Secure ERPNext server - Prevent access using undefined server names
Once you have ERPNext on cloud up and running, security will be a major concern. Normally we use https on random ports to avoid unwanted access attempts. It is important to stop anyone trying to acces
On your nginx conf.d folder - create another conf file named default.conf
Add the following lines
( Assume 8111 and 8222 are two seprate ERPNext instances )
listen 8111 ssl default_server;
listen 8222 ssl default_server;
ssl_certificate /etc/letsencrypt/live/site1.example.com/fullchain.pem; # ( Any certificate available in the server , doesn't matter which one )
ssl_certificate_key /etc/letsencrypt/live/site2.example.com/privkey.pem; # ( Any certificate available in the server , doesn't matter which one )
In nginx "default_server" means , any hostname including IP addresses.
restart nginx ( service nginx restart ) .
After that, only users with correct host/domain name will get access to the login page of ERPGulf/ERPNext.
Always Use 444 ( not 404 or 403) to stop crawlers from accessing server by IP or wrong hostname. 444 simply cut the connection. No more reply. Saves bandwidth.
- 403 Forbidden Error
- 404 Not Found Error
- 444 Connection Closed Without Response
Cloud support team provides hosting related support and technology updates. Cover technology like cloud printing, Cloud PBAX, VoIP, Kubernetes, Ubuntu, Linux etc. Contact us on support@ERPGulf.com