allowing access to the webserver only with android

Asked

Viewed 46 times

0

Guys I have a folder on my site called webserver, within it I have several php files that mount the json that is sent to my app that I am mounting. However I wanted to block this folder so that it is not accessed by any browser, only by android. This is possible to be done via htacess?

Today I configured my htacess not to list any files inside the folder, I did it as follows:

Options -Indexes

1 answer

1

For android detection, using htaccess try:

RewriteEngine On

RewriteCond %{HTTP_USER_AGENT} "android" [NC]
RewriteRule ^(.*)$ /android/$1 [L,QSA] # redirect aqui

RewriteCond %{HTTP_USER_AGENT} "iphone|ipod|ipad|windows" [NC] # redirecao para os outros
RewriteRule ^(.*)$  http://YOU_SHALL_NOT_PASS/$1 [L,QSA]

But you said you had some php files. I would take advantage of that, and put a first file with that, this file would be the first to be read by the server:

$useragent = $_SERVER['HTTP_USER_AGENT'];
$devicesAllowed = array('android' => 'http://www.android.com'); // aqui colocamos os 'aparelhos' admitidos, neste caso é só android com os respetivos url para redireção
foreach($devicesAllowed as $device => $url) {
    if(strpos($useragent, $device) !== false) {
        header('Location:' .$url);
    }
}
header('Location: YOU SHALL NOT PASS'); // redireção para os outros clientes (ios, desktop etc...)

Note that on the client side we can fake this, there are even plugins/add-ons for browsers to do this. Do not count as 100%

Browser other questions tagged

You are not signed in. Login or sign up in order to post.