CODEWITHSUNDEEP
http-redirectnginxdns
C.A. Vuyk
C.A. Vuyk

Reputation: 1085

Why does this nginx server redirect to a wrong domain?

Why does this nginx server redirect to a wrong domain? My nginx webserver has two domains to serve, server1.eu and server2.eu, why do they interfere with each other? When I set up a new 'clean' server install, this behaviour does NOT appear, so what is wrong in this servers' setup.

The nginx webserver listening to IPv6 takes precedence over IPv4 and interferes with SNI. Testing with removing servers reveals the behaviour of nginx.

Remove all servers except server 1, with IPv4 and IPv6 enabled, reload nginx, then activate server 2, with only an IPv4 listener and reload nginx again. Browsing to server 2 will let you end up at server 1. It appears that nginx automatically listens to the first added IPv6. So interchanging the sequence of activation will switch the routing.

find /etc/nginx/{conf.d,sites-enabled} gives

/etc/nginx/sites-enabled/server1.eu 
/etc/nginx/sites-enabled/server2.eu

The zone file records:

AAAA    server1.eu    directs to IPv6 address
A   server1.eu    directs to IPv4 address
AAAA    server2.eu  directs to IPv6 address
A server2.eu directs to IPv4 address

the nginx server configuration:

server {
    listen 80;
    listen [::]:80;
server_name server1.eu;
    return 301 https://www.server1.eu;
}
server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        ssl_certificate /etc/letsencrypt/live/server1.eu/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/server1.eu/privkey.pem;
        include snippets/ssl-params.conf;

        server_name www.server1.eu;
        root /var/www/server1.eu/webroot;
        index index.php index.html index.htm ;

        location / {
            try_files $uri $uri/ /index.php?$args;
        }

        location ~ \.php$ {
            include fastcgi.conf;
            fastcgi_pass unix:/run/php/php7.2-fpm.sock;
        }
}

and

server {
    listen 80;
    listen [::]:80;
    server_name www.server2.eu;
    return 301 https://$server_name$request_uri;
}

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
    ssl_certificate /etc/letsencrypt/live/server2.eu/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/server2.eu/privkey.pem;
    include snippets/ssl-params.conf;
    server_name www.server2.eu;
    root /var/www/server2.eu/webroot;
    index index.php index.html index.htm ;

        location / {
            try_files $uri $uri/ /index.php?$args;
        }

        location ~ \.php$ {
            include fastcgi.conf;
            fastcgi_pass unix:/run/php/php7.2-fpm.sock;
        }
}

Upvotes: 7

Views: 3931

Answers (2)

Bathinda Helper
Bathinda Helper

Reputation: 207

Exact same problem was happening to me. I couldn't follow what 'change' suggested by the chosen solution happen to solve your problem, but in my case, I happen to solve it by just adding 'www' in front of the domain2/server2.eu (in the conf file for domain2, in your case server2.eu).

Upvotes: 0

Lukas Kuntze
Lukas Kuntze

Reputation: 74

I have modified your Nginx configuration.

This should work:

Server 1:

server {
        listen 443 default_server ssl http2;
        listen [::]:443 default_server ssl http2;

        root /var/www/server1.eu/webroot;
        index index.php index.html index.htm;

        server_name www.server1.eu;

        ssl_certificate /etc/letsencrypt/live/server1.eu/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/server1.eu/privkey.pem;

        location / {
                try_files $uri $uri.html $uri/ @extensionless-php;
                autoindex on;
        }

        location @extensionless-php {
            rewrite ^(.*)$ $1.php last;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;

        #       # With php-fpm (or other unix sockets):
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        }
}

server {
    listen 80;
    server_name www.server1.eu;
    return 301 https://$host$request_uri;
}

Server 2:

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;

        root /var/www/server2.eu/webroot;
        index index.php index.html index.htm;

        server_name www.server2.eu;

        ssl_certificate /etc/letsencrypt/live/server2.eu/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/server2.eu/privkey.pem;

        location / {
                try_files $uri $uri.html $uri/ @extensionless-php;
                autoindex on;
        }

        location @extensionless-php {
            rewrite ^(.*)$ $1.php last;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;

        #       # With php-fpm (or other unix sockets):
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        }
}

server {
    listen 80;
    server_name www.server2.eu;
    return 301 https://$host$request_uri;
}

Note:

The change default_server causes that server1 is your default server.

Upvotes: 1

Related Questions