nginx: Add default HTTPS handler for unknown host
This will reject TLS connections entirely, which is likely better compared to defaulting to the next (and possibly incorrect) server block or presenting a self-signed certificate only to then reject the request with a 444 response.
This commit is contained in:
parent
3d4da04c18
commit
8f30b8f28a
|
@ -12,3 +12,9 @@ server {
|
|||
return 444;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 default_server;
|
||||
server_name _;
|
||||
ssl_reject_handshake on;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue