preventing requests with unknown host names
Igal @ Lucee.org
igal at lucee.org
Fri Aug 21 14:26:06 UTC 2015
> You will need at least a proper ssl configuration in that server{}
> block -- possibly setting it at http level.
that makes sense. thanks again!
Igal Sapir
Lucee Core Developer
Lucee.org <http://lucee.org/>
On 8/21/2015 12:30 AM, Francis Daly wrote:
> On Thu, Aug 20, 2015 at 11:35:58PM -0700, Igal @ Lucee.org wrote:
>> On 8/20/2015 3:55 PM, Igal @ Lucee.org wrote:
> Hi there,
>
> I do not know the full answer to your question.
>
>> when I tried to add listen for port 443 it broke the https for requests
>> with the valid hostname as well.
>>
>> ## disable http server for requests with unknown hosts
>> server {
>>
>> listen IP:80 default_server;
>> # listen IP:443 default_server; # breaks all https??
>> return 444;
>> }
>>
>> what's the trick to do the same for https without breaking the requests
>> for https://myhost/ ?
> You will need at least a proper ssl configuration in that server{}
> block -- possibly setting it at http level.
>
> See, for example,
> http://nginx.org/en/docs/http/configuring_https_servers.html#name_based_https_servers
>
> In general, the ssl hostname that the browser wants to connect to is
> not available until after the ssl negotiation has happened.
>
> f
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20150821/8feea335/attachment.html>
More information about the nginx
mailing list