How to Secure Your Laravel Project to Run Exclusively on a Specific Domain

To protect your Laravel project so that it can only run on a specific domain, you can implement domain-specific validation within your application. Here are some steps to achieve this:

1. Environment Configuration

First, define the allowed domain in your .env file. Add a new variable:

APP_NAME='eventmotoshare'

2. Middleware for Domain Check

Create a middleware to check the domain.

Create Middleware

Run the following Artisan command to create a middleware:

php artisan make:middleware DomainCheck

Middleware Logic

Edit the generated middleware file app/Http/Middleware/DomainCheck.php to include the domain check logic:

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class DomainCheck
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
$allowedDomain = env('APP_NAME');

if ($request->getHost() !== $allowedDomain) {
abort(403, 'Unauthorized action.');
}

return $next($request);
}
}

3. Register Middleware

Register the middleware in app/Http/Kernel.php under the web middleware group:

protected $middlewareGroups = [
'web' => [
// Other middleware,
\App\Http\Middleware\DomainCheck::class,
],

'api' => [
// Other middleware
],
];