12345678910111213141516171819202122 |
- # Adds a default HTTPS server that returns a 421 response with no certificates
- # configured.
- #
- # This prevents Nginx from serving other sites when users make a request with
- # a hostname that is not recognised (e.g. they connect directly to the IP
- # address, or send deliberately incorrect requests). This behaviour results
- # in certificate errors and can leak details of "private" vhosts being served.
- #
- # This configuration will instead cause the browser to show an error (usually
- # "Connection closed" or similar).
-
- server {
-
- listen 443 ssl default_server;
- listen [::]:443 ssl default_server;
-
- server_name _;
-
- return 421;
-
- }
|