Skip to content

Instantly share code, notes, and snippets.

@GAS85

GAS85/apache2_restrictDirectAccess.md

Last active March 23, 2020 09:01
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save GAS85/cc19d3ac98f977e9acc8b02290e96660 to your computer and use it in GitHub Desktop.
Save GAS85/cc19d3ac98f977e9acc8b02290e96660 to your computer and use it in GitHub Desktop.
Download ZIP
Apache2 Restrict direct IP access to website
Raw
apache2_restrictDirectAccess.md

Just added this into Apache2 config. E.g. /etc/apache2/sites-available/900-restrictDirectIP.conf and enable it afterwards.

<VirtualHost 192.168.0.1:80>
	ServerName 192.168.0.1
	Redirect 403 /
	ErrorDocument 403 "Sorry, direct IP access not allowed."
	DocumentRoot /var/www/html
	ErrorLog ${APACHE_LOG_DIR}/error_directIPAccess.log
	CustomLog ${APACHE_LOG_DIR}/access_directIPAccess.log combined
</VirtualHost>

<VirtualHost 192.168.0.1:443>
	ServerName 192.168.0.1
	Redirect 403 /
	ErrorDocument 403 "Sorry, direct IP access not allowed."
	DocumentRoot /var/www/html
	ErrorLog ${APACHE_LOG_DIR}/error_directIPAccess.log
	CustomLog ${APACHE_LOG_DIR}/access_directIPAccess.log combined
</VirtualHost>

And this script to cron if you have dynamic IP --> https://github.com/GAS85/cubietruck/blob/master/apache2IPUpdate.sh

You can aslo added accessed IPs direct to ban via fail2ban and iptables, by reading ${APACHE_LOG_DIR}/access_directIPAccess.log

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment