Discover Centmin Mod today
Register Now

Nginx SSL need help. my website is taking fb preview from another site on the server

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by idanisur, Jul 13, 2019.

  1. idanisur

    idanisur New Member

    14
    4
    3
    Apr 15, 2019
    Ratings:
    +5
    Local Time:
    11:29 AM
    i was 3 website with www. at ee server. I have moved them to my centmin server . everything working but if i type my website url in facebook without https:// the preview is coming from another website on this server . (website URL islamqabd .com but facebook preview is coming from inmarking .com ) .
    screenshot url : https://photos.app.goo.gl/fVucRnMBracYNGE18
     
  2. eva2000

    eva2000 Administrator Staff Member

    41,648
    9,380
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,409
    Local Time:
    3:29 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Please provide/fill in any relevant information that applies to you:
    • CentOS Version: i.e. CentOS 6 32bit or 64bit / CentOS 7 64bit ?
    • Centmin Mod Version Installed: i.e. 123.08stable or 123.09beta01
    • Nginx Version Installed: i.e. 1.15.3
    • PHP Version Installed: i.e. 5.6.37, 7.0.31, 7.1.21, 7.2.9
    • MariaDB MySQL Version Installed: i.e. 10.0.x or 10.1.xx or 10.2.xx
    • When was last time updated Centmin Mod code base ? : i.e. run centmin.sh menu option 23 submenu option 2 or cmupdate command
    • Persistent Config: Do you have any persistent config file options set in /etc/centminmod/custom_config.inc ? You can check via this command:
      Code (Text):
      cat /etc/centminmod/custom_config.inc
      

      Post output in CODE tags.
    also for each 3 domains, please post the output of the below curl commands wrapped in CODE tags (outlined at How to use forum BBCODE code tags)

    what is output of these commands in ssh
    Code (Text):
    curl -I https://domain.com
    

    Code (Text):
    curl -I https://www.domain.com
    

    Code (Text):
    curl -I http://domain.com
    

    Code (Text):
    curl -I http://www.domain.com
    

    wrap output in CODE tags
     
  3. idanisur

    idanisur New Member

    14
    4
    3
    Apr 15, 2019
    Ratings:
    +5
    Local Time:
    11:29 AM
     
  4. eva2000

    eva2000 Administrator Staff Member

    41,648
    9,380
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,409
    Local Time:
    3:29 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    are you using cloudflare's wordpress plugin ?

    seems they're all directing to the right site in curl inspecting the curl output's target destination listed in Location field.

    though the non-www redirects for https are redirecting to non-www https and www non-https redirecting to www https

    how was each site created ? via centmin.sh menu option 2, 22 or nv command ?

    What's output for these commands changing /home/nginx/domains/domain.com/public/ to the path to where you installed wordpress i.e. if domain.com/blog then it would be /home/nginx/domains/domain.com/public/blog
    Code (Text):
    cd /home/nginx/domains/domain.com/public/
    wp option get siteurl --allow-root
    wp option get home --allow-root
    

    If siteurl and home values are coming up with non-www and you want www being the main destination you can change them in your wordpress generation url settings or more thoroughly via wp-cli command line
    Code (Text):
    cd /home/nginx/domains/domain.com/public/
    wp search-replace 'https://example.com' 'https://www.example.com' --skip-columns=guid
    

    Code (Text):
    cd /home/nginx/domains/domain.com/public/
    wp option update home 'https://www.example.com'
    wp option update siteurl 'https://www.example.com'
    


    And same in reverse, if siteurl and home values are coming up with www and you want non-www being the main destination you can change them in your wordpress generation url settings or more thoroughly via wp-cli command line
    Code (Text):
    cd /home/nginx/domains/domain.com/public/
    wp search-replace 'https://www.example.com' 'https://example.com' --skip-columns=guid
    


    Code (Text):
    cd /home/nginx/domains/domain.com/public/
    wp option update home 'https://example.com'
    wp option update siteurl 'https://example.com'
    


    In cloudflare don't set always use HTTPS, if you have the 301/302 redirects already in your nginx domain vhost config files at /usr/local/nginx/conf/conf.d/yourdomain.com.ssl.conf - it's one or the other, so if you want cloudflare always use HTTPS set, then disable the 301/302 non-https to https redirects at nginx domain vhost config level.
     
  5. idanisur

    idanisur New Member

    14
    4
    3
    Apr 15, 2019
    Ratings:
    +5
    Local Time:
    11:29 AM
     
  6. idanisur

    idanisur New Member

    14
    4
    3
    Apr 15, 2019
    Ratings:
    +5
    Local Time:
    11:29 AM

    thanks for helping me.

    i did everything you said .removed www. also recreated the website(option 22). still not fixed .if i type my url without https:// , the facebook preview is coming form another website on the server .
     
  7. eva2000

    eva2000 Administrator Staff Member

    41,648
    9,380
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,409
    Local Time:
    3:29 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    what's output for this command to check and return all 301/302 redirects for all your nginx vhosts via a recursive egrep filter search for 301 or 302 and return the matched line as well in context the surrounding 8 lines as well
    Code (Text):
    egrep -C8 '301|302' -rin /usr/local/nginx/conf/conf.d/
    

    post output in CODE bbcode tags

    also post the current state of the 3 domains curl commands wrapped in CODE tags (outlined at How to use forum BBCODE code tags)

    what is output of these commands in ssh
    Code (Text):
    curl -I https://domain.com
    

