In this article, I will tell you how you can disable direct web site access using IP.

Why this is a problem

A web server can hold one or many websites based on the server administrator’s settings and company decision. Maybe it’s just a small blog site or corporate site and you don’t have that much traffic, then it’s a waste of money to have one single site on a single server. So in those situations, a server administrator sets up more than one site in a server. Now each server has its own IP address and you just type that IP in your browser then you might see one of the sites in the server without even knowing that this site actually hosted on this server. This is a problem because sometimes crawlers just crawl IP addresses and then they see this a site which is they are not supposed to see.

On a random note: if you are looking for gadgets to improve your productivity, then please read my other article here.

How to solve this

First of all, if you consider this a problem, then you can set a default 403 warning message if your server is accessed by IP address. To do this, first, open your Vhost configuration file in your favorite editors like VIM or Nano. In this example, I am using Apache 2.4, so this will only work on Apache 2.4 servers.

Command to edit vhost file

sudo vi /etc/httpd/conf.d/vhost.conf

Then write this code in the vhost file

<VirtualHost *:80>
ServerName 2.1.94.1
Redirect 403 /
ErrorDocument 403 "Sorry, Direct IP access not allowed"
DocumentRoot /var/www/html
UserDir disabled
</VirtualHost>

After that restart the apache server by running the following command.

sudo service httpd restart 

Now, if you type IP address in your browser then you will see a 403 error page like this one.

To wrap it up, it’s important to set a default 403 page on your server, so that when anyone by mistake types the IP address, he doesn’t see any unwanted site, but rather sees a 403 page.