HI,
if I use default catch all block to drop connections and then another server block with my name then everything kind of works:
server {
listen 80;
location / {
return 444; # drop connection silently
}
}
server {
listen 80;
server_name example.com;
location /data/ {
alias /home/http/;
try_files $uri $uri.html =404;
}
}
Now, I want to allow certain http requests when requested directly by the IP address. In my case 'http://12.34.56.78/data/something' should do the same as 'http://example.com/data/something', however, if I add location /data/ inside "catch all" server block then any requests with any random Host header will be able to be routed there as well, but I only want to allow it when directly requested by IP otherwise drop the connection. How do I configure that?
Another question regarding return 444. This seems to gracefully close the connection so that remote usually retries redoing same request 5-10 times very rapidly withing very short time, which actually makes problem even worse. Can it somehow silently abort TCP so that remote would be waiting for data until TCP times out?
if I use default catch all block to drop connections and then another server block with my name then everything kind of works:
server {
listen 80;
location / {
return 444; # drop connection silently
}
}
server {
listen 80;
server_name example.com;
location /data/ {
alias /home/http/;
try_files $uri $uri.html =404;
}
}
Now, I want to allow certain http requests when requested directly by the IP address. In my case 'http://12.34.56.78/data/something' should do the same as 'http://example.com/data/something', however, if I add location /data/ inside "catch all" server block then any requests with any random Host header will be able to be routed there as well, but I only want to allow it when directly requested by IP otherwise drop the connection. How do I configure that?
Another question regarding return 444. This seems to gracefully close the connection so that remote usually retries redoing same request 5-10 times very rapidly withing very short time, which actually makes problem even worse. Can it somehow silently abort TCP so that remote would be waiting for data until TCP times out?