The virtual host in the default configuration of Nginx allows the user to access through IP or through a domain name that is not set (e.g. someone maliciously points his own domain name to your IP)
This is because the server area in the default configuration has this line:
listen default;
The following default parameter indicates that this is the default virtual host, accepting all the domain names that are pointing over.
For example, when someone accesses your website via IP or unknown domain name, you want to suppress any valid content and return 500 to him.
server {
listen default;
server_name _;
return;
}
You can also collect these traffic, import to your own website, as long as the following jump settings can be:
server {
listen default;
Rewrite ^ (. *) http://www.jb51.net permanent;
If a multiple-IP server, only one IP is blocked:
You can try this:
server {
listen *:80 default;
server_name _;
return;
}
Try again when you can't:
server {
listen *:80;
server_name _;
return;
}
After using the empty host header, phpMyAdmin will not be able to access, add a level two domain name point to phpMyAdmin directory on the line.