2019-02-01 13:04:01 +01:00
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
|
# | Default behavior for unknown hosts |
|
|
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
|
#
|
|
|
|
|
# Drop requests for unknown hosts
|
|
|
|
|
#
|
2019-05-14 19:02:21 +02:00
|
|
|
# If no default server is defined, Nginx will use the first found server.
|
2019-02-01 13:04:01 +01:00
|
|
|
# To prevent host header attacks, or other potential problems when an unknown
|
|
|
|
|
# servername is used in a request, it's recommended to drop the request
|
|
|
|
|
# returning 444 "no response".
|
|
|
|
|
#
|
|
|
|
|
# (1) In production, only secure hosts should be used (all `no-ssl` disabled).
|
|
|
|
|
# If so, redirect first ANY request to a secure connexion before handling it
|
|
|
|
|
# even if the host is unknown.
|
|
|
|
|
#
|
|
|
|
|
# https://observatory.mozilla.org/faq/
|
|
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
listen [::]:80 default_server deferred;
|
|
|
|
|
listen 80 default_server deferred;
|
|
|
|
|
|
|
|
|
|
server_name _;
|
|
|
|
|
|
|
|
|
|
# (1)
|
|
|
|
|
# return 301 https://$host$request_uri;
|
|
|
|
|
return 444;
|
|
|
|
|
}
|
