preventing requests with unknown host names

Francis Daly francis at
Fri Aug 21 07:30:08 UTC 2015

On Thu, Aug 20, 2015 at 11:35:58PM -0700, Igal @ wrote:
> On 8/20/2015 3:55 PM, Igal @ wrote:

Hi there,

I do not know the full answer to your question.

> when I tried to add listen for port 443 it broke the https for requests
> with the valid hostname as well.
> ## disable http server for requests with unknown hosts
> server {
>     listen      IP:80     default_server;
> #   listen      IP:443    default_server;    # breaks all https??
>     return      444;
> }
> what's the trick to do the same for https without breaking the requests
> for https://myhost/ ?

You will need at least a proper ssl configuration in that server{}
block -- possibly setting it at http level.

See, for example,

In general, the ssl hostname that the browser wants to connect to is
not available until after the ssl negotiation has happened.

Francis Daly        francis at

More information about the nginx mailing list