I have two vhosts : one on domain.tld port 80, the other on sub.domain.tld port 443 with SSL on. I added a CNAME entry on my DNS server that redirects my sub subdomain to domain.tld..
Everything works as expected, but going to http://sub.domain.tld does the same as going to http://domain.tld, and https://domain.tld the same as https://sub.domain.tld. How can I prevent this ?
My configuration :
server {
listen *:443;
listen [::]:443;
server_name www.sub.domain.tld;
ssl on;
ssl_certifiate ...;
ssl_certifiate_key ...;
root /var/www/sub.domain.tld;
...
}
server {
listen *:80;
listen [::]:80;
server_name www.domain.tld;
root /var/www/domain.tld;
...
}
If these are your only server blocks, then they are also your defacto default server blocks for port 443 and port 80 respectively. See this document for details.
If you do not want this, you need to declare a default server block. A minimalist definition might be:
server {
listen 80 default_server;
listen 443 default_server;
deny all;
}
来源:https://stackoverflow.com/questions/36182968/nginx-drop-when-server-name-does-not-match