How to block not defined server_name in Nginx?

nginx

Solution 1:

It responds because you don't have a separate 'default' vhost configured. There is always a default, or fallback, vhost configured, so that nginx knows what to do in the event it gets a request of the type you've sent.

The nginx documentation provides a good description of how the server-name-to-vhost-matching is performed, but in short I'd recommend configuring a new vhost like this:

server {
  listen 80 default_server;
  root /usr/share/empty;
}

(You may have to create /usr/share/empty if it doesn't already exist)

This will simply serve an empty directory to anyone who hits your server with an unrecognized vhost name. You can get fancier with various sorts of error pages and whatnot if you like.

Related

grow/shrink a zfs RAIDZ
Redhat Linux Kernel what does GA mean?
Dell MD1000 and an x4 SAS connector throughput / layout
Disable IPv4: What exactly does 'ifconfig eth0 0' do?
Browser hijack uses a similar domain name to mine
Windows firewall logging. Log file is always blank
How to prevent asymmetric routing with multiple eBGP routers?
Zabbix graph of item from different hosts
RabbitMQ Erlang Cookie [closed]
Are there certain specific host file entries that Windows 2008 will ignore for security purposes?
Monitor Outbound DNS (Website) Traffic
Mixing SFP's with different speeds