17

I always use "return 444" in the nginx config to stop crawlers that access my servers directly via IP or via the wrong hostname. It just closes the connection. Perfect.

Now I want to use this response instead of the standard 404.html pages that nginx throws, but I fail at configuring.

error_page 500 502 503 504 /custom_50x.html;

This works fine, but I can't "return 444" like here:

server {
    listen      80;
    server_name "";
    return      444;
}

Does anybody know a way to combine these two?

Mark Rotteveel
  • 100,966
  • 191
  • 140
  • 197
Howard
  • 266
  • 1
  • 3
  • 14
  • 1
    An interesting approach, given problems with slowloris and similar drip-connection attacks. – Kzqai Jul 20 '17 at 19:47

2 Answers2

18

Redirect request then you can return status code easily:

server {
  error_page 500 502 503 504 @blackhole;

  location @blackhole {
    return 444;
  }
}
Community
  • 1
  • 1
Shahzaib Ali Khan
  • 687
  • 6
  • 14
6

Just wanted to add that using @blackhole named location raised Nginx's default 500 error page when certain weird requests were sent to the server (more details here), and thus the desired result (444) was not achieved.

I went around this by using the following notation instead:

error_page 301 400 403 404 500 502 503 504 =444 /444.html;
location = /444.html {
        return 444;
}

Update: note that if the above block is itself inside a location block, the location path location = /444.html {… may prompt an Nginx error upon reload because Nginx requires it be a sub-location of the parent location block --> such as: location = [sub-location]/444.html {….

Jean Monet
  • 2,075
  • 15
  • 25