Just a personal preference, but i put an https version in front of all sites(and redirect 80 to 443) and keep the certs up to date for free with lets-encrypt/certbot (i have nothing to do with the company), with SNI, one IP. This is simple as I keep the nginx configurations up to date with a configuration management tool (saltstack in my case).
That's my philosophy on 80 vs 443 and a mixed case, i like the consistency in my configuration and the ability to maintain groups of configuration types based on site needs. And you do get a small SEO boost for being https forward. Jeff On Mon, Nov 28, 2016 at 3:55 PM, Lukas Tribus <luky...@hotmail.com> wrote: > > It seems that search engines are probing https: even for sites that > > don't offer it > > Which is fine. > > > > > just because it's available for others, with the end > > result that pages are being attributed to the wrong site. > > Sounds like an assumption. Any real life experience and > evidence backing this? > > Sounds simply enough to drop the HTTPS request if the > certificate doesn't match the hostname. > > Every standard wget/curl/lynx application drops the TLS session > by default in this case, I don't see why a crawler wouldn't. > > > > > Does anyone have a better solution ( nginx of course! ) > > If this is a real problem (which I doubt), I guess you could just > serve a 403 Forbidden from the default hosts. > > > Lukas > > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx >
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
