I got hit with a portscanner a few minutes ago, which caused an edge-case I
can't repeat.
the access log looks like this:
94.102.48.193 - [09/Dec/2016:22:15:03 +0000][_] 500 "GET / HTTP/1.0"
10299 "-" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)" "-"
cookies="-"
the server block was:
server {
listen 80 default_server;
server_name _;
...
}
but there is another ip block:
server { listen 80;
server_name ~^[0-9.]*$;
}
i can't figure out how to duplicate this request. the 500 was triggered,
because the upstream application server didn't get find a "HTTP_HOST"
environment variable set up, and i'd like to protect against this.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
