Home / server / Questions / 482991
Accepted
Arek B.
Asked: 2013-02-28 04:28:26 +0800 CST

nginx ssl proxy for one hostname only

  • 772

I want nginx to serve as a ssl proxy but for host: "ssl.example.com"

at the same time I want nginx to serve "nginx is ok" website for host: "ssl-check.example.com" (this is just example, please don't suggest any monitoring tools here)

for other hosts pointing to my IP I want to serve 404 or whatever.
- I don't care for certificate mismatch - so SNI is not what I want here.
- I don't want to use described as pitfall solution and use something like

if ($host != $server_name) {
root /var/www/errors/404

All these on single IP.

I have working ssl

server {

with server_name ssl.example.com - working as I want.

another ssl

server {

with server_name ssl_check.example.com - showing "nginx is ok"

and last server (also ssl) without server_name (or with "_" as name) which is supposed to serve 404 but it doesn't work...

SOLVED
My config using the solution looks now (and works) like:

  1. server with "listen 443 ssl;" serving proxy
  2. server with "listen 443 ssl;" serving "nginx is ok"
  3. server with "listen 443 ssl default_server;" and with "location / return 404"

If this config can be in any way dangerous - don't hesitate to put me to shame. Thans

nginx

1 Answers

  1. Best Answer

    You specify the default virtual host using the default_server option to the listen directive. If you don't set this nginx will choose the first server block with a matching listen directive.

    server {
    listen 443 ssl default_server;
    root /var/www/errors/404;
}
    • 1