nginx和apache下禁止IP访问80和443,但域名能访问

分类:Apache,Nginx,工作记 | 作者:凹凸曼 | 发表于2019/02/14 nginx和apache下禁止IP访问80和443,但域名能访问已关闭评论

最近对公网IP访问网站,进行关停IP访问处理, 采用域名访问。多数站点采用 nginx 及少量apache,具体配置修改如下:

一、nginx配置文件nginx.conf加入

#只是关闭访问IP 80
 server{
        listen  80 default;
        server_name _;
        return 403;
        }
#关闭访问IP 80和443
server{
        listen  80 default;
        listen  443 default;
        server_name _;
        return 403;
        #ssl证书
        ssl_certificate *.crt;
        ssl_certificate_key *.key;
        ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        }

二、apache 2.2和apache 2.4 配置文件http.conf加入

#只是关闭访问IP 80

NameVirtualHost *:80
<VirtualHost *:80>
    DocumentRoot /var/www/html
    ServerName 125.64.41.206
<Directory "/var/www/html">
      Options FollowSymLinks ExecCGI
      AllowOverride All
      Order allow,deny
      deny from all
     # apache 2.4 下替换上 两行 (Order allow,deny  deny from all)
     # Require all denied
  </Directory>
</VirtualHost>

#关闭访问IP 80和443

NameVirtualHost *:443
<VirtualHost *:443>
    DocumentRoot /var/www/html
    ServerName 125.64.41.206
    SSLEngine on
    #ssl证书
    SSLCertificateFile *.cer
    SSLCertificateKeyFile *.key
    SSLCertificateChainFile *.crt
<Directory "/var/www/html">
      Options FollowSymLinks ExecCGI
      AllowOverride All
      Order allow,deny
      deny from all
     # apache 2.4 下替换上 两行 (Order allow,deny  deny from all)
     # Require all denied
  </Directory>
</VirtualHost>
#下面就配置正常域名就行了
<VirtualHost *:80>
DocumentRoot /home/www/
ServerName www.apoyl.com
</VirtualHost>

文出自 “凹凸曼” 博客,请务必保留此出处 http://www.apoyl.com/?p=2359

Tag:

日志信息 »

该日志于2019-02-14 15:49由 凹凸曼 发表在Apache, Nginx, 工作记分类下, 评论已关闭。

目前盖楼

抱歉,评论被关闭

« »