Django nginx无效的HTTP_主机头
我每天都收到来自机器人的电子邮件,这些机器人用错误的http_头攻击我的服务器。我遵循以下步骤: 我认为这会解决问题。现在的问题是,如果您尝试转到Django nginx无效的HTTP_主机头,django,nginx,Django,Nginx,我每天都收到来自机器人的电子邮件,这些机器人用错误的http_头攻击我的服务器。我遵循以下步骤: 我认为这会解决问题。现在的问题是,如果您尝试转到https://35.****.*.*/我仍然可以让它触发一封给我自己的无效HTTP_主机电子邮件 我试图通过添加listen443default\u服务器来解决这个问题: server { listen 443 default_server; listen 80 default_server; return 444; }
https://35.****.*.*/
我仍然可以让它触发一封给我自己的无效HTTP_主机电子邮件
我试图通过添加listen443default\u服务器来解决这个问题代码>:
server {
listen 443 default_server;
listen 80 default_server;
return 444;
}
但现在我的网站的合法流量也被封锁了。
这是我的完整配置。非常感谢您的帮助
server {
# default server
listen 80 default_server;
return 444;
}
server {
listen 80;
server_name mysite.com www.mysite.com;
root /home/ubuntu/web/troopers/;
location /static/ {
# if asset versioning is used
if ($query_string) {
expires max;
}
}
access_log /home/ubuntu/web/logs/troopersAccess.log;
error_log /home/ubuntu/web/logs/troopersError.log;
location / {
uwsgi_pass unix:///home/ubuntu/web/troopersuwsgi.sock;
include uwsgi_params;
}
# what to serve if upstream is not available or crashes
error_page 400 /400.html;
error_page 403 /403.html;
error_page 404 /404.html;
error_page 500 502 503 504 /500.html;
# Compression
gzip on;
gzip_http_version 1.0;
gzip_comp_level 5;
gzip_proxied any;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Some version of IE 6 don't handle compression well on some mime-types,
# so just disable for them
gzip_disable "MSIE [1-6].(?!.*SV1)";
# Set a vary header so downstream proxies don't send cached gzipped
# content to IE6
gzip_vary on;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
也许你应该尝试更改Django日志设置,以避免发送针对特定错误的电子邮件?这是我的备份计划。但据我所知,处理这种情况的正确方法是在请求到达django之前关闭请求。也许这可以帮助您复制