使用 IP 地址时限制对站点的访问
[英]Restricting access to site when using IP address
问题描述
I want to restrict access to my ASP.NET MVC site to only my DNS.
我想限制对我的 ASP.NET MVC 站点的访问,仅限于我的 DNS。 When accessing my site via IP address (actual controllers and actions, content, images, scripts, etc.), I want it to block.通过 IP 地址(实际控制器和操作、内容、图像、脚本等)访问我的站点时,我希望它阻止。
Example:例子:
-
https://example.com- all good - pages load, scripts are downloaded and executed, images display, etc.https://example.com- 一切正常 - 页面加载、脚本下载和执行、图像显示等。 -
https://1.2.3.4- all blockedhttps://1.2.3.4- 全部被封锁
Hosting note: I'm hosted in AWS via Elastic Beanstalk - not sure where AWS uses IP addresses and where it uses DNS in the background.托管说明:我通过 Elastic Beanstalk 托管在 AWS 中 - 不确定 AWS 在哪里使用 IP 地址以及在哪里使用 DNS 在后台。
Is this possible?这可能吗?
1 个解决方案
解决方案1
0 2020-08-09 15:04:15
There are a couple of approaches you can take to resolve this.您可以采取几种方法来解决此问题。
The first is that you can use AWS WAF with the ALB that Elastic Beanstalk creates, by doing this you're able to block any interactions before they touch your server.首先是您可以将 AWS WAF 与 Elastic Beanstalk 创建的 ALB 一起使用,通过这样做,您可以在任何交互接触您的服务器之前阻止它们。 The setup would be quite simple:设置将非常简单:
- A single rule to Allow access when then host header matches your domain name主机 header 时允许访问的单个规则与您的域名匹配
- By default block all.默认阻止所有。
The secondary option would be that this is done on the web server itself, the first vhost should act as a catch all for requests.次要选项是在 web 服务器本身上完成此操作,第一个虚拟主机应充当请求的全部捕获。 For this you would simply return a 403 , after this add another vhost to include only your domain which would serve as it previously did.为此,您只需返回一个403 ,然后添加另一个虚拟主机以仅包含您的域,该域将像以前一样使用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.