开发者

Host name validation in php

How to validate the host name in PHP?

That is if suppose am running m开发者_如何学JAVAy application server on IP:192.168.1.77 and if the request contains the Host name other than 192.168.1.77 it should not allow the further processing.

Any help or suggestion would be appreciated.


I'll throw a unauthorized page. With error stating that there is mismatch in host name

What for? This is something the web server will already deal with if it's set up properly:

If you are using name-based virtual hosts, the ServerName inside a section specifies what hostname must appear in the request's Host: header to match this virtual host.

There's no need to additionally check for this in the PHP script.

It will be an additional security na? Thats what my clients requirement is

It is entirely pointless and will not add any security whatsoever. However, I guess there's no harm in doing it, either.


I guess you mean address, not hostname.

if ($_SERVER['REMOTE_ADDR'] !== '192.168.1.77') die(header("Location: /")); 

if you really wan't to check the users hostname, use this

if ($_SERVER['REMOTE_HOST'] !== '192.168.1.77') die(header("Location: /")); 

More info http://php.net/manual/en/reserved.variables.server.php


I think this is something you will have to do server side from within your web server's configuration. (.htaccess)

order deny, allow
deny from all
allow from 192.168.1.77
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