Nginx is forbidden to access the website directly via IP address

Source: Internet
Author: User
Tags nginx server

Introduction under the Nginx server prohibit direct access to the site through the IP address method to avoid others malicious pointing to their own IP, the need for a friend reference.

Sometimes encounter a lot of malicious IP attacks, under Nginx can prohibit IP access.

Nginx's default virtual host is added to the server's settings by accessing the user via IP, or through an unassigned domain name:

Copy Codecode example: Listen default;

This is the default virtual host, which is indicated in the following default parameter.

Nginx Disable IP Access this setting is useful.

For example, when someone accesses your website through an IP or unknown domain name, and wants to suppress any valid content, you can return 500 to him.

At present, many computer rooms are required to shut down the main web site host head, to prevent the non-filing of the domain name pointing over the cause of trouble.

Set up:

Copy Codecode example: server {
Listen default;
return 500;
}

You can also collect these traffic and import them to your website, just make the following jump settings:

Copy Codecode example: server {
Listen default;
Rewrite ^ (. *) http://www.mydomain.com permanent;
}

According to the above settings, it is not possible to access the server through the IP, but should be in use when the server_name followed by multiple domain names, one of the domain name can not be accessed, set the following:

Copy Codecode example: server {
Listen 80;
server_name www.example.com example.com
}

Before the change, through the server_name in the www.example.com example.com can access the server, add nginx prohibit IP access settings, The server cannot be accessed through example.com, www.example.com can be accessed, and the nginx-t detection configuration file will prompt warning:

[Warn]: Conflicting server name "example.com" on 0.0.0.0:80,
Ignored
The Configuration file/usr/local/nginx/conf/
nginx.conf syntax is OK
Configuration File/usr/local/nginx/conf/nginx.
Conf Test is successful

Finally through the listen in the default, and then add server_name _, solve the form as follows:

Copy Codecode example: #禁止IP访问
server {
Listen default;
server_name _;
server_name www.example.com example.com
return 500;
}

This way, you can access the server through example.com.

The above describes the Nginx server directly through the IP address of the method of access to the site, we hope to help.

Nginx is forbidden to access the website directly via IP address

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.