|  首頁
說明

GoDaddy 說明

Disable Web Application Firewall (WAF) bypass

If someone knows your hidden Hosting IP, they can bypass your Web Application Firewall (WAF) and try to access your website directly. It's not common or easy to do, but for additional security, we recommend only allowing HTTP access through your WAF. You can limit access to your website by adding a restriction to your .htaccess file.

Warning: Wait until your DNS changes have fully propagated before following the directions below. This can take up to 24 hours after you've set up your WAF.
  1. Go to your GoDaddy product page.
  2. Under Website Security and Backups, next to the Website Security account you want to use, click Manage.
  3. On the navigation menu, click Firewall.
    Firewall
  4. Click Security and scroll down to Preventing Firewall Bypass.
    Preventing firewall bypass

    Note: If you have more than one Website Security account, click the settings gear on the Firewall you want to deactivate, then Security.

  5. Choose your server type. For Apache servers, add the code to your .htaccess file. For NGINX, you'll need to add the code to your NGINX configuration file.

More info

  • If you're using IIS, instructions vary between versions - IIS 7 and IIS 8. You can also try to use web.config file to prevent bypass.
  • Are you getting a 500 error code after adding the bypass prevention rules? Remove the line referring to IPv6 from the bypass prevention code and see if the error is gone. It can take a few minutes for the 500 error to clear after removing that line.

這篇文章有用嗎?
感謝您提供意見。 若要與客戶服務代表聯絡,請撥打支援中心電話號碼,或使用上方的對話選項。
很高興能幫上忙! 還有什麼可幫您的嗎?
很抱歉有這種情形。 請告訴我們您不了解的部分,或解決方案無法解決您問題的原因。