Prevent malicious parsing-prohibit direct access to the Web site via IP

Source: Internet
Author: User

What is malicious parsing?

In general, to make the domain name can access to the site requires two steps, the first step, the domain name resolves to the host site, the second step, in the Web server to bind the domain name with the corresponding site. However, if the host IP can directly access a website, then the domain name resolution to the IP will also be able to access the site, without binding on the host, that is, anyone will be any domain name resolution to this IP can access to this site. Maybe you don't mind accessing your website through someone else's domain name, but what if the domain name is not filed? Once found, the consequences of IP, wire extraction, and even fines are required to be borne by you. Some people with ulterior motives, by resolving the non-filing domain name to someone else's host, make it suffer losses, this is a new attack means

Apache Settings How to disable the use of IP access to Web sites

When using Apache to build a Web server, how to think only through the set of domain access, but not directly through the server's IP address access, there are two ways to achieve (certainly there will be other methods can be implemented), are implemented by modifying the httpd.conf file, as illustrated below.

Method One: In the last side of the httpd.conf file, add the following code
Namevirtualhost 221.*.*.*
<virtualhost 221.*.*.*>
ServerName 221.*.*.*
<location/>
Order Allow,deny
Deny from all
</Location>
</VirtualHost>
 
<virtualhost 221.*.*.*>
DocumentRoot "/www/web"
ServerName www.phpzixue.cn
</VirtualHost>
Description: The blue section is the implementation of any access request that denies the IP directly through 221.*.*.*, at which point if you use 221.*.*.* access, you will be prompted to deny access. The red part is allowed through the www.phpzixue.cn domain access, the home directory points to/www/web (this assumes that your site's root directory is/www/web)

Method Two: On the last side of the httpd.conf file, add the following code
Namevirtualhost 221.*.*.*
<virtualhost 221.*.*.*>
DocumentRoot "/www/test"
ServerName 221.*.*.*
</VirtualHost>
 
<virtualhost 221.*.*.*>
DocumentRoot "/www/web"
ServerName www.phpzixue.cn
</VirtualHost>
Description: The blue part is the direct access through the 221.*.*.* of the request to the/www/test directory, this can be an empty directory, you can also build a home page file, such as INDEX.HMTL, the first file content can be a statement, stating that cannot be directly accessed through the IP. The red part has the same meaning as method one.
Note: You will need to restart Apache after modification


This article is from "This is My Freedom" blog, please be sure to keep this source http://sasyun.blog.51cto.com/8709212/1530833

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.