is it possible to forward all POST requests to a specific php file, would like to solve this with a .htaccess file? so that you can then continue to work accordingly?
Asked
Active
Viewed 229 times
2 Answers
0
Try this out in your .htaccess file:
RewriteCond %{REQUEST_METHOD} !=POST
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/)$
RewriteRule (.*)$ /$1/ [R=301,L]
mindmaster
- 1,828
- 12
- 22
-
I do not exclude the POST with "! ="? It is intended to protect against attacks from outside. and where can I adjust with you then, that it is directed to an extra file? sorry but I'm not that good at things .htaccess – Eric Laufer Feb 22 '19 at 13:01
0
If you want to redirect all POST requests to a specific file, then capture requests by REQUEST_METHOD flag. Let's say all requests should go to processPostData.php, then your .htaccess should look like below:
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^POST$ [NC]
RewriteRule !^processPostData\.php$ /processPostData.php [NC,L]
This also carry forwards all request data. If you wish to filter only genuine post requests(i.e, from your site only), then you can allow requests only from your site and limit user agents to only a browser.
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^yoursite\.com [NC]
RewriteCond %{HTTP_USER_AGENT} ^.*(mozilla|chrome|opera|safari|ie).+$ [NC] # you can add more agents here
RewriteCond %{REQUEST_METHOD} ^POST$ [NC]
RewriteRule !^processPostData\.php$ /processPostData.php [NC,L]
Note: This is still not a strong security policy to adopt. I suggest you to have a look at CSRF attacks for enforcing better security through tokens.
nice_dev
- 17,053
- 2
- 21
- 35