Minor apache adjustment
Figured I should do something about naked requests to this server's IP returning an old subdomain's content I don't really put anything on anymore. By default, Apache will use the first configuration it finds (reading vhost files alphabetically) if a request comes in without an associated domain name. Just so happened that the subdomain on another site was alphabetically first. Anyway, I looked up a fix, it seems to work, just put this at the top of that file:
<VirtualHost *:80>
ServerName default
RewriteRule ^ - [F]
</VirtualHost>
Now naked requests return a 403 error, good. Amusingly this can be an issue for HTTPS too. Even though a secure connection by design requires a domain name, browsers can ignore the mismatch and curl can use -k flag and bots can do whatever. So the default response was for another site I recently setup that's alphabetically prior to this one. Solution is similar, but with Apache you must load an SSL key for the connection anyway, or things will break:
See Full Post and Comments
Recent Posts
2023-08-05
2023-07-23
2023-07-01
2023-06-28
2023-06-17