whats the best way to restrict users visiting directly

Forum Moderators: coopster

Message Too Old, No Replies

whats the best way to restrict users visiting directly

Hitman3266

3:05 am on Sep 23, 2007 (gmt 0)

say we have www.site1.com and signup.site2.com

2 sites hosted on 2 different servers. what would be the best way to block everyone out from visiting signup.site2.com directly unless their coming from www.site1.com. im looking for a "Referrer Check" but since HTTP_REFERER isnt fullproof is there any better alternatives to getting this done?

vincevincevince

4:26 am on Sep 23, 2007 (gmt 0)

You could potentially set up a database of REMOTE_ADDR values (visitor IP) to site1, and then when someone tries to visit site2 you could do a check and ensure that IP had recently pulled the page from site1.

Habtom

10:24 am on Sep 23, 2007 (gmt 0)

If they need to click a link from site1.com to go to signup.site2.com you can pass a hidden value.

If set, yes they indeed came from that site.

If you want them to go direct to signup.site2.com anytime after they visit site1.com, then the above IP address solution seems a good idea.

Habtom

henry0

11:13 am on Sep 23, 2007 (gmt 0)

You could pass a session accross domains (Many threads about it here)
then if no session on site 2 then
message ...aaaaa...
and 10 sec later redirect to login