Configure two root level domains from the same Nginx server in Ubuntu 16.4?

Question

Hello,I am running one droplet with nginx configured for running a wordpress installation. I bought another TLD and would like to host that domain from the same server too. I followed the DO tutorial on how to configure the second site which tells making a new directory in the www directory and I did so along with the other settings. Now how do I configure the A record or the CNAME for the second TLD in the DO domain settings please? Here are the basic info: Two domains. First one configured as the default nginx site with the A record and CNAME and everything. Also has the LetsEncrypt SSL set to the first one. I don’t necessarily need an SSL for the second one or it doesn’t have to be a Wordpress site. A static site will do. Just need the second TLD map the second site. Any article or suggestion on that please?Much appreciated.

Jonathan Tittle · Accepted Answer

@mcmurphy

When it comes to A and CNAME entries, you’ll point both domains’ A entries to the same IPv4 IP. The CNAME would simply point www to the domain so that you can use either or to access it.

i.e.

A          @          DROPLET_IP
CNAME      www        domain.com.

Where DROPLET_IP is the IPv4 IP of your Droplet and domain.com is your domain name.

When it comes to the server blocks, as long as the domain is pointing to the IP where you’ve setup the server block for the same domain, that should be all that’s needed.

For example, if we have domain01.com and domain02.com and you’ve setup the same A/CNAME entries (as shown above), then you’d have at least two server blocks, one for each domain.

domain01.conf

server {
    listen 80;
    listen [::]:80;
    server_name domain01.com www.domain01.com;

    root /home/domain01.com/htdocs/public;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }
}

domain02.conf

server {
    listen 80;
    listen [::]:80;
    server_name domain02.com www.domain02.com;

    root /home/domain02.com/htdocs/public;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }
}

Of course, the above won’t handle PHP files, though we can fix that easily by adding another location block under the first. That’d look like this:

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;

        include fastcgi_params;
    }

I’m using TCP instead of Sockets for fastcgi_pass, though you can replace that as needed. So we could have the server blocks setup like:

domain01.conf

server {
    listen 80;
    listen [::]:80;
    server_name domain01.com www.domain01.com;

    root /home/domain01.com/htdocs/public;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;

        include fastcgi_params;
    }
}

domain02.conf

server {
    listen 80;
    listen [::]:80;
    server_name domain02.com www.domain02.com;

    root /home/domain02.com/htdocs/public;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass 127.0.0.1:9001;
        fastcgi_index index.php;

        include fastcgi_params;
    }
}

For SSL, things are a little different. We’d use something like this instead (for each domain):

server {
    listen 80;
    listen [::]:80;
    server_name domain01.com www.domain01.com;

    return 301 https://$host$request_uri;
}

server
{
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name domain01.com www.domain01.com;

    add_header X-Frame-Options SAMEORIGIN;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

    resolver 8.8.8.8 8.8.4.4 valid=300s
    resolver_timeout 5s;

    ssl on;
    ssl_certificate /path/to/ssl/cert.pem;
    ssl_certificate_key /path/to/ssl/privatekey.pem;

    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
    ssl_dhparam /etc/nginx/ssl/dhparam.pem;
    ssl_ecdh_curve secp384r1;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_session_cache shared:SSL:50m;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_session_tickets off;
    ssl_session_timeout 5m;

    root /home/domain01.com/htdocs/public;

    location /
    {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass 127.0.0.1:9001;
        fastcgi_index index.php;

        include fastcgi_params;
    }
}

The above allows us to redirect requests on port 80 to 443 so that everything is covered by SSL. This is a bit more detailed than what the guides cover, but I use similar in production, so I figured that’s what I’d give as an example.

The above assumes HTTP2 is enabled on your NGINX version. If it’s not, you may need to remove http2 from listen.

Flamber Hansen · Answer

@mcmurphy Can you post your Nginx configuration? It’ll be easier for us to help.

Question

Configure two root level domains from the same Nginx server in Ubuntu 16.4?

Try DigitalOcean for free

Popular Topics

Get our biweekly newsletter

Hollie's Hub for Good

Become a contributor

Featured on Community

DigitalOcean Products

Welcome to the developer cloud