Use default_server to prevent processing requests with undefined server names
http {
...
server {
listen 80 default_server;
listen [::]:80 default_server;
# close connection
return 444;
}
}
If use http to https redirect
http {
...
server {
listen 80;
listen [::]:80;
name_server _;
location ^~ /.well-known/acme-challenge {
# Install https://certbot.eff.org/
# letsencrypt/certbot certonly --webroot --email [email protected] --agree-tos --sta$
default_type text/plain;
root /etc/letsencrypt/webroot;
try_files $uri $uri/ =404;
}
location / {
# redirect all requests to https
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
name_server _;
# Enable SSL
ssl on;
ssl_certificate /etc/ssl/private/local.crt;
ssl_certificate_key /etc/ssl/private/local.key;
# close connection
return 444;
}
}
Kawin Viriyaprasopsook
System administrator at Zercle Technology Co., Ltd.
System admin กากๆ
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
Latest posts by Kawin Viriyaprasopsook (see all)
- Safely remove SATA disk from a running Linux system - 2019-05-24
- Update CentOS kernel for deploy Google BBR - 2019-05-10
- Kernel tuning for linux server - 2019-03-28