How to Secure Your Laravel Project to Run Exclusively on a Specific Domain

To protect your Laravel project so that it can only run on a specific domain, you can implement domain-specific validation within your application. Here are some steps to achieve this:

1. Environment Configuration

First, define the allowed domain in your .env file. Add a new variable:

APP_NAME='eventmotoshare'

2. Middleware for Domain Check

Create a middleware to check the domain.

Create Middleware

Run the following Artisan command to create a middleware:

php artisan make:middleware DomainCheck

Middleware Logic

Edit the generated middleware file app/Http/Middleware/DomainCheck.php to include the domain check logic:

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class DomainCheck
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        $allowedDomain = env('APP_NAME');

        if ($request->getHost() !== $allowedDomain) {
            abort(403, 'Unauthorized action.');
        }

        return $next($request);
    }
}

3. Register Middleware

Register the middleware in app/Http/Kernel.php under the web middleware group:

protected $middlewareGroups = [
    'web' => [
        // Other middleware,
        \App\Http\Middleware\DomainCheck::class,
    ],

    'api' => [
        // Other middleware
    ],
];