Block requests from other domains with htaccess

⛔️ Not allowed!

If you would like to set the allowed origin for AJAX requests in your apache environment you can use the following .htaccess file snippet.

<IfModule mod_headers.c>
 <FilesMatch "\.(html|php)$">
  SetEnvIf Origin "https://www.YourDomain.com" AccessControlAllowOrigin=$0
  Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
  Header set Access-Control-Allow-Credentials true
 </FilesMatch>
</IfModule>Code language: HTML, XML (xml)

Update

The snippet above seems to no longer work with my Apache setup. This one now works:

Header set Access-Control-Allow-Origin "https://yourDomain.com"Code language: JavaScript (javascript)

Leave a Reply

Your email address will not be published. Required fields are marked *