Host name validation in php
How to validate the host name in PHP?
That is if suppose am running m开发者_如何学JAVAy application server on IP:192.168.1.77
and if the request contains the Host name other than 192.168.1.77
it should not allow the further processing.
Any help or suggestion would be appreciated.
I'll throw a unauthorized page. With error stating that there is mismatch in host name
What for? This is something the web server will already deal with if it's set up properly:
If you are using name-based virtual hosts, the ServerName inside a section specifies what hostname must appear in the request's
Host:
header to match this virtual host.
There's no need to additionally check for this in the PHP script.
It will be an additional security na? Thats what my clients requirement is
It is entirely pointless and will not add any security whatsoever. However, I guess there's no harm in doing it, either.
I guess you mean address, not hostname.
if ($_SERVER['REMOTE_ADDR'] !== '192.168.1.77') die(header("Location: /"));
if you really wan't to check the users hostname, use this
if ($_SERVER['REMOTE_HOST'] !== '192.168.1.77') die(header("Location: /"));
More info http://php.net/manual/en/reserved.variables.server.php
I think this is something you will have to do server side from within your web server's configuration. (.htaccess)
order deny, allow
deny from all
allow from 192.168.1.77
精彩评论