Why doesn't interception of non-existent domains work in NGINX?

7

7761662019-08-02 00:16:53

Nginx

776166, 2019-08-02 00:16:53

The goal is (yes, yes, again): to intercept and reject http/https requests that are not handled directly.
I add a file with a virtual host config to the common heap. But he does not want to work either at all, or half.
If you write

server {
    listen 80 default_server;
    server_name _;
    return 444;
}

Requests from http are transferred to https by the first available config and parked on it.
If you write

server {
    listen 443 default_server;
    server_name _;
    return 444;
}

It basically stops everything from working. All other domains are configured to re-park from http to https.
Deleting server_namedoes nothing.
What the hell is wrong?! nginx/1.10.3

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

V

Viktor Taran, 2019-08-02
@776166

Already answered this question today, and colleagues said that everything has been working for a long time and it seems to you
Keys first then chairs

listen 443 ssl;
       server_name default_server ;
       ssl_certificate        /etc/ssl/certs/ssl-cert-snakeoil.pem;
       ssl_certificate_key    /etc/ssl/private/ssl-cert-snakeoil.key;
       root /var/www/html;
       return 444;
}

The site works on the HTTPS version of the IP. How to fix?

V

vreitech, 2019-08-02
@fzfx

apparently you already have some kind of server_name, in which the list of valid names is given by a wide-ranging regular expression.