Nginx Configuration for Domain-Only Web Access

Nginx Configuration for Domain-Only Web Access

6月 2, 2018 · 1 分钟阅读时长 · 159 字 · -阅读 -评论
Deployment Operations

After DNS resolution configuration, we achieved domain access to WEB, but our WEB deployment server IP is visible, users can also access WEB via IP, this creates two problems

  1. If users always access via our IP, like if we change server机房 etc., IP will change, causing access failures.
  2. If they maliciously resolve their own domain to our WEB, it’s also possible So it’s necessary to set up to prohibit IP access to our WEB, only support specified domain access.

Specific Configuration

Below is my Nginx configuration for a WEB https://tool.alan.me

Configure Specified Domain Service

server {
       listen       443 ssl;
       server_name  tool.alanhe.me;

        ssl on;
        ssl_certificate "/etc/nginx/ssl/fullchain.cer";
        ssl_certificate_key "/etc/nginx/ssl/tool.alanhe.me.key";
      ...  
  }

Add Default Service Configuration

 server {
        listen 443 default_server ssl;
        server_name _;
        ssl on;
        ssl_certificate      /etc/nginx/ssl/fullchain.cer;
        ssl_certificate_key  /etc/nginx/ssl/tool.alanhe.me.key;
        return       403;
}

After configuration complete, restart service Nginx configuration nginx s- reload.

Effect

When we access via IP

When we access via specified domain

Deployment Operations
Alan H
Authors
Alan H
开发者,数码产品爱好者,喜欢折腾,喜欢分享,喜欢开源

相关