Subdomain serving main domain content on https - nginx

I got a website with a main domain, and a subdomain. I use nginx. On the main domain I have https and not on the subdomain. However, https://sub.domain.com is serving the content of domain.com, with a browser warning
So far I tried to adjust my conf in nginx with no luck.
This is the nginx conf file for sub.domain.com:
server {
listen 80;
server_name sub.domain.com;
root /var/www/sub/;
index index.php;
access_log /var/log/nginx/sub_http_access.log combined;
error_log /var/log/nginx/sub_http_error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass php-handler-http;
fastcgi_read_timeout 60s;
}
location ~* \.(htaccess|htpasswd) {
deny all;
}
# set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
}
This is the nginx conf for domain.com:
upstream php-handler-http {
server 127.0.0.1:9000;
#server unix:/var/run/php5-fpm.sock;
}
server {
server_name domain.com;
root /var/www/html/;
index index.php;
# set max upload size
client_max_body_size 2G;
fastcgi_buffers 64 4K;
access_log /var/log/nginx/wordpress_http_access.log combined;
error_log /var/log/nginx/wordpress_http_error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args ;
}
location ~* \.(htaccess|htpasswd) {
deny all;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass php-handler-http;
fastcgi_read_timeout 60s;
}
# set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = sub.domain.com) {
return 301 http://$host$request_uri;
}
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 443 ssl;
server_name 8.8.8.8;
return 301 $scheme://domain.com$request_uri;
}
I am expecting to not have the https://sub.domain.com serve main website content and have a 301 redirect to http://sub.domain.com

Related

redirecting to root, even if query is empty

All my links is redirecting to root, where I serve the file "index.php".
This is my nginx config :
/etc/nginx/sites-available/myproject.local
server {
listen 80;
listen 444 ssl http2;
server_name .buildurlshortener.local;
root "/home/vagrant/codecourse/buildurlshortener/public";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/buildurlshortener.local-error.log error;
sendfile off;
client_max_body_size 100m;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
}
location ~ /\.ht {
deny all;
}
ssl_certificate /etc/nginx/ssl/buildurlshortener.local.crt;
ssl_certificate_key /etc/nginx/ssl/buildurlshortener.local.key;
}
If I make a post request to "http://myproject.local/something", it works.
But a post request to the root, i.e. http://myproject.local, is not working.
I get "405 Not Allowed" from nginx.
If I add a rule with "location ~ { ... }", then I can post to "http://myproject.local". But now it is "http://myproject.local/something" that is not working.
How can I also serve "index.php" from the root ("/"), without breaking my other routes ?

One of the causes of message "405 Not Allowed" is that nginx can't serve static content on POST-request. Could you show config more detailed?

To this line :
location ~ .php$
I appended |/$ :
location ~ .php$|/$
So that it can also accept an empty query.
Now I can use post requests to "myproject.local", "myproject.local/index.php", ""myproject.local/someroute".

proxy_pass priority and location

I am trying to proxy all incoming requests from nginx to NodeJS, excluding uri "/cabinet/...". So according to official nginx documentation, it's work perfectly when I am trying to proceed file on same server, but when I am trying proxy to node server, whole request are forced to node (including /cabinet/)
So what I am doing wrong?
server {
listen 80;
listen 443 ssl http2;
server_name mysite.dev;
root "/home/vagrant/code/cabinet/public";
index index.html index.htm index.php;
charset utf-8;
location / {
proxy_pass http://localhost:5000;
#try_files $uri $uri/ /index.html;
}
location /cabinet/ {
#try_files $uri $uri/ /index.php?$query_string;
try_files $uri $uri/ /index2.html;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/mysite.dev-error.log error;
sendfile off;
client_max_body_size 100m;
location ~ /\.ht {
deny all;
}
ssl_certificate /etc/nginx/ssl/mysite.dev.crt;
ssl_certificate_key /etc/nginx/ssl/mysite.dev.key;
}

