search

Home  >  Q&A  >  body text

How to ban IP access to HTTPS site (nginx)?

How to prohibit IP from directly accessing HTTPS

The following settings are set in nginx:

server {
    listen 80;
    listen 443 ssl spdy;
    root /data0/web/domain.com;
    server_name domain.com *.domain.com;
    index index.html index.htm index.php;

    location / {
    }
}

##default
server {
    listen 80 default;
    listen 443 default;

    server_name _;

    root /data0/web/empty;

    location / {
        return 500;
    }
}

Set as above, access https://ip. SSL doesn't work. Even if you visit https://domain.com, you cannot access it.

阿神阿神2753 days ago870

reply all(3)I'll reply

  • ringa_lee

    ringa_lee2017-05-16 17:29:35

    It’s OK to use code like this

    server 
        {
                listen 443 default;
                return 400;
        }

    reply
    0
  • 曾经蜡笔没有小新

    曾经蜡笔没有小新2017-05-16 17:29:35

    server
{
    listen 443 ssl default_server;
    ssl_certificate      path_to_your_fullchain.cer;
    ssl_certificate_key  paht_to_your_key;
    return 301 https://demo.com;
}

    Be sure to configure the ssl certificate, otherwise it will not work

    reply
    0
  • 黄舟

    黄舟2017-05-16 17:29:35

    listen 80 default;
server_name domain.com *.domain.com;
...

if ( $host ~* "\d+\.\d+\.\d+\.\d+" ) {
    return 400;
}

    reply
    0
  • Cancelreply