This is an module for the Apache HTTP Server that provides access control based on "Referer" HTTP header content.
The allow_referer directive affects which hosts can refer and access a given directory. host is one of the following:
allow_referer from .ncsa.uiuc.eduIn this case all hosts in the specified domain are allowed access.
Note that this compares whole components; bar.edu would not match foobar.edu.
See also deny_referer, order_referer and default_access_referer.
The deny_referer directive affects which referer hosts can not refer and access a given directory. host is one of the following:
deny_referer from 16In this case all referer hosts in the specified network are denied referer and access.
Note that this compares whole components; bar.edu would not match foobar.edu.
See also allow_referer, order_referer and default_access_referer.
The order_referer directive controls the order in which allow_referer and deny_referer directives are evaluated. ordering is one of the following:
order_referer allow_referer,deny_refererIn this case hosts in the ncsa.uiuc.edu domain are allowed referer and access; all other hosts are denied referer and access.
deny_referer from all
allow_referer from .ncsa.uiuc.edu
See also allow_referer, deny_referer and default_access_referer.
The default_access_referer directive affects if referer host can referer and access a given directory if the "Referer" HTTP header is not sent by the browser. access is one of the following:
default_access_referer allow_refererIn this case if the browser don't send the "Referer" HTTP header, it will be allowed access.
See also allow_referer, deny_referer and order_referer.
But, there are situations where the files are linked from other Web sites, other than the organization owns. In such situations, the organization is loosing twice: one because the people don't visit the organization's Web site to get the files, and another because the organization still pay the necessary bandwidth to get the files.
Most browsers today send the "Referer" HTTP header in each request that comes from another Web page. This can be used to track from where the resources are linked, but it can be used to allow or deny the access to such resources if the "Referer" is not a page from the organization's Web site.
mod_access_referer is an Apache module that understand the "Referer" HTTP header, and grant or deny access based on the Web page that refered the file.
The "Referer" HTTP header is sent by the browser to the server, and it contains the URL of the resource from where the URL of the asked resource was obtained. The document "Hypertext Transfer Protocol -- HTTP/1.1" RFC 2616 gives the following explanation:
"The Referer[sic] request-header field allows the client to specify, for the server's benefit, the address (URI) of the resource from which the Request-URI was obtained (the "referrer", although the header field is misspelled.) The Referer request-header allows a server to generate lists of back-links to resources for interest, logging, optimized caching, etc. It also allows obsolete or mistyped links to be traced for maintenance. The Referer field MUST NOT be sent if the Request-URI was obtained from a source that does not have its own URI, such as input from the user keyboard."
You can download the source code of this module at http://accessreferer.sourceforge.net/.
Original author: Roberto Arturo Tena Sánchez <arturo__at__users.sourceforge.net>
This module was been developed with help from Cosource.com.