I have to restrict the users accessing my webpage based on the url from where the request is coming to my webpage. I am able to get the url from where the request is coming using
$_SERVER['HTTP_REFERER']
As i know the HTTP_REFERER is a header which is sent by the client, most browsers default behavior is to send it, but users can disable it or even send a different referer header. So is there any way to do the proper validation of request based on their url.
Unfortunately, if the user has set the browser to modify the referrer header, there's no way for PHP to discern whether or not the request has come from a certain website.
Blocking traffic from a URL, although easy to do - cannot ever be 100% accurate.