0

I have a nginx config like this First Block:

server { listen 80; server_name abcd.info; return 301 https://$host$request_uri; } server { listen 443 ssl http2 default_server; server_name abcd.info; root /srv/www/abcd; ## <== Your only path reference. #ssl on; ..... ..... }

Second Block

server { listen 80; server_name tapash.ddns.com; root /srv/www/ddns.com; index index.php; ...... .... }

For the first site, I want to setup over HTTPS permanently. Problem I am facing is to serve the 2nd site on HTTP. But everytime it automatically redirects to HTTPS and take the SSL certificate of first site. I tried to adjust configs but seems no difference. Can anyone shed some light on this please?

Improve this question
3
  • If your configs are in separate files, are you absolutely sure that the second block is being read and loaded? There may be a typo in your filename or similar meaning it doesn't match the wildcard for loading configurations. Commented Feb 22, 2016 at 10:37
  • They are actually in the same file. But I will try on a different file now. Commented Feb 22, 2016 at 10:38
  • UPDATE: I have placed them in 2 different files now and still the same. I have double checked for typos, but everything is perfectly in order. Commented Feb 22, 2016 at 10:41

2 Answers 2

Reset to default
1

site1.example.net

server { listen 192.168.1.1; server_name site1.example.net; root /vhosts/site1/public_html; location / { add_header X-DEBUG "HTTP:[site1.example.net]" always; } }

site2.example.net

server { listen 192.168.1.1:80; server_name site2.example.net; return 301 https://$host$request_uri; add_header X-DEBUG "HTTP:[site2.example.net]" always; } server { listen 443 ssl hhtp2; server_name site2.example.net; root /vhosts/site2/public_html; ssl_certificate /etc/pki/nginx/server.crt; ssl_certificate_key /etc/pki/nginx/server.key; ssl_session_timeout 5m; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:!RC4:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK'; ssl_prefer_server_ciphers on; add_header X-DEBUG "HTTPS:[site2.example.net]" always; }

Works as it should, no redirects for site1 on http

# curl -I http://site1.example.net HTTP/1.1 200 OK Server: nginx/1.9.11 Date: Tue, 23 Feb 2016 09:08:37 GMT Content-Type: text/html Content-Length: 45 Last-Modified: Tue, 23 Feb 2016 08:54:51 GMT Connection: keep-alive ETag: "56cc1e5b-2d" X-DEBUG: HTTP:[site1.example.net] Accept-Ranges: bytes # curl -I http://site2.example.net HTTP/1.1 301 Moved Permanently Server: nginx/1.9.11 Date: Tue, 23 Feb 2016 09:08:43 GMT Content-Type: text/html Content-Length: 185 Connection: keep-alive Location: https://site2.example.net/ X-DEBUG: HTTP:[site2.example.net] # curl -I https://site2.example.net/ HTTP/1.1 200 OK Server: nginx/1.9.11 Date: Tue, 23 Feb 2016 09:08:58 GMT Content-Type: text/html Content-Length: 45 Last-Modified: Tue, 23 Feb 2016 08:55:02 GMT Connection: keep-alive ETag: "56cc1e66-2d" X-DEBUG: HTTPS:[site2.example.net] Accept-Ranges: bytes

P.S. maybe some cache in your web browser. Have you tried to clear it?

Improve this answer
-1

you may be using server block inside another server block, or I just saw bad formated blocks. But the real problem is default_server tag you are using. Remove it.

I would recommend using two separate files inside /sites-available/ folder named abcd.info and tapash.ddns.com.

You need put your files in /etc/nginx/sites-available/ folder then create symbolic links to to those files in sites-enabled like this:

ln -s /etc/nginx/sites-available/abcd.info /etc/nginx/sites-enabled/abcd.info ln -s /etc/nginx/sites-available/tapash.ddns.com /etc/nginx/sites-enabled/tapash.ddns.com

and lastly but very important remove the /etc/nginx/sites-enabled/default

since with the regular nginx installation this is the default file that will be processed. And any file that you have in /sites-enabled will be processed.

if you are working this on localhost make sure your hosts file has records for tapash.ddns.com and abcd.info

Improve this answer
3
  • removing default_server directive didnt really help. nor placing the config into 2 separate files. Commented Feb 22, 2016 at 21:38
  • Yeah, the default_server option only manually specifies a server block to take precedence if there were no more specific matches found in the blocks listening on that port. Splitting up your config into partials in separate files and using includes to bring them together is recommended because it makes maintaining a configuration easier but as long as the syntax in all of them is good and they're being included properly it has no effect on function. Commented Feb 23, 2016 at 0:10
  • removing default_server is a must for any other work. BTW, where have you placed your 2 separated files? Commented Feb 23, 2016 at 7:57

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.