If one types the IP address assigned to a web server, a default web page should be displayed. I have the idea that a web server which returns a page without the incoming connection passing the domain name might be a security risk, or gives rise to malicious activities. One can easily tell that this is simply web access with domain name bypass. I have seen quite a few web sites which do not allow domain name bypass. One example is www.netvigator.com (IP address 218.102.21.228). If I give http://218.102.21.228/ on my web browser, the remote server return "forbidden access".
Having said that, I am interested to find out how to configure a web server to avoid domain name bypass. Is there anything to do with with VirtualHost Directive ?
No comments:
Post a Comment