First, nginx prohibit domain name, prohibit IP address access
There is a situation, if someone malicious resolution to your server, the relevant departments may be able to block your IP address (users have encountered). It is recommended that Nginx bindings only allow access to the specified domain name and do not allow IP addresses to be accessed (which is what many network rooms must do).
1, modify the default.conf file header several lines, for the following content:
[Email protected] ~]# Vi/usr/local/kk-mail/config/nginx/vhost/default.conf#denyserver {listen default; server_name _; return 444;} #kkmailserver {Listen 80; CharSet Utf-8; server_name mail.test.com.cn;
2. Restart Nginx Service
[Email protected] ~]#/etc/init.d/kkmail_nginx restart
3, Access testing with non-binding domain names and IPs
Second, Apache prohibits unbound domain names, disables access to IP addresses
HTTPD-VHOSTS.CONF is configured to have all unknown domain name access and direct IP access to a single virtual host, and the host is set to deny access. The
is accessed by a single virtual host for official domain access and is set to allow access. Note You must place the denied virtual host on the first one.
# virtual hosts# default host<virtualhost *:99> serveradmin unalloweddomain documentroot "/usr/local/kk-mail/data/www" ErrorLog "Logs/mail_error_log" CustomLog "Logs/mail_access_log" common <Directory "/usr/local/kk-mail/data/ www "> AllowOverride None require all denied </directory></virtualhost ><VirtualHost *:99> DocumentRoot "/usr/local/kk-mail/data/www" ServerName mail.test.com.cn ErrorLog "Logs/mail_error_log" CustomLog "Logs/mail_access_log" common <directory "/usr/local/kk-mail/data/www "> AllowOverride all require all granted </directory></ Virtualhost>
2. Restart Nginx Service
[Email protected] ~]#/etc/init.d/kkmail_apache restart
3. Access testing using a domain name and IP that are not bound
Nginx, Apache prohibit non-binding domain name, prohibit IP address access