How to filter requests from unwanted domains, except for a request for a specific path?

M

Mark2019-11-29 15:03:30

Yii

Mark, 2019-11-29 15:03:30

Situation: There are many domains that are directed to the same server by IP through an A-record.
Those. show the same content.
Task : give domains access only to a certain path, requests for other paths - redirect / error page. With the exception of the main domain, any path is allowed to it.
Example:

Example(text)

our-domain.com - основной домен, который мы прописываем в настройках
/target/path - путь, по которому разрешено обращаться любому домену
Алгоритм следующий:
Если домен отвечает конфигурационному домену our-domain.com, либо относительный путь запроса /target/path - запрос пропускать, остальные фильтровать.
Примеры:
1. Запрос our-domain.com - РАЗРЕШЕН.
2. Запрос jimmy-gips.nl - ЗАПРЕЩЕН.
3. Запрос out-world.kz/target/path - РАЗРЕШЕН.

Example(image)

It is desirable to implement at the framework level, but you can also use Apache settings.
I was thinking about the implementation option through the Boostrap section of the framework, but at this moment of the application's operation in the Request component there is no data about the domain, the paths that are requested, and there is no way to compare.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

X

xmoonlight, 2019-11-29
@xmoonlight

Situation: there are many domains that are directed to the same server by IP through an A-record.
Those. show the same content.

Why is that? Why weren't www-root-directories separated by domain names in the config?
Just there, access to the necessary folders is registered / distributed as you wish.
There - this is httpd.conf (or in alias.conf if it is nested in the main apache config: httpd.conf)

S

segio_tt, 2019-11-29
@art055

Cors will help you if I understand your question correctly