fallback.conf

---
---

server {
  listen 80;
  server_name *.{{ site.domain }};

  return 302 https://$host$request_uri;
}

server {
  listen 443;
  listen 1010; # TLS 1.0, which supports SNI
  listen 1011; # TLS 1.1, which supports SNI
  server_name *.{{ site.domain }};

  include {{ site.serving-path }}/nginx-includes/wildcard-fallback.conf;
  include {{ site.serving-path }}/nginx-includes/tls-defaults.conf;

  # Uncomment this to drop the connection.
  # return 444;

  # Respond and give a helpful error.
  return 421 "If you have received this response, you are using a connection with the {{ site.domain }} fallback certificate. This means you are either trying to connect to an unknown subdomain, or your client does not support Server Name Indication (https://en.wikipedia.org/wiki/Server_Name_Indication).";
}