Today, we want to set up on Nginx to prohibit access to the server through IP addresses, but only through domain names. this is to prevent others from resolving the domain names not filed to their own server I
Today, we need to set up on Nginx to prohibit access to the server through IP addresses, but only through domain names. this is done to prevent unauthorized domain names from being resolved to their own server IP addresses, resulting in server network disconnection, find the following solutions on the network:
====================================
The default virtual host of nginx takes effect when the user accesses it through an IP address or through an unspecified domain name (for example, someone points his own domain name to your ip address ).
The most important thing is to add this line in the server settings:
Listen 80 default;
The following default parameter indicates that this is the default virtual host.
This setting is very useful.
For example, if you want to disable the display of any valid content when someone accesses your website through an ip address or an unknown domain name, you can return 500 to someone else.
At present, many data centers in China require the website owner to disable the empty host header to prevent troubles caused by domain names not filed. You can set it as follows:
Server {
Listen 80 default;
Return 500;
}
You can also collect the traffic and import it to your website. you only need to perform the following redirect settings:
Server {
Listen 80 default;
Rewrite ^ (. *) http://www.mydomain.com permanent;
}
According to the above settings, the server cannot be accessed through an IP address. However, when server_name is followed by multiple domain names, one of them cannot be accessed:
The settings are as follows:
Server
{
Listen 80;
Server_name www.abc.com abc.com
...
}
Before modification, you can access the server through www.abc.com abc.com in server_name. after adding the settings to prohibit IP access, you cannot access the server through abc.com, and www.abc.com can access the server.
If you use nginx-t to check the configuration file, the following prompt is displayed:
[Warn]: conflicting server name "abc.com" on 0.0.0.0: 80, ignored
The configuration file/usr/local/webserver/nginx/conf/nginx. conf syntax is OK
Configuration file/usr/local/webserver/nginx/conf/nginx. conf test is successful
Finally, the solution is solved by adding server_name _; after listen 80 default;. the format is as follows:
# Prohibit IP access
Server
{
Listen 80 default;
Server_name _;
Return 500;
}
Or
Server {
Listen 80 dufault;
Server_name _;
Rewrite ^ (. *) http://www.inginx.com permanent;
}
In this way, the server can be accessed through abc.com, and the problem is solved, but the specific reason is still unclear.