Want more timely Centmin Mod News Updates?
Become a Member

Nginx domain 1 redirects to domain 2

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by adzkii, Apr 18, 2020.

  1. adzkii

    adzkii Member

    38
    1
    8
    Apr 15, 2020
    Ratings:
    +3
    Local Time:
    10:30 AM
    Please fill in any relevant information that applies to you:
    • CentOS Version: CentOS 7 64bit ?
    • Centmin Mod Version Installed: 123.09beta01
    • Nginx Version Installed: 1.17.10
    • PHP Version Installed: 7.3
    • MariaDB MySQL Version Installed: 10.3
    • Persistent Config:
      Code (Text):
      AUTO_GITUPDATE='y'
      NGINX_HPACK='y'
      MARCH_TARGETNATIVE='n'
      NGINX_IOURING_PATCH_BETA='y'
      NGINX_DYNAMICTLS='y'
      CLOUDFLARE_ZLIB='y'
      CLOUDFLARE_ZLIBPHP='y'
      CLOUDFLARE_ZLIBRESET='y'
      CLOUDFLARE_ZLIB_OPENSSL='y'
      NGXDYNAMIC_NGXPAGESPEED='y'
      NGINX_PAGESPEED='y'
      PHP_PGO='y'
      NGXDYNAMIC_BROTLI='y'
      NGINX_LIBBROTLI='y'
      PHP_BROTLI='y'
      PHP_LZFOUR='y'
      PHP_LZFOUR='y'
      PHP_ZSTD='y'
      PHPREDIS='y'
      WP_AUTOPTIMIZE_GZIP='y'
      LIBRESSL_SWITCH='n'
      CLANG='n'
      DEVTOOLSETSIX='n'
      DEVTOOLSETSEVEN='n'
      DEVTOOLSETEIGHT='y'
      NGINX_DEVTOOLSETGCC='y'
      GCCINTEL_PHP='y'
      
    i'm not even sure if my Persistent Config is correct

    it just started happening, all ova sudden. when visitor visits domain1, it directs them to domain2. so when i access domain1.com/wp-admin, it directs me to domain2.com/wp-admin
    both domains assigned to the same IP.

    domain 1 config

    Code (Text):
    #x# HTTPS-DEFAULT
     server {
     
       server_name domain1.com www.domain1.com;
       return 302 https://domain1.com$request_uri;
       include /usr/local/nginx/conf/staticfiles.conf;
     }
    
    server {
      listen 443 ssl http2;
      server_name domain1.com www.domain1.com;
    
      include /usr/local/nginx/conf/ssl/domain1.com/domain1.com.crt.key.conf;
      include /usr/local/nginx/conf/ssl_include.conf;
    
     
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      http2_max_requests 5000;
      # mozilla recommended
      ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
     
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
      #add_header X-Frame-Options SAMEORIGIN;
      add_header X-Xss-Protection "1; mode=block" always;
      add_header X-Content-Type-Options "nosniff" always;
      #add_header Referrer-Policy "strict-origin-when-cross-origin";
      #add_header Feature-Policy "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'";
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
     
      # enable ocsp stapling
      resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 valid=10m;
      resolver_timeout 10s;
      ssl_stapling on;
      ssl_stapling_verify on;
    
    # ngx_pagespeed & ngx_pagespeed handler
    include /usr/local/nginx/conf/pagespeed.conf;
    include /usr/local/nginx/conf/pagespeedhandler.conf;
    include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/domain1.com/log/access.log combined buffer=256k flush=5m;
      error_log /home/nginx/domains/domain1.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/domain1.com/autoprotect-domain1.com.conf;
      root /home/nginx/domains/domain1.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
    
    # block common exploits, sql injections etc
      include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Wordpress Permalinks example
      try_files $uri $uri/ /index.php?q=$uri&$args;
      }
     
    location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
    rewrite ^/sitemap_index.xml$ /index.php?sitemap=1 last;
    rewrite ^/([^/]+?)-sitemap([0-9]+)?.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
    }
    
    ################################################
    location ~* \.(eot|ttf|woff|woff2)$ {
        add_header Access-Control-Allow-Origin *;
    }
    ##################################
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }


    domain 2 config

    Code (Text):
    #x# HTTPS-DEFAULT
     server {
     
       server_name domain2.com www.domain2.com;
       return 302 https://domain2.com$request_uri;
       include /usr/local/nginx/conf/staticfiles.conf;
     }
     
    
    server {
      listen 443 ssl http2;
      server_name domain2.com www.domain2.com reuseport;
    
      include /usr/local/nginx/conf/ssl/domain2.com/domain2.com.crt.key.conf;
      include /usr/local/nginx/conf/ssl_include.conf;
     
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      http2_max_requests 5000;
      # mozilla recommended
      ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
      #add_header X-Frame-Options SAMEORIGIN;
      add_header X-Xss-Protection "1; mode=block" always;
      add_header X-Content-Type-Options "nosniff" always;
      #add_header Referrer-Policy "strict-origin-when-cross-origin";
      #add_header Feature-Policy "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'";
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
     
