You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by "Rose, Billy" <wr...@loislaw.com> on 2002/05/01 19:13:29 UTC

mod_auth_referer

Could someone please take a look at this module and see if it would benefit
Apache 2? It authenticates based on HTTP referer. It doesn't authenticate
requests ending in "/" as that is for the indexing to decide on. Also, any
pointers are warmly welcome.

.conf file directives:

  AuthReferer [on|off] #authentication on or off
  DirectUrls [on|off]  #blank referer header allowed?
  AllowReferer <list of referers> #the list of referers allowed to have
access

Changes to be made soon (if module is usable by the Apache Group):
  currently server wide - will add dir config later
  will expand the system to be more like the allow,deny of mod_auth_access

Billy Rose 
wrose@loislaw.com

Re: mod_auth_referer

Posted by Joshua Slive <jo...@slive.ca>.

On Wed, 1 May 2002, Rose, Billy wrote:

> Could someone please take a look at this module and see if it would benefit
> Apache 2? It authenticates based on HTTP referer. It doesn't authenticate
> requests ending in "/" as that is for the indexing to decide on. Also, any
> pointers are warmly welcome.

How does this improve on
http://httpd.apache.org/docs-2.0/env.html#examples
(third example)?

Joshua.