Thank you, but I believe the answers were given too fast.
(0) We already considered default servers
(1) $request_uri is not the actual, full, HTTP request line
(2) nginx has NO way to match ^http after GET (that we found)
(3) I suggest a new variable,
FULL TRUE HTTP REQUEST LINE
- INCLUDING GET/PUT/POST/HEAD VERB
- INCLUDING SCHEME
- REGARDLESS OF SERVER BLOCK
That would be fully general.
We require that raw IP address reach our working server.
So http://18.104.22.168/ must work like http://goodhostname.com/
and can’t go to a “_” 444 block as you suggest.
We already thought of that and tried it a long time ago.
But proxy attempts use http://22.214.171.124 too, so they can only be
defeated with regular expressions. In nginx, this matching is
nearly impossible, because of hidden assumptions in the
Please consider $full_request_line for future improvement,
thank you. Nginx is excellent and we appreciate your work.