      # enable ocsp stapling
      resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 valid=10m;
      resolver_timeout 10s;
      ssl_stapling on;
      ssl_stapling_verify on;
    
    # ngx_pagespeed & ngx_pagespeed handler
    include /usr/local/nginx/conf/pagespeed.conf;
    include /usr/local/nginx/conf/pagespeedhandler.conf;
    include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/domain2.com/log/access.log combined buffer=256k flush=5m;
      error_log /home/nginx/domains/domain2.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/domain2.com/autoprotect-domain2.com.conf;
      root /home/nginx/domains/domain2.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
      include /usr/local/nginx/conf/wpsecure.conf;
      include /usr/local/nginx/conf/wpcache.conf;
    
    # block common exploits, sql injections etc
    include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
        # Wordpress Permalinks example
      try_files $uri $uri/ /index.php?q=$uri&$args;
      }
          if (-f $request_filename/index.html){
                    rewrite (.*) $1/index.html break;
        }
    
        if (-f $request_filename/index.php){
                    rewrite (.*) $1/index.php;
        }
        if (!-f $request_filename){
                    rewrite (.*) /index.php;
        }
     
      location ~ \.(css|js)$ {
                rewrite ^/min/(.*)\.(css|js)$ /wp-content/cache/$2/$1.$2 last;
            }
           
    location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
    rewrite ^/sitemap_index.xml$ /index.php?sitemap=1 last;
    rewrite ^/([^/]+?)-sitemap([0-9]+)?.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
    }
    
    ################################################
    location ~* \.(eot|ttf|woff|woff2)$ {
        add_header Access-Control-Allow-Origin *;
    }
    ##################################
    
      include /usr/local/nginx/conf/staticfiles.conf;
      #include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/phpwpcache.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
     
    Last edited: Apr 18, 2020
  2. eva2000

    eva2000 Administrator Staff Member

    45,183
    10,276
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,926
    Local Time:
    7:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    what is output for these curl commands to check response headers and if applicable the reported location destination for redirects
    Code (Text):
    curl -I http://domain1.com
    curl -I http://www.domain1.com
    

    Code (Text):
    curl -I https://domain1.com
    curl -I https://www.domain1.com
    

    Code (Text):
    curl -I http://domain2.com
    curl -I http://www.domain2.com
    

    Code (Text):
    curl -I https://domain2.com
    curl -I https://www.domain2.com
    
     
  3. adzkii

    adzkii Member

    38
    1
    8
    Apr 15, 2020
    Ratings:
    +3
    Local Time:
    10:30 AM
    domain 1 curl
    Code (Text):
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Vary: Accept-Encoding
    Link: <https://domain1.com/wp-json/>; rel="https://api.w.org/"
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Cached: MISS
    Date: Sat, 18 Apr 2020 12:50:55 GMT
    X-Page-Speed: Powered By ngx_pagespeed
    Cache-Control: max-age=0, no-cache
    

    curl domain 2
    Code (Text):
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Vary: Accept-Encoding
    Link: <https://domain2.com/wp-json/>; rel="https://api.w.org/"
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Cached: MISS
    Date: Sat, 18 Apr 2020 12:51:43 GMT
    X-Page-Speed: Powered By ngx_pagespeed
    Cache-Control: max-age=0, no-cache
    


    domain1.com and domain2.com are pointed at the same IP
     
  4. eva2000

    eva2000 Administrator Staff Member

    45,183
    10,276
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,926
    Local Time:
    7:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    those look correct with HTTP 200 status and not 301/302 redirects

    what about for
    Code (Text):
    curl -I https://domain1.com/wp-login.php
    curl -I https://www.domain1.com/wp-login.php
    

    and
    Code (Text):
    curl -I https://domain2.com/wp-login.php
    curl -I https://www.domain2.com/wp-login.php
    
     
  5. adzkii

    adzkii Member

    38
    1
    8
    Apr 15, 2020
    Ratings:
    +3
    Local Time:
    10:30 AM
    domain 1 curl -I https://domain1.com/wp-login.php
    Code (Text):
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Vary: Accept-Encoding
    Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure
    lsc-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure
    X-Frame-Options: SAMEORIGIN
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Cached: MISS
    Date: Sat, 18 Apr 2020 13:08:38 GMT
    X-Page-Speed: Powered By ngx_pagespeed
    Cache-Control: max-age=0, no-cache, must-revalidate
    

    domain 1 curl -I https://domain1.com/wp-admin/
    Code (Text):
    HTTP/1.1 301 Moved Permanently
    Date: Sat, 18 Apr 2020 13:08:24 GMT
    Content-Type: text/html
    Content-Length: 162
    Location: https://domain1.com/wp-admin/
    Connection: keep-alive
    Vary: Accept-Encoding
    Server: nginx centminmod
    X-Powered-By: centminmod
    Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
    X-Xss-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    

