Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Results 1 to 6 of 6
  1. #1
    Senior Member seanmiller's Avatar
    Join Date
    Sep 2003
    Location
    Glastonbury, UK
    Posts
    868
    Member #
    3263
    Liked
    1 times
    What is the best way to ensure that a website only works if it is linked from another website, when the visitor has something like Norton running and blocks HTTP_REFERER ?

    Is there any way to bypass the security software? Or does one have to use a completely different method?

    Sean

  2.  

  3. #2
    Junior Member
    Join Date
    Nov 2005
    Posts
    19
    Member #
    11796
    Re

    Here's a quick tutorial. If this isn't what you need, let me know and I can try to help again.

    http://eofficeprofessionals.com/sand...ponreferer.asp

    Website Design & Hosting by E-Office Professionals www.eofficeprofessionals.com

    The only stupid question is the one not asked.


    Offer solutions-not criticism.

  4. #3
    Senior Member Fallout's Avatar
    Join Date
    Aug 2003
    Location
    Richmond, Virginia
    Posts
    543
    Member #
    2748
    He specifically said that HTTP_REFERER wouldn't work. However, I wasn't aware that Norton blocked referrer headers. It seems like it destroys functionality without protecting you from anything.

  5. #4
    Junior Member
    Join Date
    Nov 2005
    Posts
    19
    Member #
    11796
    re

    fallout, I don't know if it's me or you who is not understanding what seanmiller wants. But, from what I understand, he wants the site to not work if the user's http_referer header is not viewable. My code does not cause the site to not work, however he can transfer those visitors to a specific, customized page. Also, I didn't realize at first that seanmiller may be working in php. My code is written in asp, so maybe that's where you got confused and didn't understand that the line of code that reads: ///REFERER Case ""/// is in reference to visitors with empty http_referer headers.

    As I put in my earlier post, if this isn't what he needs, I will be more than happy to help him, which is far more than the negative feedback that you have given. However, the code seems to work just fine.

    Website Design & Hosting by E-Office Professionals www.eofficeprofessionals.com

    The only stupid question is the one not asked.


    Offer solutions-not criticism.

  6. #5
    Senior Member seanmiller's Avatar
    Join Date
    Sep 2003
    Location
    Glastonbury, UK
    Posts
    868
    Member #
    3263
    Liked
    1 times
    Let me explain...

    I have a situation where a ustomer requires that the site validates that it has been accessed by an approved affiliate (effectively an affiliate, anyway) so HTTP_REFERER seemed a good way to do it... in other words...

    mysite.com/shoppingcart.php

    cust1site.com -> mysite.com/shoppingcart.php - works!
    cust2site.com -> mysite.com/shoppingcart.php - works!
    nastyhackersite.com -> mysite.com/shoppingcart.php - sorry, invalid!

    But Norton blocks HTTP_REFERER and so I get "sorry, invalid!" even when it is a valid customer, unless you turn off "Norton Internet Security".

    It can be manually configured to allow through HTTP_REFERER, but it seems "overkill" to have to request customers of the affiliates change their firewall settings in order to use the site, hence my question.

    Thanks for all the help so far,

    Sean

  7. #6
    Senior Member
    Join Date
    Jul 2005
    Location
    S.Wales, UK
    Posts
    250
    Member #
    10742
    For affiliates the best way is to use an affiliate ID in the querystring of the url.

    mysite.com/shoppingcard.php?aff=123456

    URL_REFFERER is unreliable
    Paul Creedy
    Visit my community site at: www.rhonddacynontaff.com
    My hosting: www.rcthosting.com
    My Content Management product: www.dynamiccontenteditor.com


Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 11:46 PM.
Powered by vBulletin® Version 4.2.3
Copyright © 2019 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com