2

I have a nginx server which I use as a proxy. I want to have all requests forwarded as normal http requests, expect request to api.mydomain.org, those request I want to run with ssl/https.

This works fine with the following:

server { listen 80; server_name api.mydomain.org; return 301 https://api.mydomain.org$request_uri; } server { listen 443; server_name api.mydomain.org; location / { proxy_pass http://backend; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; } ssl on; ssl_certificate /etc/nginx/ssl/api.mydomain.org/server.crt; ssl_certificate_key /etc/nginx/ssl/api.mydomain.org/server.key; }

However, this will redirect all request to subdomains which are not specifically specified/qualified. E.g. a.mydomain.org or b.mydomain.org are sent to https://api.mydomain.org.

How do I configure this?

Improve this question

1 Answer 1

Reset to default
1

Add a default server block that will catch unknown Host headers and deny connecting to them.

server { listen 80 default_server; return 444; }

You may want to add your public IP address(es) to your server_name directive in your first block to accept connections using HTTP/1.0 or HTTP/1.1 with the IP address.

Improve this answer
1
  • Yes, I didn't have default_server set for the general server. Added that and it works perfect! Commented Nov 26, 2014 at 10:48

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.