Of Stack

How does CentOS and Nginx disable IP access

  • 2020-05-12 06:37:48
  • OfStack

Let's first look at the default Nginx virtual host that works when the user accesses it via IP, or through an unset domain name (such as someone who points his own domain name to your ip). The key point is to add this line to the server Settings: 


 listen 80 default;

At the back of the default The parameter indicates that this is the default virtual host.

Nginx disabling IP access to this setting is useful.

For example, when someone visits your website through ip or unknown domain name, you want to prohibit the display of any valid content, so you can return 500 to him. Currently, many computer rooms in China require the website owner to close the empty host head, so as to prevent the unregistered domain name from pointing to you and causing trouble.

You can set it like this: 


 server {   listen 80 default;   return 500;  }

You can also collect this traffic and import it to your own website, as long as you do the following jump Settings: 


 server {   listen 80 default;   rewrite ^(.*) http://www.mydomain.com permanent;  }

Following the above setup, you can no longer access the server via IP, but it does appear to be used when server_name When followed by multiple domains, why can't one domain name be accessed

The Settings are as follows: 


 server {   listen 80;   server_name www.abc.com abc.com  }

Before the change, the server was accessible through server_name www.abc.com abc.com. The server was not accessible through abc.com after Nginx was added to disable IP access Nginx -t The detection profile will prompt warning: 


 [warn]: conflicting server name  " abc.com "  on 0.0.0.0:80,  ignored  the configuration file /usr/local/webserver/Nginx/conf/  Nginx.conf syntax is ok  configuration file /usr/local/webserver/Nginx/conf/Nginx.  conf test is successful

Finally through the listen 80 default; After add server_name _; To solve

The form is as follows: 


 # ban IP access   server {   listen 80 default;   server_name _;   server_name www.abc.com abc.com   return 500;  }

This way, the server can be accessed via abc.com.

conclusion

Related articles: