NGINX – Disable direct access (via http and https) to a website using IP address

For the requirements wherein direct access to a website using IP address has to be disabled/blocked, following steps can be followed

To disable/block direct access to IP for port 80 create a new or add to an existing (as required) server configurations as follows

server {
 listen 80 default_server;
 server_name _;
 return 404;
}

where _ catches all the domain names pointing to your server’s IP address and the configuration will block all traffic to your IP address (http://YOUR_IP_ADDRESS) by returning the default 404 Not Found Nginx page.

Other NGINX blogs you might find useful

  1. NGINX – Load Balancing your application made simple
  2. NGINX – Redirecting traffic between www and non-www domain
  3. NGINX – Redirecting HTTP to HTTPS
  4. NGINX – Restrict access to Geographical Locations using GeoIP module
  5. NGINX – Easiest way to setup SSL on using .pfx files
  6. NGINX – Understanding and Setting up a reverse proxy server

To disable/block direct access to IP for port 443 use the following in one of your server configurations block

if ($host != "example.com") {
 return 404;
}

example

server {
 listen 443 ssl;
 server_name example.com
 
 ssl_certificate /etc/nginx/ssl/example.com.crt;
 ssl_certificate_key /etc/nginx/ssl/example.com.key;

 if ($host != "example.com") {
  return 404;
 }
}

this will block all traffic to https://YOUR_IP_ADDRESS

Hope this helps!

knoldus-advt-sticker

Written by 

Sidharth is a Lead Consultant, having experience of more than 4.5 years. He has started working on Scala and Clojure and is actively involved in other developmental work. He enjoys working in a team and believes that knowledge is something that should be shared openly and on a large scale. As an avid gamer and passionate player, he likes to be involved in both indoor and outdoor activities.

8 thoughts on “NGINX – Disable direct access (via http and https) to a website using IP address

Leave a Reply

%d bloggers like this: