Nginx prohibit IP access to allow domain access only
Source: Internet
Author: User
Today to set a ban on the Nginx IP access to the server, only through the domain name access, this is to avoid other people to the record of the domain name resolution to their own server IP and cause the server was disconnected from the network to the following solutions:
Nginx's default virtual host takes effect when a user accesses via IP or through an unnamed domain name (such as when someone points his own domain name to your IP)
The key point is to add this line to the server's settings:
Listen default;
The following default parameter indicates that this is the default virtual host.
This setting is very useful.
For example, when someone accesses your website via IP or unknown domain name, you want to suppress any valid content and return 500 to him.
At present, a lot of domestic computer rooms are required to shut down the main web site, to prevent the record of the domain name to cause trouble. You can set it this way:
server {
Listen default;
return 500;
}
You can also collect these traffic, import to their own website, as long as the following jump settings can be:
server {
Listen default;
Rewrite ^ (. *) http://www.exchangecn.com permanent;
}
==============================
After setting up, it is true that you cannot access the server through IP, but when server_name is followed by multiple domain names, one of the domain names cannot be accessed:
The settings are as follows:
Server
{
Listen 80;
server_name www. EXCHANGECN. com exchangecn. com
No changes were made before the WWW in server_name. EXCHANGECN. com exchangecn. com can access the server, after adding the Prohibit IP access settings, through EXCHANGECN. com can not access the server, www. EXCHANGECN. com can access
Detecting profiles with nginx-t prompts warning:
[Warn]: Conflicting server name "EXCHANGECN. com" on 0.0.0.0:80, ignored
The configuration file/usr/local/webserverinx/confinx.conf syntax is OK
Configuration file/usr/local/webserverinx/confinx.conf test is successful
Finally passed in listen default; then add server_name _; Resolve, form as follows:
#禁止IP访问
Server
{
Listen default;
server_name _;
return 500;
}
Or
server {
Listen Dufault;
server_name _;
Rewrite ^ (. *) http://www. EXCHANGECN. NET permanent;
}
In this way, through EXCHANGECN. com can access the server, the problem is solved, but the specific reason is still unclear.
Category: Nginx Successful share Tags: Ipnginx set 301 redirect March 2, 2010 Inginx No comment
The first case: access to a station to B station
server {
server_name www. EXCHANGECN. NET;
Rewrite ^ (. *) http://www. EXCHANGECN. com$1 permanent;
}
In the second case: not all redirects to the a station to the specified page
server {
server_name www. EXCHANGECN. NET;
if ($host!= ' EXCHANGECN. Net ') {
Rewrite ^/(. *) $ http://www. EXCHANGECN. com/$1 permanent;
}
}
If you write in the first server segment
will also be redirected when using IP access
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
