public
/
docker-automatic-nginx-letsencrypt
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Add default https handler to extras.

pull/9/head
Chris Smith 8 years ago
parent
d5d1da6cbe
commit
731049fa15
1 changed files with 22 additions and 0 deletions
Split View Show Diff Stats
  1. 22
    0
      extra/default-https.conf

+ 22
- 0
extra/default-https.conf View File 

@@ -0,0 +1,22 @@
1 
+# Adds a default HTTPS server that returns a 421 response with no certificates
2 
+# configured.
3 
+#
4 
+# This prevents Nginx from serving other sites when users make a request with
5 
+# a hostname that is not recognised (e.g. they connect directly to the IP
6 
+# address, or send deliberately incorrect requests). This behaviour results
7 
+# in certificate errors and can leak details of "private" vhosts being served.
8 
+#
9 
+# This configuration will instead cause the browser to show an error (usually
10 
+# "Connection closed" or similar).
11 
+
12 
+server {
13 
+
14 
+    listen 443 ssl default_server;
15 
+    listen [::]:443 ssl default_server;
16 
+
17 
+    server_name _;
18 
+
19 
+    return 421;
20 
+
21 
+}
22 
+

Write Preview
Loading…
Cancel
Save