http-referer - Read For Learn

Determining Referer in PHP

The REFERER is sent by the client’s browser as part of the HTTP protocol, and is therefore unreliable indeed. It might not be there, it might be forged, you just can’t trust it if it’s for security reasons. If you want to verify if a request is coming from your site, well you can’t, but … Read more

How to use $_SERVER[‘HTTP_REFERER’] correctly in php?

I wouldn’t recommend using HTTP_REFERER: It’s fairly simple to manipulable in browser. Some users might have security settings in their browser to not send this header at all. It’s not accessible over HTTPS. Some proxies strip this header from the request Added – See answer to this quesion As Charlotte Dunois stated in the comment, … Read more