preventing requests with unknown host names
Francis Daly
francis at daoine.org
Fri Aug 21 07:30:08 UTC 2015
On Thu, Aug 20, 2015 at 11:35:58PM -0700, Igal @ Lucee.org wrote:
> On 8/20/2015 3:55 PM, Igal @ Lucee.org wrote:
Hi there,
I do not know the full answer to your question.
> when I tried to add listen for port 443 it broke the https for requests
> with the valid hostname as well.
>
> ## disable http server for requests with unknown hosts
> server {
>
> listen IP:80 default_server;
> # listen IP:443 default_server; # breaks all https??
> return 444;
> }
>
> what's the trick to do the same for https without breaking the requests
> for https://myhost/ ?
You will need at least a proper ssl configuration in that server{}
block -- possibly setting it at http level.
See, for example,
http://nginx.org/en/docs/http/configuring_https_servers.html#name_based_https_servers
In general, the ssl hostname that the browser wants to connect to is
not available until after the ssl negotiation has happened.
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list