: Should a website be directly accessible by its IP address? I found that many websites display their site content only when you access them by their FQDN (example, example.com). When trying to
I found that many websites display their site content only when you access them by their FQDN (example, example.com). When trying to access by their IP address, they show a 404 site not found error.
Are there good reasons why site owners would not want their websites to be directly accessible by IP address instead of going through the DNS?
What are the pros and cons of making direct IP access available for your website?
More posts by @Murray155
6 Comments
Sorted by latest first Latest Oldest Best
From a security perspective, it is a smart move.
Most websites with heavy traffic will have a CDN used somewhere. So any attempted DOS or DDOS attack will simply dissipate away through the CDN servers and won't reach the user site.
However, if a user is aware of the site's IP address, he or she can directly fire an attack at the IP and bring down the server in no time. That's why most CDNs will offer you options to hide your server's IP addresses. So giving a 404 to someone who is trying to access the site is a good move. It can be wither done by a .htaccess file or by hosting the site at a place other than the default server document root.
Just my 2 cents, I have a few web sites on my web server (about 8) and they all have the exact same IP address. With the use of Host Headers, the FQDN helps the web server (in my case Apache) to direct the request to the correct directory for the web site in question. The IP address is directed to my company Website by default. I have found since around 2001 this is the norm for most web hosting providers, especially considering the current state of IPv4 addresses. Just some background, I worked for Voyager.net (in Michigan) for about 8 years and Voyager was a hosting company and ISP that hosted over 80,000 domain and I don't know how many web sites we hosted. In a side note, FQDN is by definition used to give human readable addresses to IP address so we can remember them more easily. Again just my 2cents.
From SEO perspective it is a disaster.
If you have one website for example stackexchange.com and it is also accessible from the ip address this will lead to duplicate content.
This will destroy your rankings, and will confuse your users, which they will search Google and find 2 results for the same topic (one accessible by the domain name, and one accessible by the ip address)
Never make a domain accessible from the ip address.
If you got one domain hosted on a single server, the best approach is to 301 redirect direct ip address access to that domain.
If you have more than one domains on a server, disable direct ip address access.
The original version of HTTP did not include any mechanism for the client to specify the host name as part of the request. It connected to the server and sent only the path portion of the URL. One of the early modifications to the HTTP protocol was to add the ability for the client to send other "header" information, including the host name.
20 years ago browser support for virtual hosts was very spotty. Back then, there would have been a valid reason to serve the content from just the IP address as well. A small percentage of clients would not have sent the host header. The host name is now a standard header sent by every browser and web crawler.
In fact, I find that requests looking for content on an IP address are not likely to be satisfied if my server responds with my website. I tend to see IP only requests that are:
For a website that used to be on that IP address
Attempts for access by malware
I now prefer to serve a 404 error for just IP address requests rather than serving my site or redirecting to my site. My servers are also configured to serve 404 pages to unrecognized host names as explained in the answer to How to deal with malicious domain redirections?
Especially if you have a shared hosting or a server of your own hosting multiple domains you can't access the "website" via IP. For your own server you could possibly define a primary domain that is reached if you enter the IP. For shared hosts that is impossible.
As mentioned by @Ijacqu the IP could easily change.
Another thing is duplicate content, so basically it's no good practice to do so.
If you want to have a website to be reached via it's server IP you should definately add a 301 or 302 forward to the domain itself.
For one server I administered I added a small HTML site, just echoing "Welcome to 123.456.789.123" as a default website, as several customer projects were hosted on that machine, and I just needed a white label solution for the default site. I configured that using apache vhosts.
Note that the website that is reached through a domain name might not be hosted directly at the root of the IP address, i.e. example.org could map to 123.45.67.89/~example. This is common for normal web hosts since they can't allocate an IP address per website – that would be incredibly wasteful.
For instance, if you do a DNS lookup of webmasters.stackexchange.com, you'll get the IP address 198.252.206.140 (on the right-hand side on the website I linked to). While the IP address does go to a StackExchange page, it doesn't lead to the webmasters section, which might be at something like 198.252.206.140/www/webmasters.
One con of using an IP address (or something like 123.45.67.89/~example) is the need for a static IP address. If, for some reason, the IP address should have to change, you have no way of redirecting users. Whereas with a domain name, it's simply a matter of updating DNS records to point to the new IP address.
While not completely related, another obvious con of IP addresses is that they're a lot harder to remember than a name and an ending.
By default, a website will be available through the domain name, as well as by IP address. Different answers/comments to this question offer different perspectives, and I don't want to copy off of that.
Personally, I wouldn't block access by IP address, simply because that's not how one would expect the internet to work. Additionally, a regular user will never randomly find the IP address of your website, and he definitely won't start sharing links to your site with the IP address. So any efforts for SEO and security are surely better spent elsewhere.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.