Allow access from base domain only

I’ve done some looking and it appears that Caddy doesn’t use .htaccess but rather the rewrite function. I’m not using basicauth because I have set up another service that will handle auth (its actually GitHub - causefx/Organizr: HTPC/Homelab Services Organizer - Written in PHP). Therefore users won’t see links if they don’t login. What is would like to do is restrict direct access to specific directories and redirect to a /forbidden page, but allow them if a link was clicked from the root directory ex. Ping-pong.opendns.net. link clicked brings you to ping-pong.opendns.net/ball. But directly trying to navigate to ping-pong.opendns.net/ball redirects to /forbidden.

I’ve done a bunch of searching but I don’t understand the syntax of rewrite (kind of new, first webserver).

You can use if statements to conditionally rewrite based on a header. In this case it sounds like could use referer; it might look something like this:

example.com {
    rewrite / { # Secure the entire site
        if {path} not / # Except for the web root index
        if {>referer} not_has https://example.com/ # Only if referer isn't us
        to /forbidden
    }
    status 403 /forbidden
}

To secure specific resources, you’d need to specify multiple rewrite directives with multiple base paths.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.