Cualquier dominio XYZ que apunte a la IP de mi droplet de Digital Ocean se redirige a mi foro. De esta manera, se han generado muchos registros 404 desconocidos y se está afectando el perfil de enlaces.
Estoy pensando en agregar una regla como esta:
location / {
if ($server_name !~ "^forum\.)?example\.com$"){
return 403;
}
}
lo que significa denegar solicitudes desde dominios no autorizados.
Por favor, guíenme sobre cómo agregarla.
Gracias y saludos,
Gulshan
Last time this was brought up the easiest solution was to enable SSL, that will cause the wrong domains to either redirect to the correct one, or show an SSL error:
If thats not an option you can use a pups template to add that 403 block into the Discourse nginx config.
I am already using Let’s Encrypt. The issue is what XYZ domain point it simply redirect 301 to my forum.
Then adding it to the Discourse nginx config would be the next easiest thing. Using a new pups template would be the best way, to save you needing to re-apply the change every rebuild.
You could try… Make a new file at /var/discourse/templates/web.403.yml, with the following contents:
run:
- replace:
filename: "/etc/nginx/conf.d/discourse.conf"
from: /location / \{/
to: |
location / {
if ($server_name !~ "^forum\.)?example\.com$"){
return 403;
}
Then edit /var/discourse/containers/app.yml and at the bottom of the templates section add a new line:
- "templates/web.403.yml"
And then try and run a ./launcher rebuild app, see how that goes.
Thanks, I will try it in the mid night (less traffic time) and update here what happens.
I should add…
If you want to test that config you can use ./launcher enter app to get a terminal up in the container, then edit /etc/nginx/conf.d/discourse.conf there (vi should be installed, or install something more familiar), and you can run service nginx reload to apply the config change.
If that all runs well, then my above post will make the change more permenant (by automatically making the change to the file every rebuild)