I run a few sites using nginx, and I run them all on the same Linode box. I recently realised that one of those sites was inexplicably being returned as the default for any domain that wasn't explicitly set up in nginx.

Today I learned that nginx uses the first server block it comes across as the default. If (like me) you have your sites all defined in separate files, then this will end up being the first one in the list when those files are sorted alphabetically.

I thought a default could be achieved by having an available site that had no server_name in the server block, but that's not the case. Instead, just have a site like this:

server {
  listen 80 default_server;
  server_name _;
  return 444;
}

Returning 444 will mean that nginx just closes the connection. The request processing documentation on the nginx site goes into much more detail on this.