当server_name不匹配时,Nginx将丢弃 [英] Nginx drop when server_name does not match
问题描述
我有两个虚拟主机:一个在 domain.tld
端口80,另一个在 sub.domain.tld
带有SSL的端口443。我在我的DNS服务器上添加了一个CNAME条目,将我的子
子域重定向到 domain.tld。
。
一切都按预期方式工作,但是转到 http://sub.domain.tld
与转到 http:// domain.tld
和 https://domain.tld
与 https://sub.domain.tld相同
。我如何防止这种情况?
I have two vhosts : one on domain.tld
port 80, the other on sub.domain.tld
port 443 with SSL on. I added a CNAME entry on my DNS server that redirects my sub
subdomain to domain.tld.
.
Everything works as expected, but going to http://sub.domain.tld
does the same as going to http://domain.tld
, and https://domain.tld
the same as https://sub.domain.tld
. How can I prevent this ?
我的配置:
server {
listen *:443;
listen [::]:443;
server_name www.sub.domain.tld;
ssl on;
ssl_certifiate ...;
ssl_certifiate_key ...;
root /var/www/sub.domain.tld;
...
}
server {
listen *:80;
listen [::]:80;
server_name www.domain.tld;
root /var/www/domain.tld;
...
}
推荐答案
如果这些是您唯一的服务器
块,那么它们也分别是端口443和端口80的默认服务器块。有关详细信息,请参见此文档。
If these are your only server
blocks, then they are also your defacto default server blocks for port 443 and port 80 respectively. See this document for details.
如果你不想要这个,你需要声明一个默认的服务器
块。最简单的定义可能是:
If you do not want this, you need to declare a default server
block. A minimalist definition might be:
server {
listen 80 default_server;
listen 443 default_server;
deny all;
}
这篇关于当server_name不匹配时,Nginx将丢弃的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!