Jede XYZ-Domain, die auf meine Digital Ocean Droplet-IP zeigt, wird zu meinem Forum weitergeleitet. Dadurch sind viele unbekannte 404-Logs entstanden, was sich negativ auf das Linkprofil auswirkt.
Ich überlege, eine Regel wie diese hinzuzufügen:
location / {
if ($server_name !~ "^forum\.)?example\.com$"){
return 403;
}
}
Das bedeutet, Anfragen von nicht autorisierten Domains abzulehnen.
Bitte geben Sie mir eine Anleitung, wie ich das einrichten kann.
Mit freundlichen Grüßen,
Gulshan
Last time this was brought up the easiest solution was to enable SSL, that will cause the wrong domains to either redirect to the correct one, or show an SSL error:
If thats not an option you can use a pups template to add that 403 block into the Discourse nginx config.
I am already using Let’s Encrypt. The issue is what XYZ domain point it simply redirect 301 to my forum.
Then adding it to the Discourse nginx config would be the next easiest thing. Using a new pups template would be the best way, to save you needing to re-apply the change every rebuild.
You could try… Make a new file at /var/discourse/templates/web.403.yml, with the following contents:
run:
- replace:
filename: "/etc/nginx/conf.d/discourse.conf"
from: /location / \{/
to: |
location / {
if ($server_name !~ "^forum\.)?example\.com$"){
return 403;
}
Then edit /var/discourse/containers/app.yml and at the bottom of the templates section add a new line:
- "templates/web.403.yml"
And then try and run a ./launcher rebuild app, see how that goes.
Thanks, I will try it in the mid night (less traffic time) and update here what happens.
I should add…
If you want to test that config you can use ./launcher enter app to get a terminal up in the container, then edit /etc/nginx/conf.d/discourse.conf there (vi should be installed, or install something more familiar), and you can run service nginx reload to apply the config change.
If that all runs well, then my above post will make the change more permenant (by automatically making the change to the file every rebuild)