This is my server configuration: name: avalanche local IP: 192.168.1.20 DynDNS: mzweb.homepc.it -> myRouter IP (dynamic) myRouter IP (dynamic) forwarding to -> 192.168.1.20 So, my server can be reached this ways: from Local Network: localhost [ docroot: /var/www/html ] 127.0.0.1 [ docroot: /var/www/html ] 192.168.1.20 [ docroot: /var/www/html ] avalanche [ docroot: /var/www/html ] from The Internet: mzweb.homepc.it [ docroot: /var/www/html/mztest ] myRouter IP (dynamic) [ docroot: /var/www/html ] Problem: I don't want the server root to be accessible from Internet (myRouter IP) But i still want to preserve the rest of basic configuration... I can't simply deny access by myRouter IP, because it changes time by time (dynamic). Maybe is there a way to enable ONLY a "list" of requests? (for example: "localhost", "127.0.0.1", "192.168.1.20", "avalanche", "mzweb.homepc.it" ) How would you achieve this?
Put a firewall setting in the router denying direct access from router IP to the host? Ie, so that you will have to go through the domain? However, this doesn't really do anything to prevent anything nefarious getting through. EDIT: the stuff marked bold was added