NGINX – Disable direct access (via http and https) to a website using IP address


For the requirements wherein direct access to a website using IP address has to be disabled/blocked, following steps can be followed

To disable/block direct access to IP for port 80 create a new or add to an existing (as required) server configurations as follows

server {
 listen 80 default_server;
 server_name _;
 return 404;
}

where _ catches all the domain names pointing to your server’s IP address and the configuration will block all traffic to your IP address (http://YOUR_IP_ADDRESS) by returning the default 404 Not Found Nginx page.

Other NGINX blogs you might find useful

  1. NGINX – Load Balancing your application made simple
  2. NGINX – Redirecting traffic between www and non-www domain
  3. NGINX – Redirecting HTTP to HTTPS
  4. NGINX – Restrict access to Geographical Locations using GeoIP module
  5. NGINX – Easiest way to setup SSL on using .pfx files

To disable/block direct access to IP for port 443 use the following in one of your server configurations block

if ($host != "example.com") {
 return 404;
}

example

server {
 listen 443 ssl;
 server_name example.com
 
 ssl_certificate /etc/nginx/ssl/example.com.crt;
 ssl_certificate_key /etc/nginx/ssl/example.com.key;

 if ($host != "example.com") {
  return 404;
 }
}

this will block all traffic to https://YOUR_IP_ADDRESS

Hope this helps!

knoldus-advt-sticker

This entry was posted in Devops and tagged , , . Bookmark the permalink.

5 Responses to NGINX – Disable direct access (via http and https) to a website using IP address

  1. Pingback: NGINX – Load Balancing your application made simple | Knoldus

  2. Pingback: NGINX – Redirecting traffic between www and non-www domain | Knoldus

  3. Pingback: NGINX – Restrict access to Geographical Locations using GeoIP module | Knoldus

  4. Pingback: NGINX – Easiest way to setup SSL on using .pfx files | Knoldus

  5. Pingback: NGINX – Redirecting HTTP to HTTPS | Knoldus

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s