Prevent malicious parsing-prohibit direct access to the Web site via IP

What is malicious parsing?

In general, to make the domain name can access to the site requires two steps, the first step, the domain name resolves to the host site, the second step, in the Web server to bind the domain name with the corresponding site. However, if the host IP can directly access a website, then the domain name resolution to the IP will also be able to access the site, without binding on the host, that is, anyone will be any domain name resolution to this IP can access to this site. Maybe you don't mind accessing your website through someone else's domain name, but what if the domain name is not filed? Once found, the consequences of IP, wire extraction, and even fines are required to be borne by you. Some people with ulterior motives, by resolving the non-filing domain name to someone else's host, make it suffer losses, this is a new attack means

Apache Settings How to disable the use of IP access to Web sites

When using Apache to build a Web server, how to think only through the set of domain access, but not directly through the server's IP address access, there are two ways to achieve (certainly there will be other methods can be implemented), are implemented by modifying the httpd.conf file, as illustrated below.

Method One: In the last side of the httpd.conf file, add the following code
Namevirtualhost 221.*.*.*
<virtualhost 221.*.*.*>
ServerName 221.*.*.*
<location/>
Order Allow,deny
Deny from all
</Location>
</VirtualHost> 　
<virtualhost 221.*.*.*>
DocumentRoot "/www/web"
ServerName www.phpzixue.cn
</VirtualHost>
Description: The blue section is the implementation of any access request that denies the IP directly through 221.*.*.*, at which point if you use 221.*.*.* access, you will be prompted to deny access. The red part is allowed through the www.phpzixue.cn domain access, the home directory points to/www/web (this assumes that your site's root directory is/www/web)

Method Two: On the last side of the httpd.conf file, add the following code
Namevirtualhost 221.*.*.*
<virtualhost 221.*.*.*>
DocumentRoot "/www/test"
ServerName 221.*.*.*
</VirtualHost> 　
<virtualhost 221.*.*.*>
DocumentRoot "/www/web"
ServerName www.phpzixue.cn
</VirtualHost>
Description: The blue part is the direct access through the 221.*.*.* of the request to the/www/test directory, this can be an empty directory, you can also build a home page file, such as INDEX.HMTL, the first file content can be a statement, stating that cannot be directly accessed through the IP. The red part has the same meaning as method one.
Note: You will need to restart Apache after modification

This article is from "This is My Freedom" blog, please be sure to keep this source http://sasyun.blog.51cto.com/8709212/1530833