TypechoJoeTheme

Dcr163的博客

统计

网站页面
类目归类
标签搜索
日志

nginx配置只允许域名访问,禁止ip访问80,443端口

2020-06-16
/
0 评论
/
1,114 阅读
/
正在检测是否收录...
06/16

一、背景

在对服务器做更新的时候,发现访问服务器IP的80端口,就自动跳转到我的网站上,这点对于强迫症患者来说万万不能忍!!!

二、解决方法

先来配置80端口的

打开Nginx的配置文件:

#vi /usr/local/nginx/conf/nginx.conf
增加以下代码片段

server    {
        listen 80 default;
        return 403;
    }

配置如下图所示:


image.png


最后重载配置即可
配置完成后效果如下


image.png

以上代码是针对80端口的,如果跟我一样配置了https(443端口)的话,需要再加点东西

配置80 443端口一起的
server    {
        listen 80 default;
        listen 443 default_server;
        server_name _;
        return 403;#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
    #error_page 404/404.html;
    ssl_certificate    /etc/letsencrypt/live/0ne0ne.com/fullchain.pem;
        ssl_certificate_key    /etc/letsencrypt/live/0ne0ne.com/privkey.pem;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM- 
        SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 10m;
        error_page 497  https://$host$request_uri;
   #SSL-END
    }

为什么要加上ssl证书的配置

Nginx 上对于 SSL 服务器在不配置证书的时候会出现协议错误,哪怕端口上配置了其他网站也会报错。解决方法就是随便生成一个证书填进去就好。

就是说443端口如果也跟80端口那样子的配置,使用https方式访问正常的域名也会被拒绝连接。
配置如下图所示:


image.png


最后重载配置即可
配置完成后效果如下:


image.png


域名访问正常




链接:https://www.jianshu.com/p/c632e98468cd
来源:简书


朗读
赞(0)
版权属于:

Dcr163的博客

本文链接:

http://dcr163.cn/250.html(转载时请注明本文出处及文章链接)

评论 (0)
503 文章数
60 评论量

人生倒计时

今日已经过去小时
这周已经过去
本月已经过去
今年已经过去个月

热门文章

最新回复

  1. slot mpo terbaru
    2025-02-08

    I believe everything said was very reasonable.
    However, think about this, what if you added a little information? I
    mean, I don't want to tell you how to run your website, however suppose you added a title that grabbed folk's attention? I mean 个人介绍 -
    Dcr163的博客 is kinda vanilla. You might peek at Yahoo's home page and watch how they create post titles to get people to open the links.
    You might try adding a video or a related picture or two
    to get readers excited about everything've got to say.
    In my opinion, it might bring your blog a little
    bit more interesting.
  2. Sherry Stockdill
    2025-01-28

    Hi Dcr 163

    We would love to talk to you about some sample leads for your company, please come and have a chat with us for Centos8 静态地址设置 - Dcr163的博客 and get an instant sample of clients..

    Generate your own samples!

    PCXLeads.com

    Sherry
  3. slot demo
    2025-01-13

    Thanks for finally writing about >个人介绍 - Dcr163的博客

  4. 陌天
    2025-01-09

    哟呵,上班还有空更新,还写那么多,是不是工作量不饱和
  5. Kerrie Bostick
    2024-12-28

    I think that what you wrote was very reasonable.
    But, consider this, what if you added a little information? I am not suggesting your content isn't solid, but suppose you added a post title that grabbed folk's attention? I mean Dcr163的博客 is kinda vanilla. You ought to peek at Yahoo's home page and note how they create post titles to get viewers to open the links.
    You might add a video or a pic or two to get people interested about everything've got to say. Just my opinion, it would make your posts a little bit more interesting.

标签云

CopyRight © Dcr163.cn 粤ICP备15066935号 2016 ~ 2025 40ms
RSS MAP