Deny direct IP access on browser

Hi,
I need to block direct IP access on browser. Following some suggestion, I tried to add some configuration in virtual host file of our origin server, as shown below :

<VirtualHost 192.168.33.134:80>
        ServerName 192.168.33.134
        Redirect 403 /
        ErrorDocument 403 "Direct IP access not allowed"
        DocumentRoot /dev/null
        UseCanonicalName Off
</VirtualHost>

<VirtualHost 192.168.33.134:443>
        ServerName 192.168.33.134
        Redirect 403 /
        ErrorDocument 403 "Direct IP access not allowed"
        DocumentRoot /dev/null
        UseCanonicalName Off
</VirtualHost>

It’s worked as expected.

Unfortunately, domain access became failed with error below :

error cloudflare1017×543 19.9 KB

Currently we set our SSL configuration into Full (Strict).

I deep dive in this forum and found this discussion .
So, what need to configure to give denie response 1003 ?

Thanks.

Here is picture of working virtual host configuration file :

Hi,

“blocking direct IP access” generally means that you should use a firewall and allowlist only Cloudflare IPs for incoming traffic.

If you only want to force people to use your hostname, you’d do that in the 000_default config file. This is important because the file needs to be the first config in alphabetic order.

Also, you can’t use the server IP, you need to use a * if you also use that for your actual website.

Hi @Laudian ,
Thanks for your advice. How to produce this response page through cloudflare ?

That’s not how it works.

“Direct IP access” means that people connect to your server directly, without using Cloudflare.

That is something you need to stop on your server, not on Cloudflare.

OK, I got it.
I’ll find a way on our origin server or network firewall.
Thanks

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.