PHP If Script is being fetched by URL...

Question

Hello,

I have an RSS feed, users will be using it to rip content to display on there site. However I need todo a check that the site doing so has access.

Its just occurred to me that I have no idea in PHP how to detect if the script is being read by a server and what the URL is of the fetch.

Is it possible?

Answer 1

It is possible to tell the IP address of the fetching server using $_SERVER["REMOTE_ADDR"]. Whether anything else is possible to tell depends on the methods your users use to "rip" the feed.

Answer 2

Strictly speaking it is not, unless the server/client goes to lengths to identify themselves (HTTP authentication, custom header, data provided in a POST request, etc.).

Answer 3

The best approaches for this are...

1. Give each rss reader it's own key (or maybe even login, password). You'll be sure that nobody can read your RSS without key.
2. You can allow reading rss only from ips from allowed list.
3. Checking referer, but it's not a good idea, because referer could be faked as well as any HTTP header.

Answer 4

$_SERVER["REMOTE_ADDR"] gives you the IP of the requesting server. By checking this you could implement a basic access control check.