I have Nginx + FastCGI for php. My server is sending duplicate headers. How to fix it?

Question

I am running a LEMP server with Ubuntu 18. If I curl my URL:
curl -i thexeno.com it shows the proper headers. But if I go to the website itself (under construction) it shows multiple headers including CSP which breaks a lot of stuff.

Could anyone help? I’ve checked every single file in /etc/nginx and I can’t figure out what is sending the duplicate header. my website/website.conf (renamed here) file lists the proper CSP and other headers I need.

Thanks.

Answer 1

GreenSage May 20, 2020

That should read, “it shows multiple duplicate headers…”

Reply Report

Answer 2

GreenSage May 20, 2020

^ I was heading out to lunch when I wrote that sorry.

But if I go to the website itself (under construction) it shows multiple duplicate headers including CSP which breaks a lot of stuff. (On both Firefox and Chrome dev tools…displays something like this, notice all the duplicates)

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 20 May 2020 20:52:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self';:       font-src 'self';:       img-src 'self';:        style-src 'self';:  :
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'
Content-Language: en
Cache-Control: no-cache, must-revalidate, stale-while-revalidate, max-age=0, private, no-transform
Pragma: no-cache
Expires: 0

Here’s a copy of my custom.conf:

server {
        listen 80;
        root /var/www/html/xxx;
        index index.php index.html index.htm index.nginx-debian.html;
        server_name xxx;
        add_header Content-Security-Policy "
                default-src 'self';
                font-src 'self';
                img-src 'self';
                style-src 'self';
        ";
        add_header X-Content-Type-Options nosniff;
        add_header X-Frame-Options DENY;
        fastcgi_pass_request_headers on;
        location / {
                try_files $uri $uri/ =404;
        }
        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        }
        location ~ /\.ht {
                deny all;
        }
}

Reply Report

Answer 3

GreenSage May 22, 2020

Also, here’s something that may help I think? I followed this guide to the letter. https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-ubuntu-18-04

How To Install Linux, Nginx, MySQL, PHP (LEMP stack) on Ubuntu 18.04

by Justin Ellingwood

by Mark Drake

This tutorial details the process for installing and configuring the components that constitute a LEMP stack on an Ubuntu 18.04 server, including Nginx, MySQL, and PHP. It also includes instructions for testing that these components can communicate effectively and serve your content correctly.

Reply Report

Related

Question

I have Nginx + FastCGI for php. My server is sending duplicate headers. How to fix it?

Related

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

I have Nginx + FastCGI for php. My server is sending duplicate headers. How to fix it?

Related

Leave a comment

Related

question

Droplet gets slow with time (response time 700ms to 3000ms), any tips please?

question

Connect to DB installed into dedicated VPS (private networking)

question

my site i down please see http://www.cheri3a.com/

question

How do I get a SSL certificate for my WSGI Flask server so it can send data over HTTPS?

Looking for something else?