0

Our rails app is being inundated with requests from bots that are trolling using IP addresses. Every request results in an exception notification error message.

Our original Nginx server block:

server {
server_name example.com www.example.com *.example.com;
passenger_enabled on;
rails_env production;
root /home/deploy/cm/public;
passenger_app_root /home/deploy/cm;
passenger_friendly_error_pages on;
index index.html index.htm;

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

if ($scheme != "https") {
    return 301 https://$host$request_uri;
} # managed by Certbot
}

server {
if ($host = www.example.com) {
    return 301 https://$host$request_uri;
} # managed by Certbot

if ($host = example.com) {
    return 301 https://$host$request_uri;
} # managed by Certbot

    listen 80;

    server_name example.com www.example.com *.example.com;
return 404; # managed by Certbot
}

I placed 444.html file in the public directory and added this to the top of our Nginx server block:

server { 
listen 80; 
server_name _; 
return 444; 


}

This produced no change in the number of error messages. The error messages include this:

* SERVER_PORT                                 : 443
* SERVER_PROTOCOL                             : HTTP/1.1
* SERVER_SOFTWARE                             : nginx/1.18.0 Phusion_Passenger/6.0.6

How do I modify the server block to return a 444 if someone uses an IP address instead of our domain names?

Jay
  • 191
  • 2
  • 11

1 Answers1

0

Put this at the top of your config:

server {
  listen       80  default_server;
  return 444;
}
Gerard H. Pille
  • 2,469
  • 1
  • 12
  • 10