问题
I want to restrict all POST request that comes from other server via .htacces
if they try to post any from other server thing they will get redirected to home page or 404 etc.
I tried this
<Limit POST>
order deny,allow
deny from all
allow from 127.0.0.1
</Limit>
Note:- GET request are allowed from all servers. Only to block POST requests.
回答1:
That block will only prevent POST requests from hosts other than 127.0.0.1, and you will get a 403 Forbidden response. You could try using mod_rewrite and replace the <LIMIT> with:
RewriteCond %{REQUEST_METHOD} POST
# allow the server to POST to itself
RewriteCond %{REMOTE_ADDR} !127.0.0.1
# allow POST from trusted users
RewriteCond %{REMOTE_ADDR} !123.456.789.123
# send all other post requests to 403 forbidden
RewriteRule ^ / [F]
If you would prefer to send post request to the home page of your site instead replace [F] in the last line with [R,L]
You'd replace the / with where your "home page" is if it isn't just /.
来源:https://stackoverflow.com/questions/11584101/restrict-post-request-the-server