Wordpress permalink after migrating to Nginx

My permalinks are ~~/%category%~~/%postname%/~~.html~~.
I migrated from Apache to Nginx.
Then my config file I added in
server{
location /mydirectory/ {
try_files $uri $uri/ /mydirectory/$uri.html;
}
But my browser goes on going to the 404 page.
I tried many codes found after deleting cache but still no success.Any help will be much appreciated
Thank you
I desactivate all my plugins and was able to change my permalinks into
/%postname%/
Here is my my.site.com config (my site is in a sub directory Vie/) :
server {
listen 80;
server_name my.site.com;
location ~ /(vie|\|Vie|Vie)/(.*) {
return 301 https://my.site.com/Vie;
}
return 301 https://my.site.com/Vie$request_uri;
}
server {
listen 443 ssl;
server_name my.site.com;
root /var/www/my.site.com/html;
index index.php index.html;
ssl_certificate /etc/letsencrypt/live/krouus.company/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/krouus.company/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA128-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256';
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_dhparam /etc/nginx/dhparam.pem;
add_header Strict-Transport-Security "max-age=31536000;";
location /Vie/ {
index index.php;
try_files $uri $uri/ /Vie/index.php?$args;
}
location / {
try_files $uri $uri/ /Vie/index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffers 4 256k;
fastcgi_buffer_size 128k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
include fastcgi_params;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
}
location ~* commun {
deny all;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\.ht {
deny all;
}
location ~ (^|/)\. {
return 403;
}
location ~* \.(?:css|gif|htc|ico|js|jpe?g|png|swf)$ {
expires max;
log_not_found off;
## No need to bleed constant updates. Send the all shebang in one
## fell swoop.
tcp_nodelay off;
## Set the OS file cache.
open_file_cache max=1000 inactive=120s;
open_file_cache_valid 45s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
}
location ~* \.ini$ {
deny all;
return 404;
}
error_page 404 /404.html;
location /404.html {
internal;
}
location ~* /(?:uploads|files)/.*\.(html|htm|shtml|php|js|swf|py|jsp|asp|sh|cgi)$ {
deny all;
}
if ($request_method !~ ^(GET|POST|HEAD)$ ) {
return 444;
}
location ~* wp-includes/theme-compat/ {
deny all;
}
location ~* wp-includes/js/tinymce/langs/.*.php {
deny all;
}
location /wp-includes/ {
internal;
}
location ~* .(pl|cgi|py|sh|lua|asp)$ {
return 444;
}
location ~* /(wp-config.php|readme.html|license.txt|nginx.conf) {
deny all;
}
if (!-e $request_filename) {
rewrite ^.*$ /index.php last;
}
location /xmlrpc.php {
deny all;
}
}

Try this instead. As i was also facing same problem,hope its work for you too.
location /mydirectory{
try_files $uri $uri/ /mydirectory/index.php;
}

Well in fact I solved my problem. I read attentively my ocnfiguration and removed
if (!-e $request_filename) {
rewrite ^.*$ /index.php last;
}
And now my Wordpress works.
Cheerio!

Nginx server multiple site and domain redirection (on same port/different port)

I am trying to host multiple unrelated sites on the same nginx server. How do I edit the http.conf and the https.conf file in order to make it work?
ORIGINAL HTTP.CONF
server {
listen 2333;
server_name port1.example.com;
rewrite ^/(.\*) http://port1.example.com/$1 permanent;
root /var/www/html;
index index.php index.html;
# set max upload size
client_max_body_size 2G;
fastcgi_buffers 64 4K;
access_log /var/log/nginx/http_access.log combined;
error_log /var/log/nginx/http_error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ \.php$
{
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(htaccess|htpasswd) {
deny all;
}
# set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
}
ORIGINAL HTTPS.CONF
server {
listen 4433 ssl default_server;
server_name _;
ssl_certificate /etc/nginx/ssl/port2.example.com.crt;
ssl_certificate_key /etc/nginx/ssl/port2.example.com.key;
root /usr/share/nginx/html;
index index.php index.html;
# set max upload size
client_max_body_size 2G;
fastcgi_buffers 64 4K;
access_log /var/log/nginx/https_access.log combined;
error_log /var/log/nginx/https_error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ \.php$
{
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(htaccess|htpasswd) {
deny all;
}
# set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
}
My port 4433 is on SSL obviously. How can I get port 2333 to work only on port1.example.com and port 4433 to work only on port2.example.com It's better if 2333 can be served on SSL, too.

Thanks guys for viewing. I ended up using Nginx and it was way faster setting up using multiple .conf files in the /etc/nginx/conf folder.

wordpress nginx ssl redirect loop

So I'm setting up an nginx server and installed wordpress and SSL.
The site is working perfectly on both http and https but when I try to redirect http to https via nginx's server block, both http and https results in a endless redirect loop.
Here's my server block
server {
listen 80;
return 301 $server_name$request_uri;
listen 443 ssl spdy;
root /var/www/wordpress;
index index.php index.html index.htm;
server_name www.example.com;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
spdy_headers_comp 6;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /etc/ssl/certs/www.example.com.certchain.crt;
ssl_certificate_key /etc/ssl/private/www.example.com.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
add_header Alternate-Protocol 443:npn-spdy/2;
proxy_set_header X-Forwarded-Proto https;
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
proxy_set_header X-Forwarded-Proto $scheme;
# try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?q=$uri&$args;
if ($http_referer ~* (buttons-for-website.com)) { return 444; }
if ($http_referer ~* (semalt.com)) { return 444; }
}
location ~ \.(hh|php)$ {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Ssl on;
fastcgi_keep_conn on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache microcache;
fastcgi_cache_valid 200 60m;
}
location ~ \.php$ {
location #fallback {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache microcache;
fastcgi_cache_valid 200 60m;
}
# Cache Static Files For As Long As Possible
location ~*
\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|$
{
access_log off;
log_not_found off;
expires max;
}
# Security Settings For Better Privacy Deny Hidden Files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Return 403 Forbidden For readme.(txt|html) or license.(txt|html)
if ($request_uri ~* "^.+(readme|license)\.(txt|html)$") {
return 403;
}
# Disallow PHP In Upload Folder
location /wp-content/uploads/ {
location ~ \.php$ {
deny all;
}
}
}
I'd really appreciate anyone's help. I commented out that "return 301" in 3rd line and google indexed both http and https version of the same page and deindexed most of my pages and dropped rankings for several keywords.
Thanks a bunch in advance!

Try separating the non ssl server block so you'd have this
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl spdy;
root /var/www/wordpress;
....

Resources