Languages: English • Sending Referrers 日本語 (Add your language)
Your WordPress installation checks sending referrers as a basic form of security to protect your admin area from unauthorized users; disabling it in your WP install would be a bad idea.
Whenever you want to write a new post, make changes to your blog's layout, or perform any other administrative task, WordPress requires you to log in to a protected admin area. (You log in by submitting the user name and password given to you at the end of installation.) The log in acts as a basic security measure, protecting your blog's admin options from being accessed by unauthorized users.
Once WordPress has identified you as an authorized user with permission to make changes, you can access any of the protected admin options. All the pages within the admin area remain secure, without the nuisance of your having to log in to each page individually. Any additional admin page you choose can verify your status by checking to see which page you just came from.
It does this by checking the referrer that the browser passes to it.
As an example, let's say you are on the main page at www.wordpress.org and you click the link to Get Firefox. Although you can't see it, when you get to the Firefox page, the browser tells the new page which page you just came from. This information is called the 'referrer.' If you have any sort of statistics program or script that monitors traffic to your site, the information it reports to you has been compiled from the referrers.
Those of us who use WordPress and are familiar with its structure know where the file post.php is most likely to be on other WordPress sites, yet we can't go blogging freely across any WordPress site. Even though we know where to look for the page, if we try to access it we will be redirected. This happens because the referrer information the browser supplies to the page shows that you have not successfully logged in.
Unfortunately, there may not be simple straight forward answer. Listed below are methods to enable this function, so please check both what is listed for your browser and also your firewall.
If the program you use is not listed, study what is given for the others - the principle is the same throughout, it is just the method which differs between programs.
I had the same problem, so I went into the cpanel of my server, then to phpMyAdmin, and brought up the WordPress tables, found and edited the wp-options to include the /wordpress/ folder in the url. That did the trick.
This can be done from the computer's Control Panel > Internet Options, or from within the browser Tools > Internet Options.
This has only altered settings for your website and this does not otherwise affect your browsing.
RefControl
Use the RefControl extention for Firefox: https://addons.mozilla.org/firefox/953/
Manually Setting
Warning: this method may be considered as a privacy risk as all sites will receive referers.
See http://kb.mozillazine.org/Network.http.sendRefererHeader for more information.
Sending referrers is enabled by default.
If you have disabled it, go to Tools > Preferences > Privacy and re-enable it.
Sending referrers is enabled by default.
If you have disabled it, go to Tools > Privacy > Block referrers (if already checked)
Go to Privacy Control > Advanced > Add Site.
Add your URL (ie. example.com) and make sure everything is permitted.
Some web pages require referrer information before allowing you to view their page. If you want to allow referrer information to pass to a particular web page, you must create a rule for it.
To Create a Rule
Open Norton Internet Security or Norton Personal Firewall and choose one of the following:
In Norton Internet Security/Norton Personal Firewall 2003
In Norton Internet Security/Norton Personal Firewall 2004
Go to Privacy > Surf > Information Hiding, and uncheck the "Last Web site visited" box.
The free version of this firewall does not block sending referrers.
The Pro version:
Click Tools > Options > Security
Ensure that 'enable stealth mode browsing' is unchecked.
Turn ON the HTTP referrer under the privacy tab of web filtering.
This might apply to other local proxy servers and ad busters. There is a "+hide-referrer" option that defaults to "forge a url" in the referral header; either disable this option in default.action (-hide-referrer) or simply place your domain in the { fragile } section of user.action. Another option is to exclude your domain from being proxied in your web browser's setings.
If the methods outlined above fail to resolve the problem, there are a few other possible solutions: