server configs: drop and redirect-HTTPS

This commit is contained in:
Asif Bacchus 2019-01-04 02:36:58 -07:00
parent e7a41c03d1
commit 2a556f4721
2 changed files with 45 additions and 0 deletions

View File

@ -0,0 +1,29 @@
#######
### NGINX server configuration
### Drop all connections that do not match configured servers
#######
# Drop connections over HTTP by default
server {
listen 80 default_server;
listen [::]:80 default_server;
# have nginx silently drop the connection
return 444;
}
# Drop connections over HTTPS by default
# This could only happen after user proceeds past certificate mismatch warning
# or if using a wildcard certificate where obviously not all possible hosts
# could be configured.
# Respond with default certificates then drop connection
server {
listen 443 default_server ssl http2;
listen [::]:443 default_server ssl http2;
# SSL certificates for this server
include /etc/nginx/snippets/ssl/ssl_certs.conf;
# have nginx silently drop the connection
return 444;
}

View File

@ -0,0 +1,16 @@
#######
### NGINX server configuration
### Redirect to secure connection
#######
server {
listen 80;
listen [::]:80;
server_name server.domain.tld
subdomain.server.domain.tld
subdomain2.server.domain.tld;
# redirect to properly formed HTTPS request
return 301 https://$host$request_uri;
}