Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
After updating bind-address in /etc/msql/my.cnf file MySQL stops working Question Question
Server won't boot Question Question

Question

how to block ip public access to my API / Web App

Posted October 3, 2019 6.4k views
ApacheNetworkingIPv6

How do I block access to my API / Web App through the public ip of my droplet?

I am using Apache and PHP.

Add a comment
By:
brdaniellima

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
After updating bind-address in /etc/msql/my.cnf file MySQL stops working Question Question
Server won't boot Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers
KFSys October 4, 2019

Hi @brdaniellima,

f you are using Name based virtual hosts, you may want to simply block any bots etc that try to access your server by direct IP address. It’s unlikely a real user would try to hit your server by using the actual IP address.

To do this, you can use this Virtual Host config:

<VirtualHost *:80>
    ServerName 123.123.123.123
    Redirect 403 /
    ErrorDocument 403 "No"
    DocumentRoot /dev/null/
    UseCanonicalName Off
    UserDir disabled
</VirtualHost>

Of course, please change the IP to the real server IP address(es)

And that’s it, anyone trying to hit the server by IP address will get a simple 403 error.

Reply Report
bobbyiliev October 4, 2019

Hello,

You could use an .htaccess deny from all rule. For example:

order deny,allow
deny from all
allow from YOUR_IP_HERE

The rule above would deny the access to your site for everyone except your IP address.

If this does not work for any reason, make sure that you’ve got AllowOverride enabled:

https://www.digitalocean.com/community/tutorials/how-to-use-the-htaccess-file

Regards,
Bobby

How To Use the .htaccess File
by Etel Sverdlov
This tutorial covers five common uses for the .htaccess file. These include: Mod_Rewrite, Authentication, Custom Error Pages, Mime Types, and Server Side Includes.
Reply Report

Related

Looking for something else?

Ask a new question Search for more help