IP Based Virtual Hosting
IP-based virtual hosting means hosting multiple websites on the same server, where each website has its own IP address.
NGINX decides which site to serve based on the destination IP address of the request, not the domain name (Host header).
One IP = One website (or one main virtual host)
How IP-Based Virtual Hosting Works
Request flow
- User types:
http://example.com - DNS resolution:
example.com → 192.0.2.10 - Browser connects to:
192.0.2.10:80 - NGINX:
- Checks which server block is listening on 192.0.2.10
- Serves the matching virtual host
Another site might use:
shop.com → 192.0.2.20
Same server, different IP, different site.
Key Directives Used
| Directive | Purpose |
|---|---|
server {} | Defines a virtual host |
listen IP:PORT | Binds server block to a specific IP |
server_name | Optional (not required for routing) |
root | Website document root |
In IP-based hosting, listen is the key directive, not server_name.
Basic Example: Two Websites, Two IPs
| Website | IP Address |
|---|---|
example.com | 192.0.2.10 |
shop.com | 192.0.2.20 |
Both sites run on the same NGINX server, but each has its own IP.
http {
server {
listen 192.0.2.10:80;
root /var/www/example;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
server {
listen 192.0.2.20:80;
root /var/www/shop;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
}
-
listen IP:PORTlisten 192.0.2.10:80;- NGINX listens only on this IP
- Requests to any other IP will not match this server block
listen 192.0.2.20:80;- Separate IP → separate virtual host
-
server_name(Optional) In IP-based hosting,server_nameis not required:server_name example.com;- Can still be added for:
- Logging clarity
- HTTPS SNI
- Readability
- But routing is done by IP
- Can still be added for:
-
Request Routing
| Request | IP Used | Served From |
|---|---|---|
http://example.com | 192.0.2.10 | /var/www/example |
http://shop.com | 192.0.2.20 | /var/www/shop |
Even if both domains are typed, IP determines the site.
IP-Based Virtual Hosting with HTTPS
Before SNI, SSL required one IP per certificate, making IP-based hosting necessary.
server {
listen 192.0.2.10:443 ssl;
ssl_certificate /etc/ssl/example.crt;
ssl_certificate_key /etc/ssl/example.key;
root /var/www/example;
}
Each site:
- Has its own IP
- Has its own SSL certificate
Combining IP-Based and Name-Based Hosting
You can mix both approaches.
server {
listen 192.0.2.10:80;
server_name example.com www.example.com;
root /var/www/example;
}
- IP chooses the server
server_namerefines domain handling
Default Server in IP-Based Hosting
server {
listen 192.0.2.10:80 default_server;
return 444;
}
- Handles unmatched requests on that IP
- Improves security and clarity
Advantages of IP-Based Virtual Hosting
- Complete isolation between sites
- Required for legacy SSL clients
- Easier firewall and access control
- Useful for compliance and security
Disadvantages
- Requires multiple IP addresses
- Higher cost in cloud environments
- Less scalable than name-based hosting
When to Use IP-Based Virtual Hosting
| Use Case | Recommendation |
|---|---|
| Legacy SSL support | ✅ IP-based |
| Strong isolation/security | ✅ IP-based |
| Shared hosting | ❌ Avoid |
| Cloud servers | ⚠️ Use only if needed |
Name-Based vs IP-Based
| Use Case | Recommendation |
|---|---|
| Legacy SSL support | ✅ IP-based |
| Strong isolation/security | ✅ IP-based |
| Shared hosting | ❌ Avoid |
| Cloud servers | ⚠️ Use only if needed |