About nginx.conf config


thanks for the firezone product, after start the implementation testing, currently I would start to fine tune nginx myself.

while look at phoenix content:
listen 443 default_server ssl;

  • listen [::]:443 default_server ssl;*
  • server_name mfa.xxx.com;*
  • …*

it seems default_server should not define together within the same block in the valid server_name zone, I believe the portal should provide explicitly specified as is. without the valid input url, other format like ip address, empty host field or an unknown domain should not be accepted.

for those who has require the multi name, we can add multiple value in server_name instead, controlled by ourselves.

but currently I can’t find the setting parameter yet in firezone.rb config.

summarize suggestion:

  • create a new block for default_server and lock in dark, means it should has no response for incorrect server_name request.
  • add parameter for multi-value server_name , if applicable