home page » System operation and maintenance » Prohibit access through Nginx IP

Prohibit access through Nginx IP

 
No comment   4614 views

Nginx prohibits IP access

When we use it, we will encounter many malicious IP attacks. At this time, Nginx will be used to prohibit IP access. Let's first see how Nginx's default virtual host takes effect when a user accesses through an IP or an unset domain name (for example, someone points his own domain name to your IP). The most important thing is to add this line to the server's settings:

 listen 80 default;

The following default parameter indicates that this is the default virtual host.

Nginx prohibits IP access, which is very useful.

For example, when someone visits your website via IP or an unknown domain name, if you want to prohibit the display of any valid content, you can return it to 500. At present, many computer rooms in China require the website owner to close the empty host header to prevent the domain name that has not been filed from pointing to it and causing trouble. You can set it as follows:

 server {  listen 80 default;  return 500;  }

You can also collect these traffic and import them to your own website, as long as you do the following jump settings:

 server {  listen 80 default;  rewrite ^(.*)  http://www.freeshadow.cn   permanent;  }

After the above settings, the server cannot be accessed through IP. However, when server_name is followed by multiple domain names, one domain name cannot be accessed. The settings are as follows:

 server {  listen 80;  server_name www.freeshadow.cn freeshadow.cn  }

Before the change, the server can be accessed through www.freeshadow.cn in server_name. After the setting of Nginx prohibiting IP access is added, the server cannot be accessed through freeshadow.cn, Www.freeshadow.cn can be accessed. When Nginx - t is used to detect the configuration file, warning will be prompted:

 [warn]: conflicting server name “freeshadow.cn” on 0.0.0.0:80,  ignored  the configuration file /usr/local/webserver/Nginx/conf/ Nginx.conf syntax is ok  configuration file /usr/local/webserver/Nginx/conf/Nginx. conf test is successful

Finally, click the "listen 80 default; Then add server_name _; The solution is as follows:

 #Disable IP access server {  listen 80 default;  server_name _;  server_name www.freeshadow.cn freeshadow.cn  return 500;  }

In this way, you can access the server through freeshadow.cn.

Original link: Prohibit access through Nginx IP , Please indicate the source for reprinting!

fabulous three