您忘了换行

RewriteCond %{HTTP_REFERER} !aloweddomain.com [OR]
RewriteCond %{QUERY_STRING} !=sessionid=XXXXX
RewriteRule .* /desiredpage.php? [R=301,L]

这将重定向所有的URL不来自aloweddomain.com或者没有QUERY_STRING。我算了一下 [OR] 如果有，也不 [OR] 然后再这两个条件必须是真实的。

This will redirect all url's that don't came from aloweddomain.com or don't have Query_String. I forget about [OR] if there is nor [OR] then then the two conditions must be true.

如果desiredpage.php很简单，即表明您不能访问该网站，然后页面，您可以把403禁止，而不是重定向

and if desiredpage.php is simply page that show that you can't access the site then you can put 403 Forbidden instead of redirect

RewriteRule .* - [F,L]

如果您想从AJAX或自定义域调用它。

If you want to call it from AJAX or custom domain.

if (preg_match('/domain.com/', $_SERVER['HTTP_REFERER']) || 
    $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
   // allowed
   header('Location: http://www.mydomain.com/desiredpage.php');
} else {
   // not allowed
   header('Location: http://www.mydomain.com/otherpage.php');
}

$ C $下 desiredpage.php

if (!(preg_match('/domain.com/', $_SERVER['HTTP_REFERER']) ||
    $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest')) {
   header('Location: http://www.mydomain.com/otherpage.php');
}