In this blog we have described how to block unknown domains being redirected to your server or causing traffic.
Introduction
Unauthorized domains being pointed to your server can be a security risk as it can expose your server to malicious traffic and potentially compromise your data. To protect your server from these unauthorized domains, you can use the if statement in your nginx configuration file. The if statement allows you to specify a condition that must be met in order for a particular block of configuration to be executed. By using the if statement, you can check the domain of a request and block it if it is not an authorized domain.
If you're using RunCloud servers, there are two reasons why other domains might redirect:
The default web application is enabled, which means that any domain not added as a domain name in any of your web applications will be redirected to this default web application.
The domains are pointed to your server IP, but when they are forced to load over HTTPS but since it's not a valid domain, there is no SSL installed for that domain, they are redirected to the first web application with an SSL certificate.
Both of these scenarios can cause problems for customers. To prevent these redirections on unwanted domains, it's important to first make sure that the default web application is the first one in alphabetical order. For example, you can create a web application with the name 'Aadefault' and install a self-signed certificate.
By following these steps, you can ensure that redirection will only occur to the first and default web application (when using HTTP requests). This will help prevent any unwanted redirections on other domains.
Understanding the if statement in nginx
The if statement in an nginx configuration file allows you to specify a condition that must be met in order for a particular block of configuration to be executed. The if statement uses the $host variable, which holds the value of the Host header field in the request, to check the domain of a request. You can use the = operator to check if the $host variable is equal to a specific domain, or you can use a regular expression to match the domain.
Blocking unauthorized domains with the if statement
To block unauthorized domains, you can use the if statement in your nginx configuration file. Here is an example of using the if statement to block unauthorized domains:
if ($host !~* "^(app-gutkowski|app-russel)\.vg3oap2gfo-xoy4wjyj96pw\.p\.temp-site\.link$") {
return 403 /errors/403.html;
}
This regular expression will match $host if it begins with app-gutkowski or app-russel, followed by the rest of the domain string. If the $host does not match the regular expression, the if statement will be satisfied and a 403 error will be returned.
Alternatively, you can use the following configuration to block unauthorized domains:
if ($host != "app-gutkowski.vg3oap2gfo-xoy4wjyj96pw.p.temp-site.link") {
return 403 /errors/403.html;
}This if statement will return a 403 error if $host is not equal to the specified domain.
Conclusion
In this post, we discussed how to use the if statement in an nginx configuration file to block unauthorized domains. By using the if statement and the $host variable, you can check the domain of a request and return a 403 error if it is not an authorized domain. Also, it's recommended to report this abuse in those domain name providers so that it will be removed as well. You can use https://www.whois.com/ to find the domain details.
Implementing these techniques can help secure your server and protect it from unauthorized domains. We encourage you to implement these techniques to protect your server from potential security risks.
Comments
Post a Comment