I hope to get your feedback on this.
My HTML head for the website calls-js.com contains the following:
<html>
<head>
<script src="http://www.hosts-js.com/some.js"></script>
</head>
</html>
As you can see, calls-js.com is calling some.js from hosts-js.com.
I want to restrict who can call/view some.js using an IP whitelist on hosts-js.com.
This means if user 1.1.1.1 (whitelisited) and 2.2.2.2 (not whitelisted) open calls-js.com, only 1.1.1.1 gets to experience whatever some.js does.
I am thinking of writing a PHP script which automatically updates the .htaccess file on hosts-js.com to include whichever IP addresses are allowed.
<Files some.js>
Order deny,allow
Deny from all
Allow from 1.1.1.1, some-other-ip, another-ip
</Files>
Is this the easiest way to do this, or can you think of another way?
you can write a php/cgi/whatever script that will send the file (or not) based on database lookup/algorithm/whatever and put a rewrite on host-js to transform *.js to myscript?file=$1