Tell me more ×
Server Fault is a question and answer site for professional system and network administrators. It's 100% free, no registration required.
up vote 3 down vote favorite

I'm using apache web server on CentOS and I need to disable the ability for people to access the website by using the server's IP address in a web browser. I want it so that when someone attempts to browse to the IP address they get a forbidden error message.

What configurations would be necessary to do that?

share|improve this question

3 Answers

up vote 6 down vote

Just set up the default virtual host. There is a commented example in httpd.conf or do something trivial like:

<VirtualHost *:80>
    ServerName localhost
    DocumentRoot /var/www/html
</VirtualHost>
share|improve this answer
Well, This solved my problem .. many thanks for you all :) – Amr Elkhedewy May 28 at 18:53
1  
Remember to mark the question as solved by clicking the check mark next to the answer that resolved your problem. Welcome to Server Fault! – Michael Hampton May 29 at 2:41
up vote 3 down vote

You can achieve this with mod_rewrite:

RewriteENgine On
RewriteCond %{HTTP_HOST} 1.2.3.4 # Replace with your own IP address
RewriteRule .* - [F]

This says that if the HTTP_HOST header matches the ip address 1.2.3.4, then any request should be met with a 403 Forbidden. Any request that has another HTTP_HOST header (e.g. one with the actual domain name rather than the IP address) should not be affected.

share|improve this answer
It didn't work in httpd.conf – Amr Elkhedewy May 28 at 15:28
it worked through .htaccess file, i need it to be done from Apache configurations. – Amr Elkhedewy May 28 at 15:32
2  
Did you restart apache after editing httpd.conf ? Otherwise apache won't know about the new configuration. This is different from .htaccess, which is also parsed without restarting apache. – etagenklo May 28 at 16:48
Sure but nothing changed – Amr Elkhedewy May 28 at 18:55
up vote 1 down vote

You cannot block direct access by IP. You must allow the connection but then decide what to do with it. This could be return a 403, a 404 or redirect them to the desired page. You can do this with mod_rewrite.

 RewriteEngine On
 RewriteCond %{HTTP_HOST} ^123\.123\.123\.123
 RewriteRule ^(.*)$ - [F,L]

This will match the HTTP HOST header passed by the web client. All other requests would pass through.

However, you may want to normalize your URLs for SEO purposes.

With this approach you rewrite anything that does not match the desired result.

RewriteCond %{HTTP_HOST}   !^fully\.qualified\.domain\.name [NC]
RewriteCond %{HTTP_HOST}   !^$
RewriteCond %{SERVER_PORT} !^80$
RewriteRule ^/(.*)         http://fully.qualified.domain.name:%{SERVER_PORT}/$1 [L,R]

Reference: https://httpd.apache.org/docs/2.0/rewrite/rewrite_guide.html#canonicalurl

Reference: http://en.wikipedia.org/wiki/URL_normalization

share|improve this answer
It didn't work in httpd.conf – Amr Elkhedewy May 28 at 15:28
it worked through .htaccess file, i need it to be done from Apache configurations. – Amr Elkhedewy May 28 at 15:32
It will work in httpd.conf, but be sure to turn rewrite engine on and put it inside of your virtual host directives. Otherwise it will just apply to your default server. See: httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond – jeffatrackaid May 28 at 17:48

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.