When the nginx homepage does not exist, it will default to returning a 404 error instead of a 403 error.

Jul 4, 2021#nginx32

AI-generated summary

When the homepage of a website is not found, Nginx will default to returning a 404 error instead of a 403 error. This was necessary after a domain was hijacked and the website was attacked. The solution involved setting the domain to a specific site and forcing a 404 error, but the homepage still returned a 403 error. To fix this, the homepage was redirected to a non-existent resource with a 301 redirect.

title: "nginx defaults to returning 404 instead of 403 when the homepage does not exist"
date: "2021-07-05"
tags:

"nginx"

nginx defaults to returning 404 instead of 403 when the homepage does not exist

The domain was hijacked by a certain website, causing the entire site to be compromised. By configuring nginx, the specified domain is bound to a specific site and then forced to return 404.

location = / { return 404; }

However, the homepage still returns a 403 code instead of the expected 404. To resolve this, the 404 is made normal and the homepage is directly redirected to a non-existent resource using a 301 redirect. Job done.

location = / { index index.html return 404; }

location = /index.html { return 301 /noexsit; }