A direct IP-access allows the user to access a website using its root server’s IP-address.
Think of it this way, remember the product, you purchased in yesterday’s example in What is a Proxy Server? (Which, by the way, you could read/listen to by clicking on the link). Now, in that example, you type your house’s address as 10880, Malibu-Point instead of typing it as Stark Mansion.
Similarly, allowing users to visit your website using its root server’s IP-address is known as a direct IP-access method.
Why should you disable it?
You’ll need to understand that directly accessing a website using its IP-address has its own set of issues. For starters, it increases the chances to encounter a Distributed Denial of Service attack.
In addition, most of the websites don’t use an SSL Certificate to secure their root server’s IP-address. And, it allows the user to access the website without an SSL Certificate.
Thus, compromising on an extra layer of security. And these issues are just the tip of the iceberg. And, we recommend for you to disable direct IP-access to avoid an whole iceberg of the issues.
How to disable direct IP-Access?
Now, a simple way to disable direct IP-access would be to use a proxy server. Using a proxy server would allow you to route all the incoming requests to the proxy server and it would in turn pass the request to the root server and return the query’s result back.
Meaning, Your domain name will point to the proxy server’s IP-address in the records of DNS. In addition, the proxy server re-routes all the incoming queries to the root server as per the configuration.
Here, the client is unaware of your root server’s IP-address.
For instance, you could use CloudFlare’s proxy server to reroute the incoming requests of your domain name to the proxy server’s IP-address. And, the proxy server would pass the request to the root server and display the requested query back to the user.
And, when the user tries to find the IP-address of the server, they’ll be greeted by the IP-address of the cloudflare’s proxy server.
As a security measure, CloudFlare’s proxy servers and Content Delivery Networks are configured to display an error to any user who uses the IP-address to visit a website protected by the proxy servers.
Now, if the user tries to access the root server by entering the obtained IP-address, the proxy servers will display an Error 1003: Disabled direct IP-access to the user.