nginx prevent process undefined server names

Use default_server to prevent processing requests with undefined server names

http {
...

  server {
    listen 80 default_server;
    listen [::]:80 default_server;
    # close connection
    return 444;
  }
}

If use http to https redirect

http {
...
  server {
    listen 80;
    listen [::]:80;
    name_server _;

    location ^~ /.well-known/acme-challenge {
      # Install https://certbot.eff.org/
      # letsencrypt/certbot certonly --webroot --email [email protected] --agree-tos --sta$
      default_type text/plain;
      root /etc/letsencrypt/webroot;
      try_files $uri $uri/ =404;
    }

    location / {
      # redirect all requests to https
      return 301 https://$host$request_uri;
    }
  }

  server {
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;
    name_server _;
    # Enable SSL
    ssl on;
    ssl_certificate /etc/ssl/private/local.crt;
    ssl_certificate_key /etc/ssl/private/local.key;
    # close connection
    return 444;
  }
}

 

โซเชียล

Kawin Viriyaprasopsook

System administrator at Zercle Technology Co., Ltd.
System admin กากๆ
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
โซเชียล

Leave a Reply