Finding the source of a request that comes to our site

Question

I have a question related to finding the source of a request that comes to our site.

I have a PHP file that has a function and it returns a value. I want to call this function by Ajax through other sites that I have (I do not have a problem with this part).

I was wondering it is possible to check (in the PHP file) if the request for calling the PHP file or function comes only through the sites that I have and if it is not from the defined domains, it returns false.

Do we have any functions to check this matter?

I do not need client IP address, I need to know the domain that sends the request to my site and call my Php function. Do we have a mechanism to control this?

I only want my domains B and C are able to call my PHP function which is in my domain A.

Possible duplicate of [How to get the client IP address in PHP?](https://stackoverflow.com/questions/3003145/how-to-get-the-client-ip-address-in-php) — Progman, Jan 07 '18 at 22:58
Ever heard about Cors? Learn about it and enable Cors only for the domains you want — Lelio Faieta, Jan 07 '18 at 23:02
Thank you Lelio. I do not know about it. I should search for it. — sanik, Jan 07 '18 at 23:37

hexYeah · Answer 1 · 2018-01-08T13:24:46.560

1

$_SERVER['HTTP_REFERER']

Most web browsers pass the HTTP_REFERER variable by default, but in many this behaviour can be changed to not show it or to pass something else instead. It cannot be trusted, but it is still useful...

edited Jan 08 '18 at 13:24

answered Jan 07 '18 at 23:08

hexYeah

1,040
2
14
24

score 1 · Answer 2 · answered Jan 09 '18 at 22:00

1

I have found this link that provides a solution for implementing CORS by PHP.

answered Jan 09 '18 at 22:00

sanik

11
2

Finding the source of a request that comes to our site

2 Answers2