reject connections to invalid names

This commit is contained in:
Daniel Micay 2023-02-17 22:53:01 -05:00
parent f8ac420c83
commit deb985e065

View File

@ -88,8 +88,15 @@ http {
} }
server { server {
listen 80 backlog=4096; listen 80 default_server backlog=4096;
listen [::]:80 backlog=4096; listen [::]:80 default_server backlog=4096;
keepalive_timeout 0;
return 404;
}
server {
listen 80;
listen [::]:80;
server_name matrix.grapheneos.org element.grapheneos.org; server_name matrix.grapheneos.org element.grapheneos.org;
root /var/empty; root /var/empty;
@ -104,8 +111,14 @@ http {
} }
server { server {
listen 443 ssl http2 backlog=4096; listen 443 default_server ssl backlog=4096;
listen [::]:443 ssl http2 backlog=4096; listen [::]:443 default_server ssl backlog=4096;
ssl_reject_handshake on;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name matrix.grapheneos.org; server_name matrix.grapheneos.org;
root /var/empty; root /var/empty;