Recently got some notice from my DAST security tools that https://xx.xx.xx.xx (server IP address) is accessible with invalid TLS Certificate.
I think that is the default router that runs if somebody accessing through IP and/or there is no matching registered Host at my traefik server.
How can I prevent this happening? I am thinking of instead of showing 404, it would be nice if I redirect the request to my main website at another server.
Have tried this, but doesn't work as I expected.
http:
routers:
catchall:
entryPoints:
- "web-secure"
rule: "Host(`xx.xx.xx.xx`)"
service: redirecttomain
middlewares:
- catchall
# lowest possible priority
# evaluated when no other router is matched
priority: 1
middlewares:
catchall:
redirectRegex:
regex: "^https://xx.xx.xx.xx"
replacement: "https://www.another-site.com"
services:
redirecttomain:
loadBalancer:
servers: {}