[phorm] [Phorm:] Restricting the Referer

  • From: webbbs@xxxxxxxxx
  • To: support@xxxxxxxxx
  • Date: 15 Jan 2003 05:54:04 -0000

The following new message has been posted on Phorm Support Forum at 
<http://www.phorm.com/support/>. 

*************************************************************************** 

  MESSAGE:  (#2063) Restricting the Referer 
            <http://www.phorm.com/support/?rev=2063> 
  AUTHOR:   Jason 
  DATE:     January 15, 2003 at 12:54 a.m. EST 

As described in your documentation you use the following example: 

$PHORM_REFERER = "|domain1.com|www.domain1.com|www.domain2.com/form1.html|"; 

Based on that I created the following: 
$PHORM_REFERER = 
"|www.lagllc.org/forms/rma_frm.htm|http://www.lagllc.org/forms/rma_frm.htm|http://lagllc.org/forms/rma_frm.htm|";
 

When I ran Phorm I received the following error: 
080 - Invalid access. This Phorm installation cannot be accessed from 
[http://www.lagllc.org/forms/phorm.php]. 

So I tried adding: 
www.lagllc.org/forms|http://lagllc.org/forms| 

and still received the same error. So I added this to make it work: 

|www.lagllc.org/forms/phorm.php|http://lagllc.org/forms/phorm.php|"; 

It appears that you can not simply lock down just a domain and a specific 
subdirectory you need to lock down phorm.php as well. 

Did I do something wrong or is there a better way to lock down phorm? 

What I really want is to lock the phorm script down to form specific files, 
for example |http://lagllc.org/forms/rma_frm.htm|"; and deny everything else 
including the domains, for example www.lagllc.org. 

My thoughts are the less that is given referrer access the better! Yes/no? 

*************************************************************************** 

This is an automatically-generated notice.  If you'd like to be removed from 
the mailing list, please visit Phorm Support Forum at 
<http://www.phorm.com/support/>, or send your request to webbbs@xxxxxxxxxx  If 
you wish to respond to this message, please post your response directly to the 
board.  Thank you! 
-------------------------------------------------
You are receiving this message because you are subscribed to the Phorm mailing 
list. To send messages to the mailing list, simply send email to 
phorm@xxxxxxxxxxxxx from the address you have subscribed. You may unsubscribe 
from the list by sending email to phorm-request@xxxxxxxxxxxxx with 
'unsubscribe' in the SUBJECT field.

Other related posts:

  • » [phorm] [Phorm:] Restricting the Referer