Hello. The site (VDS) has scripts that take data POST-ohm. The amount of data can sometimes be very large.

I want to close these scripts from the external call. I add htaccess with contents to the directory I need.

<Limit POST> Order Deny,Allow Deny from all Allow from моя маска подсети. </Limit>

As a result, it works correctly from the outside, but if you go to the site and press the call button of this function (the usual select with category selection), the script issues 403. I believe that in this case the script does not work from the site’s ip, but from visitor?

Thanks for the tips ...

  • So why guess by ip, look in the logs of the web server where the request comes from. - de_frag
  • I don't need to analyze where the request comes from, I need to exclude any external request - Sarkis Allahverdian
  • "I suppose that in this case the script does not work from the site’s ip, but from the visitor’s ip?” So does it work where, in a browser or on a server? - D-side
  • Well, in the browser it turns out. In this case, I am more interested in how to correctly exclude incoming POST requests from outside, rather than parsing my words - Sarkis Allahverdian
  • one
    Possible duplicate question: How to disable POST requests to the server? - Visman

0