Site redirecting issue, multiple Server Blocks in one Nginx.conf file. Can someone help please?

September 26, 2018 806 views
Nginx DigitalOcean Initial Server Setup Server Optimization Open Source

File Structure:

/home/apple/public_html   - apple.com working fine
                      :/home/apple/public_html/splashpage  - Splash Page for a new site coming soon
              :/home/apple/orange   — orange.co - International site for the rest of the world 
                      :/home/apple/orange2    — orange.ca - Canadian version of the Orange site.

Below is a copy of my nginx,conf /etc/nginx/nginx.conf

Please note that there are four (4) websites being hosted at the same IP address, represented as fruits. apple, orange, orange2 and banana in multiple server blocks.

Problem: whenever you visit orange2 which is www.orange.ca the site redirects to the apple.com url and brings up the the apple.com website content instead of the content for orange.ca

All the other sites are working fine, only the orange.ca is redirecting to apple.com. Can someone please help me with this config for these site?

user  nginx;
worker_processes  2;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    server_tokens off;
    client_max_body_size 5M;






    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
server_names_hash_bucket_size 128;
# Start of Apple Server Block
server {
ssl on;
listen 10.29.138.163:443 ssl;
listen 10.29.138.163;
ssl_certificate /home/apple/ssl.cert;
ssl_certificate_key /home/apple/ssl.key;
fastcgi_read_timeout 60;
access_log /var/log/virtualmin/apple.com_access_log;
server_name apple.com apple.io www.apple.io www.apple.com apple2.com www.apple2.com;
root /home/apple/public_html/;
index index.html index.htm index.php
access_log /var/log/virtualmin/apple.com_access_log;
error_log /var/log/virtualmin/apple.com_error_log;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/apple/public_html$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/apple/public_html;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/php-nginx/149641388815892.sock/socket;
}
# Support Clean (aka Search Engine Friendly) URLs
   location / {
      try_files $uri $uri/ /index.php?$args;
   }
}
# End of Apple Server Block
# Orange International Server Block
     server {
ssl on;
listen 10.29.138.163:443 ssl;
listen 10.29.138.163;
ssl_certificate /home/apple/ssl.cert;
ssl_certificate_key /home/apple/ssl.key;

fastcgi_read_timeout 60;
server_name orange.co www.orange.co;
root /home/apple/orange;
index index.html index.htm index.php;

access_log /var/log/virtualmin/orange.co_access_log;
error_log /var/log/virtualmin/orange.co_error_log;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/apple/orange$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/apple/orange;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/php-nginx/149641388815892.sock/socket;
}
# Support Clean (aka Search Engine Friendly) URLs
   location / {
      try_files $uri $uri/ /index.php?$args;
   }

    }

   # End of Orange International Server Block




    # Start of Orange Canada Server Block

    server {
ssl on;
listen 10.29.138.163:443 ssl;
listen 10.29.138.163;
ssl_certificate /home/apple/ssl.cert;
ssl_certificate_key /home/apple/ssl.key;
fastcgi_read_timeout 60;
server_name orange.ca www.orange.ca;
root /home/apple/orange2;
index index.html index.htm index.php;

access_log /var/log/virtualmin/orange.ca_access_log;
error_log /var/log/virtualmin/orange.ca_error_log;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/apple/orange2$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/apple/orange2;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/php-nginx/149641388815892.sock/socket;
}
# Support Clean (aka Search Engine Friendly) URLs
   location / {
      try_files $uri $uri/ /index.php?$args;
   }



    }   # End of Orange Canada server block






    # Banana Server Start

server {
ssl on;
listen 10.29.138.163:443 ssl;
listen 10.29.138.163;
ssl_certificate /home/apple/ssl.cert;
ssl_certificate_key /home/apple/ssl.key;
root /home/apple/public_html/splashpage;
index index.html index.htm index.php;
server_name banana.io www.banana.io;

      fastcgi_read_timeout 60;

access_log /var/log/virtualmin/banana_access_log;
error_log /var/log/virtualmin/banana.io_error_log;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/apple/public_html/splashpage$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/apple/public_html/splashpage;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/php-nginx/149641388815892.sock/socket;
}
# Support Clean (aka Search Engine Friendly) URLs
   location / {
      try_files $uri $uri/ /index.php?$args;
   }


    } # Banana Server Block ENDS





}  #End of http
1 Answer

It depends on the validity of the SSL cert for orange.ca. If it isn't valid, the server will instead route the request to the first vhost in the configuration, which happens to be apple.com's. That's because Nginx doesn't know about the actual host header until it completes the SSL handshake and decrypts the headers for orange.ca. But since the cert is possibly invalid or doesn't match orange.ca, it defaults to apple.com's. You can test it like this with HTTP first:

curl -vvv -I http://orange.ca/

and then

curl -vvv -I https://orange.ca/

Have another answer? Share your knowledge.