防止网站被恶意解析,禁止IP直接访问,只允许域名访问
Apache版本
[root@localhost ~]# httpd -v Server version: Apache/2.4.6 (CentOS) Server built: Oct 19 2017 20:39:16
Apache http禁止IP访问网站配置
NameVirtualHost x.x.x.x <VirtualHost *:80> ServerName x.x.x.x ServerAlias x.x.x.x <Location /> Order Allow,Deny Deny from all </Location> </VirtualHost>
在《CentOS 7 Apache虚拟机配置》文中配置文件增加如上配置即可。
Apache https禁止IP访问网站配置
NameVirtualHost x.x.x.x <VirtualHost *:443> ServerName x.x.x.x ServerAlias x.x.x.x SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM SSLHonorCipherOrder on SSLCertificateFile /etc/httpd/conf.d/ssl/xxx.pem SSLCertificateKeyFile /etc/httpd/conf.d/ssl/xxx.key SSLCertificateChainFile /etc/httpd/conf.d/ssl/xxx.pem <Location /> Order Allow,Deny Deny from all </Location> </VirtualHost>
浏览器打开http/https的IP和恶意解析的域名如图:
本文链接:https://jeff.xin/post/92.html
--EOF--
发表于 2018-03-05 ,并被添加「 Apache 」标签 。
Comments
发表评论:
◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。