Is there a risk to my website with my public ip address?

January 25, 2017 2.2k views
Dokku Nginx


I have a droplet with Dokku and my site is running all ok with my own domain

However its also accessible through the public IP address.

I was just wondering:

1 - Is this a security risk in any way? The site has SSL however that is linked to, if you visit the page with the IP, you’ll see the ‘certificate warning error’ - CERTCOMMONNAME_INVALID. So if someone uses that, they are risking their data being passed unencrypted.

2 - I’ve disabled it using:

server {
   return 301;

in the default file located at /etc/nginx/sites-enabled. This works, however is it the correct approach?


2 Answers

There’s no risk and your 301 is the correct approach.


Access via the IP will always be an option as you have to have a public IP of some sort to allow others to connect.

If you’re only hosting a single domain on the Droplet, or if you have a preferred domain for a redirect, you could always force redirect direct IP access to a domain.

For example:

server {
    listen 80;
    server_name DROPLET_IP;

    return 301 $scheme://$request_uri;

Simply replace DROPLET_IP with the public IP address of your Droplet and with the domain you’d like to redirect to.

The $scheme and $request_uri portions will handle enforcing HTTP/HTTPS and the requests.

Have another answer? Share your knowledge.