Reverse proxy redirection issue

Daniel Armando Rodriguez drodriguez at unau.edu.ar
Sat Sep 18 01:24:44 UTC 2021


Hello,

I am new in this world (of nginx) and I have a problem that has me 
crazy.

I am using nginx as a reverse proxy, I managed to configure SSL 
certificates using LetsEncrypt but nginx does the redirection to the 
wrong vhost.

This is the configuration of one of the vhost, they are 3 identical ones 
pointing to the same virtual machine. I have a fourth one pointing to 
another virtual machine that works without problems.

I have the domains 1.DOMAIN.edu.ar, 2.DOMAIN.edu.ar and 3.DOMAIN.edu.ar 
pointing to the same internal IP. But any domain I enter in the browser 
the redirection is made to 1.DOMAIN.edu.ar.

Also set a 4th as default_server, but behaviuor still remains.

This is the vhost configuration
---
# cat /etc/nginx/sites-enabled/2.DOMAIN.edu.ar.conf
server {
     listen 80;
     server_name 2.DOMAIN.edu.ar;
     server_tokens off;
     # Don't show the nginx version number

     include /etc/nginx/snippets/location-letsencrypt.conf;

#    return 301 https://2.DOMAIN.edu.ar$request_uri;
     rewrite ^ https://2.DOMAIN.edu.ar$request_uri? permanent;
}

server {
     listen 443 ssl http2;

     server_name 2.DOMAIN.edu.ar;
     server_tokens off;
     # Don't show the nginx version number

     include /etc/nginx/snippets/location-letsencrypt.conf;

     ssl_certificate /etc/letsencrypt/live/2.DOMAIN.edu.ar/fullchain.pem;
     ssl_certificate_key 
/etc/letsencrypt/live/2.DOMAIN.edu.ar/privkey.pem;

     ssl_session_cache builtin:1000 shared:SSL:10m;
     # Defining option to share SSL Connection with Passed Proxy

     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     # Defining used protocol versions.

     ssl_ciphers 
HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
     # Defining ciphers to use.

     ssl_prefer_server_ciphers on;
     # Enabling ciphers

     location / {
        proxy_http_version  1.1;
        #For Websockets and keepalive connections
        proxy_set_header Upgrade           $http_upgrade;
        proxy_set_header Connection        "upgrade";
        #required when using Websockets
        proxy_set_header Host              $host;
        #Contains:
        #   hostname from the request line,
        #   or hostname from the Host request header field,
        #   or the server name matching a request.
        proxy_set_header X-Real-IP         $remote_addr;
        #Forwards the real visitor remote IP address
        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
        #List containing the IP addresses of every server the client has 
been proxied through.
        proxy_set_header X-Forwarded-Proto $scheme;
        #When used inside an HTTPS server block,
        #each HTTP response from the proxied server is rewritten to HTTPS
        proxy_set_header X-Forwarded-Host  $host;
        #Original host requested by the client
        proxy_set_header X-Forwarded-Port  $server_port;
        #Original port requested by the client
        proxy_pass http://INTERNAL-IP/;
     }

     access_log /var/log/nginx/2.DOMAIN.edu.ar/access.log;
     error_log /var/log/nginx/2.DOMAIN.edu.ar/error.log;

}
---

Any hint will be much appreciated.


Thanks in advance.-


More information about the nginx mailing list