Apache - Only allow certain domains access to a Restful service

Posted by user18910 on Server Fault See other posts from Server Fault or by user18910
Published on 2012-12-06T09:45:54Z Indexed on 2012/12/06 11:08 UTC
Read the original article Hit count: 134

Filed under:

For certain Restful URIs I want to block certain domains from executing the requests. How can i do this with Apache? Is it possible

For example:

  1. www.nottrusted.com calls my Restful Api
  2. Apache identifies the request is coming from a non-authorized site
  3. Apache blocks the caller and returns a 401

Is this possible? Is it easy for someone one spoof the domain? If a request comes from server side code of nottrusted.com will Apache catch the request?

Thanks

© Server Fault or respective owner

Related posts about rest