Is it possible to detect an ajax request with Apache 2.4 for a mod_rewrite rule?

ajax mod-rewrite apache-2.4

Is it possible?

Trying to move my script security to the server-level.

With PHP, just check if $_SERVER['HTTP_X_REQUESTED_WITH'] is set to XMLHttpRequest (jQuery added).

I guess maybe a better question is, how can I add the X-Requested-With request header to a variable I can check with a mod_rewrite RewriteCond?


If you are setting the X-Requested-With HTTP request header as part of the "AJAX request" (as would be implied if you are seeing $_SERVER['HTTP_X_REQUESTED_WITH'] in PHP) then you can check this header directly with mod_rewrite.

For example, to serve a 403 Forbidden for any requests to the /scripts/ directory that do not have an X-Forwarded-With HTTP header set to XMLHttpRequest:

RewriteEngine On

RewriteCond %{HTTP:X-Requested-With} !=XMLHttpRequest
RewriteRule ^/?scripts/ - [F]

Related

How to convert BASH script to DASH or other solutions?
Set Apache Alias for specific ServerAlias
Redirect http url on port 5061 to https same port 5061 on apache
What, exactly, is the difference between "host only" and "LAN segment" in VMware?
Mac can be arpinged but not pinged
Unable to communicate with pacemaker host while authorising
"Windows cannot find the Microsoft Software License Terms" when installing Windows Server 2016 in a VM
apache2 sends corrupt responses when using a cifs-share
How do I check if Log4j is installed on my server?
Is there a way to stop the AWS Elasticsearch?
How to detect if ANY block is broken using command blocks in Minecraft
Do external coolers really help with noise?