We've got a client who wants to restrict access to their Actinic catalog based on refering URLs. So basically, if someone gets to their web site via a link on a specific web site, they are allowed into the catalog. Now, I've created a .htaccess file with mod_rewrite rules to do this, but it seems like the perl redirect scripts in Actinic are creating problems.
The private catalog is located: http://bcgroupintl.net which you can't view unless you follow a link on this page: http://darmedia.com/test.html. Now, once you're viewing that page, you will be able to click around a few of the links (Home, Service, News, Login at the top-right). But you'll notice that as soon as you follow one of the catalog links (Products, or any of the categories in the left sidebar) you'll hit a redirect page that denies you access.
Via some testing, I'm very confident that the problem is that somehow the script ss000001.pl in the cgi-bin is causing the problem by doing a redirect that does not have a referring URL, thus causing the Rewrite Rules in the htaccess to deny access.
Now, the client does not want to use user logins to restrict access, because they want to give access to a very large company, and they want to make sure that only customers from that company have access. They don't want to give one login to the whole company, because every time an employee left, they would need to change the password. And they don't want to set up individual logins for the employees of that company, because there are too many (I'm not sure how many, but it's a lot of hassle if there are more than a handful).
So, can anyone suggest a way to modify or edit that ss script so the redirects back into the HTML pages have a referring URL, or maybe an alternate solution for restricting access to the catalog?
Update:
I've just found out the client is running a newer version, specifically 8.5.2.1.0.0 HNPR
The private catalog is located: http://bcgroupintl.net which you can't view unless you follow a link on this page: http://darmedia.com/test.html. Now, once you're viewing that page, you will be able to click around a few of the links (Home, Service, News, Login at the top-right). But you'll notice that as soon as you follow one of the catalog links (Products, or any of the categories in the left sidebar) you'll hit a redirect page that denies you access.
Via some testing, I'm very confident that the problem is that somehow the script ss000001.pl in the cgi-bin is causing the problem by doing a redirect that does not have a referring URL, thus causing the Rewrite Rules in the htaccess to deny access.
Now, the client does not want to use user logins to restrict access, because they want to give access to a very large company, and they want to make sure that only customers from that company have access. They don't want to give one login to the whole company, because every time an employee left, they would need to change the password. And they don't want to set up individual logins for the employees of that company, because there are too many (I'm not sure how many, but it's a lot of hassle if there are more than a handful).
So, can anyone suggest a way to modify or edit that ss script so the redirects back into the HTML pages have a referring URL, or maybe an alternate solution for restricting access to the catalog?
Update:
I've just found out the client is running a newer version, specifically 8.5.2.1.0.0 HNPR
Comment