抱歉,评论被关闭
nginx和apache下禁止IP访问80和443,但域名能访问
最近对公网IP访问网站,进行关停IP访问处理, 采用域名访问。多数站点采用 nginx 及少量apache,具体配置修改如下:
一、nginx配置文件nginx.conf加入
#只是关闭访问IP 80
server{
listen 80 default;
server_name _;
return 403;
}
#关闭访问IP 80和443
server{
listen 80 default;
listen 443 default;
server_name _;
return 403;
#ssl证书
ssl_certificate *.crt;
ssl_certificate_key *.key;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}二、apache 2.2和apache 2.4 配置文件http.conf加入
#只是关闭访问IP 80
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /var/www/html
ServerName 125.64.41.206
<Directory "/var/www/html">
Options FollowSymLinks ExecCGI
AllowOverride All
Order allow,deny
deny from all
# apache 2.4 下替换上 两行 (Order allow,deny deny from all)
# Require all denied
</Directory>
</VirtualHost>
#关闭访问IP 80和443
NameVirtualHost *:443
<VirtualHost *:443>
DocumentRoot /var/www/html
ServerName 125.64.41.206
SSLEngine on
#ssl证书
SSLCertificateFile *.cer
SSLCertificateKeyFile *.key
SSLCertificateChainFile *.crt
<Directory "/var/www/html">
Options FollowSymLinks ExecCGI
AllowOverride All
Order allow,deny
deny from all
# apache 2.4 下替换上 两行 (Order allow,deny deny from all)
# Require all denied
</Directory>
</VirtualHost>
#下面就配置正常域名就行了
<VirtualHost *:80>
DocumentRoot /home/www/
ServerName www.apoyl.com
</VirtualHost>文出自 “凹凸曼” 博客,请务必保留此出处 http://www.apoyl.com/?p=2359
目前盖楼
