Admit it, we've all been there! We spin up a new VPS and find out that the server was earlier being used by someone else who didn't deal with their mess properly and now all those internet zombies are now trying to find directories on your new server. While this may not be a problem for some but it definitely is an issue for people who keep a strict audit of their access log to ensure that their services are safe and working as expected. I'm one of those and I really like to keep my server logs clean while also saving myself from some potential data leak situations.
We deal with such a situation by responding with a HTTP
444 Code which means
Connection closed without response. We do this in nginx
default_server parameter to use all requests not already being handled by another server block to be handled by a generic server block that catches all such requests and responds with a 444 response.
The best location to put this code in will be
/etc/nginx/sites-available/default You'll have to remove (or edit) any existing blocks that are using the
default_server parameter. The above block can also be adapted to block requests for a particular domain or directory. e.g.:
If you notice carefully, we've appended a period (.) to example.com
.example.com that is due to an nginx spec which makes it possible for us to include all of the sub-domains of
whatever.example.com into account when blocking requests. We can also serve a 404 response but that's not ideal,
If You've got any questions, feel free to ask on our forum discuss.tekduke.com