.
On the LAN users enter something like http://subdomain.domainname.gov.bi/ and are redirected to a login form. On the internet I would like people to enter something like http://subdomain.domainname.gov.bi/web/ where they would access the said form to enter the identifier of the invoice. What I want is internet user to get 'Access Denied' or 'Forbidden' if they enter http://subdomain.domainname.gov.bi/ instead of http://subdomain.domainname.gov.bi/web/ with the trailing /web at the end. I've never done that before but I suspect it has something to do with detecting the IP address where the request is coming from and generate a response accordingly. Please help me. Your Idea will be highly appreciated.
[edited by: phranque at 9:48 am (utc) on May 6, 2013] [edit reason] unlinked urls [/edit]
Msg#: 4571032 posted 9:58 am on May 6, 2013 (gmt 0)
if you are on an apache server and have mod_rewrite available you can use REMOTE_ADDR as the TestString of a Rewritecond directive and then a RewriteRule directive with the [F] flag to provide the 403 Forbidden status code response. you can find examples of this in the Apache Web Server forum [webmasterworld.com].
otherwise you can do essentially the same thing in your PHP script - get the visitor's IP and if it doesn't look like an internal address then provide a 403 status code response.