Advertisments

NGINX – Disable direct access (via http and https) to a website using IP address

Tuesday, May 01, 2018

For the requirements wherein direct access to a website using IP address has to be disabled/blocked, following steps can be followed

To disable/block direct access to IP for port 80 create a new or add to an existing (as required) server configurations as follows
server {
 listen 80 default_server;
 server_name _;
 return 404;
}
where _ catches all the domain names pointing to your server’s IP address and the configuration will block all traffic to your IP address (http://YOUR_IP_ADDRESS) by returning the default 404 Not Found Nginx page.
To disable/block direct access to IP for port 443 use the following in one of your server configurations block
if ($host != "example.com") {
 return 404;
}
example
server {
 listen 443 ssl;
 server_name example.com
 
 ssl_certificate /etc/nginx/ssl/example.com.crt;
 ssl_certificate_key /etc/nginx/ssl/example.com.key;

 if ($host != "example.com") {
  return 404;
 }
}
this will block all traffic to https://YOUR_IP_ADDRESS
Hope this helps!
This article was first published on the Knoldus blog.

You Might Also Like

0 comments

Like us on Facebook

Featured Post

Beginners guide to Deep Web or Darknet

UPDATED  on 12th May 2018 The "Deep Web" or "Darknet" is a collection of un-indexed pages, meaning you can't fin...