This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

Cloudflare + VirtualMin + (fake) default virtual server for direct hits on IP. Good idea?

1 post / 0 new

Topic locked

#1 Tue, 01/26/2016 - 03:40

cognosco

Cloudflare + VirtualMin + (fake) default virtual server for direct hits on IP. Good idea?

Hello,

I am a happy VirtualMin user. All my domains are behind cloudflare, for speed improvement, SSL and blocking bad bots. Also the IP is not visible from the outside.
If a user/bot visits the IP of the server directly (they scan all ip ranges, so my IP is tried too ofcourse), it will reach the default virtual server.

Now I had the idea to create a fake virtual server, without real domainname. Then I set this as default without any files in it. Visiting the IP gives a 403 Forbidden now. I guess it's safer than showing a real site.

I am wondering: is this safe? Is this a good practice? Or does someone know a better suggestion?
Thanks in advance!