Nginx Configuration for Domain-Only Web Access
·
1 min read
After DNS resolution configuration, we achieved domain access to WEB, but our WEB deployment server IP is visible, users can also access WEB via IP, this creates two problems
- If users always access via our IP, like if we change server机房 etc., IP will change, causing access failures.
- If they maliciously resolve their own domain to our WEB, it’s also possible So it’s necessary to set up to prohibit IP access to our WEB, only support specified domain access.
Specific Configuration
Below is my Nginx configuration for a WEB https://tool.alan.me
Configure Specified Domain Service
server {
listen 443 ssl;
server_name tool.alanhe.me;
ssl on;
ssl_certificate "/etc/nginx/ssl/fullchain.cer";
ssl_certificate_key "/etc/nginx/ssl/tool.alanhe.me.key";
...
}
Add Default Service Configuration
server {
listen 443 default_server ssl;
server_name _;
ssl on;
ssl_certificate /etc/nginx/ssl/fullchain.cer;
ssl_certificate_key /etc/nginx/ssl/tool.alanhe.me.key;
return 403;
}
After configuration complete, restart service Nginx configuration nginx s- reload.
Effect
When we access via IP
When we access via specified domain
