Add an option to reject or drop a request with an unknown host

[ondrejnedoma]

Is your feature request related to a problem? Please describe.

This is a security concern of mine, where if someone opens ANY domain pointing to my IP address with an A record, or the IP address itself, it would at best throw a 404 page if I set that up in the settings, and at worst show the congrats page.

Describe the solution you'd like

It would be a great feature if besides choosing congrats page, 404 page, redirection, or custom page, I could also choose to reject or drop the request entirely, giving the attacker a lot less hope.

Describe alternatives you've considered

Additional context

[FibreTTP]

This is was already implemented in #2942:

https://nginx.org/en/docs/http/request_processing.html#how_to_prevent_undefined_server_names

[ondrejnedoma]

Oh, I was running almost a year old version of NPM, after updating I see the option, Thanks!