    domain 2 curl -I https://domain2.com/wp-login.php
    Code (Text):
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Vary: Accept-Encoding
    Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure
    lsc-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure
    X-Frame-Options: SAMEORIGIN
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Cached: MISS
    Date: Sat, 18 Apr 2020 13:09:59 GMT
    X-Page-Speed: Powered By ngx_pagespeed
    Cache-Control: max-age=0, no-cache, must-revalidate
    

    domain 2 curl -I https://domain2.com/wp-admin
    Code (Text):
    HTTP/1.1 302 Moved Temporarily
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    X-Redirect-By: WordPress
    Location: https://domain2.com/wp-login.php?redirect_to=https%3A%2F%2Fdomain2.com%2Fwp-admin&reauth=1
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Cached: MISS
    Date: Sat, 18 Apr 2020 13:11:09 GMT
    X-Page-Speed: Powered By ngx_pagespeed
    Cache-Control: max-age=0, no-cache, must-revalidate
    
     
  6. adzkii

    adzkii Member

    38
    1
    8
    Apr 15, 2020
    Ratings:
    +3
    Local Time:
    10:30 AM
    not sure if it's got to do with hostname or hosts file
    hostname -
    Code (Text):
    hostname.domain1.com

    hosts -
    Code (Text):
    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    
    127.0.0.1 guest
    ::1       guest
    
    
    127.0.0.1 domain1.com
    ::1       domain1.com
    127.0.0.1 domain2.com
    ::1       domain2.com
    45.76.13x.xxx    domain1.com
    45.76.13x.xxx    domain2.com
    
     
  7. eva2000

    eva2000 Administrator Staff Member

    45,183
    10,276
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,926
    Local Time:
    7:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    last one has X-Redirect-By: WordPress header response to mean the redirect was done on wordpress end not nginx.
    it's redirecting back to login page again
    Code (Text):
    Location: https://domain2.com/wp-login.php?redirect_to=https%3A%2F%2Fdomain2.com%2Fwp-admin&reauth=1
    

    Make sure you update the wordpress main primary domain name properly
    Code (Text):
    domain 2 curl -I https://domain2.com/wp-admin
    
    HTTP/1.1 302 Moved Temporarily
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    X-Redirect-By: WordPress
    Location: https://domain2.com/wp-login.php?redirect_to=https%3A%2F%2Fdomain2.com%2Fwp-admin&reauth=1
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Cached: MISS
    Date: Sat, 18 Apr 2020 13:11:09 GMT
    X-Page-Speed: Powered By ngx_pagespeed
    Cache-Control: max-age=0, no-cache, must-revalidate


    also try disabling ngx_pagespeed on both domain's nginx vhost via commenting out the 3 lines

    from
    Code (Text):
    # ngx_pagespeed & ngx_pagespeed handler
    include /usr/local/nginx/conf/pagespeed.conf;
    include /usr/local/nginx/conf/pagespeedhandler.conf;
    include /usr/local/nginx/conf/pagespeedstatslog.conf;
    

    to
    Code (Text):
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    

    and restarting nginx and php-fpm
    Code (Text):
    nprestart
     
  8. eva2000

    eva2000 Administrator Staff Member

    45,183
    10,276
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,926
    Local Time:
    7:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    1st domain is redirecting back to itself
    Code (Text):
    domain 1 curl -I https://domain1.com/wp-admin/
    
    HTTP/1.1 301 Moved Permanently
    Date: Sat, 18 Apr 2020 13:08:24 GMT
    Content-Type: text/html
    Content-Length: 162
    Location: https://domain1.com/wp-admin/
    Connection: keep-alive
    Vary: Accept-Encoding
    Server: nginx centminmod
    X-Powered-By: centminmod
    Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
    X-Xss-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    

    in 301 redirect loop as both your nginx vhosts use 302 redirects not 301, then 301 is being done elsewhere not in Nginx i.e. Wordpress or some WP plugin maybe you installed ?
     
  9. eva2000

    eva2000 Administrator Staff Member

    45,183
    10,276
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,926
    Local Time:
    7:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    temp remove the /etc/hosts files DNS override and redo curl header checks for the domains for better idea if you have cloudflare in front as these overrides bypass cloudflare
     
  10. adzkii

    adzkii Member

    38
    1
    8
    Apr 15, 2020
    Ratings:
    +3
    Local Time:
    10:30 AM
    okay disabled it on both domains.

    not sure what you mean?

    temp removed the hosts file

    i temp disabled all the plugins for domain1.com using cli
     
  11. eva2000

    eva2000 Administrator Staff Member

    45,183
    10,276
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,926
    Local Time:
    7:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Wordpress site setting url in admin options https://wordpress.org/support/article/changing-the-site-url/ that is the default used by Wordpress