除非请求特定域名，否则如何让nginx返回404？

Question

我有一个 nginx 服务器，我想在anything.mydomain.com请求时返回 404，除非anything是www，mypythonapp1或者mypythonapp2

我在以下位置创建了一个00-noredirect文件/etc/nginx/sites-enabled：

server {
    listen 80;
    listen 443 ssl;

    server_name _;

    return 404;
}

不幸的是，一切都被重定向到mypythonapp1.

其他服务器块如下：

server {
    listen mypythonapp1.mydomain.com:80;
    server_name mypythonapp1.mydomain.com;
    (...) 
    listen mypythonapp1.mydomain.com:443 ssl; # managed by Certbot
    (...)
}

我认为这可能与certbotmy 中的添加有关/etc/nginx/sites-enabled/mypythonapp1，即使我不确定：

(...)
    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot
(...)

有什么我必须添加00-noredirect才能避免这种不需​​要的行为吗？

编辑：根据@Tim 的要求，这是我几乎完整的 nginx 配置：

server {
    listen 80;

    server_name mypythonapp1.mydomain.com;

    disable_symlinks off;

    location /static {
        alias /var/www/mypythonapp/mypythonapp/mypythonapp/static;
    }

    location / { try_files $uri @yourapplication; }
    location @yourapplication {
        include uwsgi_params;
        uwsgi_pass unix:/var/run/uwsgi/app/mypythonapp1/socket;
    }


    listen 443 ssl; # managed by Certbot
    # some ssl magic here
    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot



}
server {
    listen 80;

    server_name mypythonapp2.mydomain.com;

    disable_symlinks off;

    location /static {
        alias /var/www/mypythonapp/mypythonapp/mypythonapp/static;
    }

    location / { try_files $uri @yourapplication; }
    location @yourapplication {
        include uwsgi_params;
        uwsgi_pass unix:/var/run/uwsgi/app/mypythonapp2/socket;
    }


    listen 443 ssl; # managed by Certbot
    # some ssl magic here
    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot


}
server {
    listen 80;

    server_name www.mydomain.com mydomain.com;
    root /home/me/mystaticwebsite/;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
    }

    listen 443 ssl; # managed by Certbot
    # some ssl magic here
    if ($scheme != "https") {
        return 301 https://$host$uri;
    } # managed by Certbot




}
server {
    listen 80 default_server;

    server_name _;

    return 444;
}

# this last bit I commented out because it broke everything...

#server {
#    listen 443 default_server;
#
#    server_name _;
#
#    return 444;
#}

EDIT2：检查error.log（为什么我之前不这样做......）我意识到最后一部分“破坏了一切”，因为no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking. 我最终复制了添加到其他域的ssl_certificate和ssl_certificate_key行certbot。现在我在请求时仍然有一个证书警告，anything.mydomain.com但至少如果我绕过它，我将无法访问mypythonapp1我最初真正想要的所有内容。

Answer 1

创建通过要服务的域名指定 server_name 的服务器块。接下来创建一个默认服务器来处理所有其他服务器。你不应该返回 404，返回一个更合适的代码。

server {
  # These can be in individual servers if you like
  server_name anything.mydomain.com www.mydomain.com etc.mydomain.com

  # add configuration
}


# This just prevents Nginx picking a random default server if it doesn't know which
# server block to send a request to
server {
  listen      80 default_server;
  server_name _;
  return      444; # "Connection closed without response"
}