Block requests from other domains with htaccess

โ›”๏ธ Not allowed!

If you would like to set the allowed origin for AJAX requests in your apache environment you can use the following .htaccess file snippet.

<IfModule mod_headers.c> <FilesMatch "\.(html|php)$"> SetEnvIf Origin "https://www.YourDomain.com" AccessControlAllowOrigin=$0 Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin Header set Access-Control-Allow-Credentials true </FilesMatch> </IfModule>

Update

The snippet above seems to no longer work with my Apache setup. This one now works:

Header set Access-Control-Allow-Origin "https://yourDomain.com"

Leave a Reply

Add <code> Some Code </code> by using this tags.

*
*