The following new message has been posted on Phorm Support Forum at <http://www.phorm.com/support/>. *************************************************************************** MESSAGE: (#2063) Restricting the Referer <http://www.phorm.com/support/?rev=2063> AUTHOR: Jason DATE: January 15, 2003 at 12:54 a.m. EST As described in your documentation you use the following example: $PHORM_REFERER = "|domain1.com|www.domain1.com|www.domain2.com/form1.html|"; Based on that I created the following: $PHORM_REFERER = "|www.lagllc.org/forms/rma_frm.htm|http://www.lagllc.org/forms/rma_frm.htm|http://lagllc.org/forms/rma_frm.htm|"; When I ran Phorm I received the following error: 080 - Invalid access. This Phorm installation cannot be accessed from [http://www.lagllc.org/forms/phorm.php]. So I tried adding: www.lagllc.org/forms|http://lagllc.org/forms| and still received the same error. So I added this to make it work: |www.lagllc.org/forms/phorm.php|http://lagllc.org/forms/phorm.php|"; It appears that you can not simply lock down just a domain and a specific subdirectory you need to lock down phorm.php as well. Did I do something wrong or is there a better way to lock down phorm? What I really want is to lock the phorm script down to form specific files, for example |http://lagllc.org/forms/rma_frm.htm|"; and deny everything else including the domains, for example www.lagllc.org. My thoughts are the less that is given referrer access the better! Yes/no? *************************************************************************** This is an automatically-generated notice. If you'd like to be removed from the mailing list, please visit Phorm Support Forum at <http://www.phorm.com/support/>, or send your request to webbbs@xxxxxxxxxx If you wish to respond to this message, please post your response directly to the board. Thank you! ------------------------------------------------- You are receiving this message because you are subscribed to the Phorm mailing list. To send messages to the mailing list, simply send email to phorm@xxxxxxxxxxxxx from the address you have subscribed. You may unsubscribe from the list by sending email to phorm-request@xxxxxxxxxxxxx with 'unsubscribe' in the SUBJECT field.