You should use Protected Hostnames, to prevent Access to your Webserver if the hostname is incorrect, or someone is using only the IP Address.
First configure the Protected Hostnames to deny per default and allow the Hostnames you’re Hosting on your Webserver.
config server-policy allow-hosts edit "www.c3it.net" set default-action deny config host-list edit 1 set host www.c3it.net next end next end
Then you’ll have to add the Protected Hostnames to the Server Policy
If you’re using Content Routing (what i prefer if there is more than one Service to protect and if there are different Servers in the Backend)
Then you’ll have to add all the Protected Hostnames you’re using.