如何防止用户访问 GCP 中托管的网站的 IP 地址?
[英]How to prevent user access to IP address for a website hosted in GCP?
问题描述
I have a Wordpress website (Bitnami) thats hosted in Google Cloud Platform.
我有一个托管在 Google Cloud Platform 中的 Wordpress 网站(Bitnami)。 The IP address is something like: 33.33.33.33 . IP 地址类似于: 33.33.33.33 。 My domain is hosted on Google Domains and has 2 nameservers pointing to Cloudflare.我的域托管在 Google Domains 上,并且有 2 个指向 Cloudflare 的名称服务器。 On the Cloudflare DNS settings, I have 2 A records, one is ftp and the other is something like 'mywebsite.com'.在 Cloudflare DNS 设置中,我有 2 条 A 记录,一条是 ftp,另一条类似于“mywebsite.com”。 I also have a CNAME which is www mywebsite.com.我还有一个CNAME ,即 www mywebsite.com。
I am able to hit the full URL of my website but I also notice I can enter the IP address and it also works and loads the website.我可以访问我网站的完整 URL 但我也注意到我可以输入 IP 地址,它也可以工作并加载网站。 Is it possible to prevent acccess to 33.33.33.33 and only allow the full URL?是否可以阻止访问33.33.33.33并且只允许完整的 URL?
1 个解决方案
解决方案1
0 2022-09-22 10:25:02
Create VPC Firewall Rules that only allow Cloudflare IP addresses.创建仅允许 Cloudflare IP 地址的 VPC 防火墙规则。
Consult this document for the current Cloudflare IP list.有关当前的 Cloudflare IP 列表,请参阅此文档。
Google Cloud VPC firewall rules overview Google Cloud VPC 防火墙规则概览
Note: Cloudflare does not support FTP, so you must point your DNS resource record for FTP to your server's IP address and not through Cloudflare. Note: Cloudflare does not support FTP, so you must point your DNS resource record for FTP to your server's IP address and not through Cloudflare. I recommend that you do not use FTP.我建议您不要使用 FTP。 Use SSH/SFTP for file transfers.使用 SSH/SFTP 进行文件传输。 Configure WordPress so that installing plugins, uploading images, etc do not require FTP.配置 WordPress 以便安装插件、上传图片等不需要 FTP。 FTP is not encrypted which means your login username and password are sent in the clear. FTP 未加密,这意味着您的登录用户名和密码以明文形式发送。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.