Home > Software design >  How to block access to the site if the user is not using the domain, but only through a public IP?
How to block access to the site if the user is not using the domain, but only through a public IP?

Time:12-14

I have a public IP where my site is hosted(VPS), then I use Nginx docker and some backend, then I proxy the domain through Cloudflare to my public IP, everything works fine but I noticed that Nginx lets the site by IP although I have server_name set in the Nginx config. This is not safe for me, so I am asking you.

nginx.conf

server {
    listen 80;
    listen [::]:80;

    server_name example.com www.example.com;

    gzip on;
    gzip_disable "msie6";
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml rss text/javascript;

    location / {
            proxy_pass http://nodejs:3000;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

I have a suspicion that the server_name directive inside docker simply does not work, am I right?

CodePudding user response:

you just need to add this fragment to the beginning of the code:

server {
  listen 80 default_server;
  return 444;
}
  • Related