skip to Main Content

I have a website with CloudFlare protection, seems good at too, but if you enter the original IP adress of my server you can enter normally.

I’m using Apache (XAMPP) and SSL (https://)

I want something similar when you enter from the IP address with CloudFlare, which throws error 1003

3

Answers


  1. You can verify if the domain received in the request matches your site domain. If not, force a redirection to the user. Like so:

    RewriteEngine on
    RewriteCond %{HTTP_HOST} !^www.example.com
    RewriteRule (.*) https://www.example.com$1 [R=301,L]
    

    So IP accesses will be forced back to the domain name.
    Obviously, you could return anything, this is just one method I see often.

    Login or Signup to reply.
  2. Edit or create a default vhost and put this inside:

    <VirtualHost *:80>
        ServerName xxx.xxx.xxx.xxx
        Redirect 403 /
        DocumentRoot /var/www/html
    </VirtualHost>
    

    xxx.xxx.xxx.xxx is your server ip address

    After that restart your apache

    sudo a2ensite your-vhost.conf
    sudo systemctl restart apache2
    

    Hope that helps

    Login or Signup to reply.
  3. Under the ubuntu 20.04

    Server version: Apache/2.4.41 (Ubuntu)

    i just copied my 000-default-ssl.conf as disable-ip.ssl.conf and put below the content

    cd /etc/apache2/sites-available
    cp 000-default-ssl.conf disable-ip.ssl.conf
    

    content of disable-ip.ssl.conf vhost file

    <IfModule mod_ssl.c>
            <VirtualHost *:443>
                    ServerAdmin root@localhost
                    ServerName localhost
                    ServerAlias XXX.XXX.XX.XX  # here write ip adresss of your web site
                    UseCanonicalName Off
                    Redirect 403 /
                    ErrorDocument 403 "Sorry, direct IP access not allowed."
    
                    ErrorLog ${APACHE_LOG_DIR}/error.log
                    CustomLog ${APACHE_LOG_DIR}/access.log combined
    
                    SSLEngine on
    
                    <FilesMatch ".(cgi|shtml|phtml|php)$">
                                    SSLOptions +StdEnvVars
                    </FilesMatch>
                    <Directory /usr/lib/cgi-bin>
                                    SSLOptions +StdEnvVars
                    </Directory>
    
                    SSLCertificateFile    /etc/letsencrypt/live/domain.com/fullchain.pem
                    SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
                    Include /etc/letsencrypt/options-ssl-apache.conf
            </VirtualHost>
    </IfModule>
    

    then

    a2ensite disable-ip.ssl.conf
    service apache2 restart
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search