[[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)]

I dont know what my problem was yesterday, I think I had something quite similar. But figured it out now.

Relevant Part of my default file:

 

server {
	return 444;
}

# redirect all traffic to https
server {
	listen 80 default_server;
	listen [::]:80 default_server;
	server_name mydomain.com;
	return 301 https://$host$request_uri;
}

# main server block
server {
	listen 443 ssl http2 default_server;
	listen [::]:443 ssl http2 default_server;

	root /config/www;
	index index.html index.htm index.php;

	server_name mydomain.com;

 

Additional Server Block to drop all requests.

Server name for http und https change to only work for my domain

 

[[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)]

I did my setup following the tutorial from spaceinvader one just using the new swag docker container.

 

Due to the port forwarding if I access my WAN IP  I land on the "Welcome to your SWAG instance" Page. 

 

Now my goal is to simple drop these request (return 444) and only respond to requests targeting

supportedsubdomain.domain.com

supportedsubdomain2.domain.com

 

 

[[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)]

Probably a stupid question and easily solved, but my search always returns results solving the opposite problem.

I set up the reverse proxy and everything works fine. I can access the sites hosted under my subdomains perfectly.

 

Now I want to drop all connections not directly directed at one of my supported domains. 

If I access my Public IP I want to get no result at all.

 

As far as I figured out I should be able to do that be configuring the default config.
But so far I only managed to either block nothing or block everything. 

 

Any tips how to adapt the config?