Hello,
I try to block wildcard sub domains as follows:
server {
server_name ~^(.*).example.com$ ;
root /usr/share/nginx/www;
error_page 403 /index.html;
allow 127.0.0.1;
deny all;
access_log off;
log_not_found off;
}
I always get the default “403 Forbidden” site of nginx.
When “deny all” is removed it work as expected.
Can anybody explain?
And does anybody know a workaround?
Best Regards;
Basti
Here is my solution:
server {
server_name ~^(.*).example.com$ ;
return 200;
deny all;
access_log off;
log_not_found off;
}
Am 06.06.2014 09:48, schrieb basti:
On 6 Jun 2014 08:49, “basti” [email protected] wrote:
error_page 403 /index.html;
allow 127.0.0.1;
deny all;
access_log off;
log_not_found off;
}
I’m sure there’s a precedence rule that’ll explain this but I don’t have
it
to hand.
However, have you considered merely telling that server{} to listen only
on
127.0.0.1?
You may also wish to look at the server_name documentation for the
shorthand of “*.foo.com” instead of the regex you’re using.
Finally, if your aim is just to deny requests for hosts you haven’t
explicitly configured elsewhere in nginx’s config file, I find the
following to be a useful catchall. Use it alongside well-defined
server_names in other server blocks.
server {
listen 80 default_server;
server_name _;
location / { return 404; }
}
HTH,
J
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs