Of Stack

How does Nginx disable IP access

  • 2020-05-13 04:29:26
  • OfStack

Nginx prohibits access to IP

We will encounter a lot of malicious IP attacks when using Nginx, so we will use Nginx to disable IP. Here's a look at the default Nginx web host that works when the user accesses it via IP, or through an unset domain name (such as someone who points his own domain name to your ip). The key point is to add this line to the server Settings: 


listen 80 default;

The default parameter indicates that this is the default virtual host.

Nginx disabling IP access to this setting is useful.

For example, when someone visits your website through ip or unknown domain name, you want to prohibit the display of any valid content, so you can return him 500. Currently, many computer rooms in China require the website owner to close the empty host head, so as to prevent the unregistered domain name from pointing to you and causing trouble. You can set it like this: 


server { 
   listen 80 default; 
   return 500; 
  }

You can also collect this traffic and import it to your own website, as long as you do the following jump Settings: 


server { 
    listen 80 default; 
    rewrite ^(.*) http://www.mydomain.com permanent; 
  }

After following the above Settings, it is true that the server cannot be accessed through IP, but when it should be used, when server_name is followed by multiple domain names, one of them cannot be accessed at all. The Settings are as follows: 


server { 
    listen 80; 
    server_name www.abc.com abc.com 
  }

abc.com, www.abc.com, Nginx-t, Nginx-t, warning, www.abc.com, abc.com 


 [warn]: conflicting server name  " abc.com "  on 0.0.0.0:80, 
   ignored 
  the configuration file /usr/local/webserver/Nginx/conf/
   Nginx.conf syntax is ok 
  configuration file /usr/local/webserver/Nginx/conf/Nginx.
   conf test is successful

Finally by listen 80 default; And then server_name _; The solution is as follows: 


 # ban IP access  
  server { 
    listen 80 default; 
    server_name _; 
    server_name www.abc.com abc.com 
    return 500; 
  }

In this way, the server can be accessed through abc.com.

Thank you for reading, I hope to help you, thank you for your support of this site!

Related articles: