For the requirements wherein direct access to a website using IP address has to be disabled/blocked, following steps can be followed
To disable/block direct access to IP for port 80 create a new or add to an existing (as required) server configurations as follows
server {
listen 80 default_server;
server_name _;
return 404;
}
where _ catches all the domain names pointing to your server’s IP address and the configuration will block all traffic to your IP address (http://YOUR_IP_ADDRESS) by returning the default 404 Not Found Nginx page.
To disable/block direct access to IP for port 443 use the following in one of your server configurations block
if ($host != "example.com") {
return 404;
}
example
server {
listen 443 ssl;
server_name example.com
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
if ($host != "example.com") {
return 404;
}
}
this will block all traffic to https://YOUR_IP_ADDRESS
Hope this helps!
This article was first published on the Knoldus blog.
No comments:
Post a Comment