Topic: Something maybe special...

Hello all,

I've a website which has a login page to enter.
From this website I can go to my brand new PunBB forum with a link.

I'd like the following if it is possible to do, and how... ?

I would like that any URL sending to any page of the forum, redirects automatically to the login page of my website, if user not previously logged in

But I would like that anyone coming from any page of my website to any page of the forum do not encounter any problem, as they logged in

In other words, I'd like that the forum to be invisible to people NOT coming from my website.
Or, again in other words, I would like people unable to register if they have not been invited previously to the website.

The only way to access to the forum would be thru the website.

Does somebody managed to understand this... ? o:

It might be a bit difficult to do...

Thank you for your help.

Regards,

Lim

2 (edited by roo 2005-01-20 01:19)

Re: Something maybe special...

Is your server running Apache and do you have access to .htaccess?  I'm no expert on it, but I think that adding this to your .htaccess file would do it:

RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com/.*$ [NC]
RewriteRule .* http://www.yourdomain.com/login/ [R,L]

It basically says that anyone coming from an address that isn't http://www.yourdomain.com/ is automagically sent to http://www.yourdomain.com/login/

It may or may not work, I'm not really that knowledgeable when it comes to this stuff.

Re: Something maybe special...

Hello roo,

Thank you very much for your answer.

Perhaps I did not do the right things, but it does not work...

I still can access to the register (or login) page, even if I don't come from my website.

But you're right, the solution might be with .htaccess file.

Lim.

Re: Something maybe special...

I found this which seems to work as I want :

SetEnvIfNoCase Referer "^http://www.mywebsite.com/" local_ref=1
Order deny,allow
deny from all
allow from env=local_ref

I can acces to the forum (which URL is www.mywebsite.com/forum/index.php) only via my website.

BUT !!!

If, for example, I login to the forum, I have a Error 403 coming as the URL is www.mywebsite.com/forum/login.php?action=in

Nevertheless, I can check that  I'm logged to the forum.

It's the same for each URL containing .php?

Do you have an idea how to be considered from within the domain name, even with such URL ?

Thank you.

Lim