Nginx 拒绝非域名访问
HTTP
server {
listen 80 default_server;
server_name _;
return 500;
}
HTTPS
复制以下全部命令粘贴回车,脚本将在 $SAVE_PATH
目录生成自签证书。
SAVE_PATH=/etc/nginx/ssl/default/
KEYOUT="${SAVE_PATH}fullchain.pem"
OUT="${SAVE_PATH}privkey.pem"
if [[ ! "$(command -v openssl)" ]]; then
SYSTEM_APT=$(command -v yum)
if [[ ! "$SYSTEM_APT" ]]; then
SYSTEM_APT=$(command -v apt)
fi
eval $SYSTEM_APT install -y openssl
fi
[[ ! -d "$SAVE_PATH" ]] && mkdir -p "$SAVE_PATH"
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout "$KEYOUT" -out "$OUT" <<EOF
CN
BJ
Beijing
local
local
local,*.local
[email protected]
EOF
随后添加如下配置。
server {
listen 443 ssl default_server;
server_name _;
ssl_certificate /etc/nginx/ssl/default/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/default/privkey.pem;
return 500;
}