Menu
I'm trying to have a page that can only be accessed from approved websites but I don't know exactly how to approach it. Would I just have to provide like a snippet of PHP code that generates a random key and attaches it to the URL and that key is only valid for one access?
Or would it be possible to have a cookie set at the other domain, and then read at the final destination? Maybe it would be a 1px iframe at the initial page?
Or am I just trying to do something that's never going to work?
888
In the comments, we were able to clarify that...
I [zen] just need a method to secure a page without the need to have login credentials for each user, or any login for that matter. Another option I thought was to maybe do a POST send each time they click on a link, and my page would only allow them in if the POST contained a specific key. [...]
Since detecting fraudulent accesses is not an issue, I would suggest you simply check the http referer against a list of approved sites (and/or pages). It's non-invasive for the approved sites and offers no worse security than a fixed post-token you check.
In PHP, the referrer is in the $_SERVER['HTTP_REFERER'] variable, if available.
120
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
