Use default_server to prevent processing requests with undefined server names
http { ... server { listen 80 default_server; listen [::]:80 default_server; # close connection return 444; } }
If use http to https redirect
http { ... server { listen 80; listen [::]:80; name_server _; location ^~ /.well-known/acme-challenge { # Install https://certbot.eff.org/ # letsencrypt/certbot certonly --webroot --email [email protected] --agree-tos --sta$ default_type text/plain; root /etc/letsencrypt/webroot; try_files $uri $uri/ =404; } location / { # redirect all requests to https return 301 https://$host$request_uri; } } server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; name_server _; # Enable SSL ssl on; ssl_certificate /etc/ssl/private/local.crt; ssl_certificate_key /etc/ssl/private/local.key; # close connection return 444; } }
Latest posts by Kawin Viriyaprasopsook (see all)
- Convert flac audio to ogg/mp3 - 2020-12-20
- Fix systemd resolved not working (127.0.0.53) - 2019-09-23
- Safely remove SATA disk from a running Linux system - 2019-05-24