Restrict POST request to Website

From Brian Nelson Ramblings
Jump to: navigation, search

Restrict POST request to website

Do you need to limit the POST requests to your site? Best way to do that is allow only specific ips to POST to your site.

# allow the server to POST to itself
RewriteCond %{REMOTE_ADDR} !    
# allow POST from trusted users
RewriteCond %{REMOTE_ADDR} !123.456.789.123    
 # send all other post requests to 403 forbidden
RewriteRule ^ / [F] 

If you would prefer to send post request to the home page of your site instead replace [F] in the last line with [R,L]

You'd replace the / with where your "home page" is if it isn't just /.