30 lines
819 B
Plaintext
30 lines
819 B
Plaintext
#######
|
|
### NGINX server configuration
|
|
### Drop all connections that do not match configured servers
|
|
#######
|
|
|
|
# Drop connections over HTTP by default
|
|
server {
|
|
listen 80 default_server;
|
|
listen [::]:80 default_server;
|
|
|
|
# have nginx silently drop the connection
|
|
return 444;
|
|
}
|
|
|
|
# Drop connections over HTTPS by default
|
|
# This could only happen after user proceeds past certificate mismatch warning
|
|
# or if using a wildcard certificate where obviously not all possible hosts
|
|
# could be configured.
|
|
# Respond with default certificates then drop connection
|
|
server {
|
|
listen 443 default_server ssl http2;
|
|
listen [::]:443 default_server ssl http2;
|
|
|
|
# SSL certificates for this server
|
|
include /etc/nginx/snippets/ssl/ssl_certs.conf;
|
|
|
|
# have nginx silently drop the connection
|
|
return 444;
|
|
}
|