    Code (Text):
    curl -I https://www.domain.com
    

    Code (Text):
    curl -I http://domain.com
    

    Code (Text):
    curl -I http://www.domain.com
    

    wrap output in CODE tags

    i did put your https://www.mdasaduzzaman.com into curl header check site at https://tools.keycdn.com/curl and in particular the redirect header = x-redirect-by: WordPress suggests the redirect is happening at wordpress code level i.e. plugin or something - do you have cloudflare wordpress plugin installed ?
    Code (Text):
    HTTP/2 301
    date: Fri, 26 Jul 2019 13:48:08 GMT
    content-type: text/html; charset=UTF-8
    set-cookie: __cfduid=d38a2c40078944265fde0821a8747504c1564148888; expires=Sat, 25-Jul-20 13:48:08 GMT; path=/; domain=.mdasaduzzaman.com; HttpOnly
    x-ua-compatible: IE=edge
    x-redirect-by: WordPress
    location: https://mdasaduzzaman.com/
    x-powered-by: centminmod
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    cf-cache-status: MISS
    expires: Fri, 26 Jul 2019 17:48:08 GMT
    cache-control: public, max-age=14400
    expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    server: cloudflare
    cf-ray: 4fc6d458d9066497-FRA
    
     
    Last edited: Jul 26, 2019
  8. eva2000

    eva2000 Administrator Staff Member

    41,648
    9,380
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,409
    Local Time:
    3:29 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    but looks like curl headers for http://islamqabd.com and https://islamqabd.com are working fine so site shows correct version right ?
     
  9. idanisur

    idanisur New Member

    14
    4
    3
    Apr 15, 2019
    Ratings:
    +5
    Local Time:
    11:29 AM
    Thanks again .
    i think i am wasting your valuable time. i don't know much about server programing. that's why i love your script (y) .
    I trust you. so i can give you my server login if you want . alternative, we can use Teamviewer .

    ok , now i am trying to give you the information you asked for.

    information from mdasaduzzaman .com

    Code:
    --
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-1-
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-2-#x# HTTPS-DEFAULT
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-3- server {
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-4-
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-5-   server_name mdasaduzzaman.com www.mdasaduzzaman.com;
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf:6:   return 302 https://mdasaduzzaman.com$request_uri;
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-7-   include /usr/local/nginx/conf/staticfiles.conf;
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-8- }
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-9-
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-10-server {
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-11-  listen 443 ssl http2;
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-12-  server_name mdasaduzzaman.com www.mdasaduzzaman.com;
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-13-
    /usr/local/nginx/conf/conf.d/mdasaduzzaman.com.ssl.conf-14-  include /usr/local/nginx/conf/ssl/mdasaduzzaman.com/mdasaduzzaman.com.crt.key.conf;
    --
    information from asadroy. com(this one is ok . dont have any fb preview problem)


    Code:
    --
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-1-
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-2-#x# HTTPS-DEFAULT
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-3- server {
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-4-
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-5-   server_name asadrony.com www.asadrony.com;
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf:6:   return 302 https://asadrony.com$request_uri;
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-7-   include /usr/local/nginx/conf/staticfiles.conf;
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-8- }
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-9-
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-10-server {
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-11-  listen 443 ssl http2;
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-12-  server_name asadrony.com www.asadrony.com;
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-13-
    /usr/local/nginx/conf/conf.d/asadrony.com.ssl.conf-14-  include /usr/local/nginx/conf/ssl/asadrony.com/asadrony.com.crt.key.conf;
    --


    information from inmarking .com

    Code:
    --
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-1-
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-2-#x# HTTPS-DEFAULT
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-3- server {
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-4-
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-5-   server_name inmarking.com www.inmarking.com;
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf:6:   return 302 https://inmarking.com$request_uri;
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-7-   include /usr/local/nginx/conf/staticfiles.conf;
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-8- }
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-9-
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-10-server {
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-11-  listen 443 ssl http2 reuseport;
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-12-  server_name inmarking.com www.inmarking.com;
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-13-
    /usr/local/nginx/conf/conf.d/inmarking.com.ssl.conf-14-  include /usr/local/nginx/conf/ssl/inmarking.com/inmarking.com.crt.key.conf;
    --

    curl -I https://mdasaduzzaman.com

    Code:
    HTTP/1.1 200 OK
    Date: Sat, 27 Jul 2019 04:55:51 GMT
    Content-Type: text/html; charset=utf-8
    Connection: keep-alive
    Set-Cookie: __cfduid=d109a71efd3497294628ca365bf8e04631564203351; expires=Sun, 26-Jul-20 04:55:51 GMT; path=/; domain=.mdasaduzzaman.com; HttpOnly
    Last-Modified: Fri, 26 Jul 2019 23:34:28 GMT
    Vary: Accept-Encoding
    X-Powered-By: centminmod
    X-Xss-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    Server: cloudflare
    CF-RAY: 4fcc06008b75e003-FRA


    curl -I https://www.mdasaduzzaman.com


    Code:
    HTTP/1.1 301 Moved Permanently
    Date: Sat, 27 Jul 2019 04:56:41 GMT
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Set-Cookie: __cfduid=d4aad33937ce32c73744aea711cbefd941564203401; expires=Sun, 26-Jul-20 04:56:41 GMT; path=/; domain=.mdasaduzzaman.com; HttpOnly
    X-UA-Compatible: IE=edge
    X-Redirect-By: WordPress
    Location: https://mdasaduzzaman.com/
    X-Powered-By: centminmod
    X-Xss-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    CF-Cache-Status: HIT
    Age: 54513
    Expires: Sat, 27 Jul 2019 08:56:41 GMT
    Cache-Control: public, max-age=14400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    Server: cloudflare
    CF-RAY: 4fcc0739cc9197d8-FRA
    curl -I http://mdasaduzzaman. com


    Code:
    HTTP/1.1 302 Moved Temporarily
    Date: Sat, 27 Jul 2019 04:57:28 GMT
    Content-Type: text/html
    Connection: keep-alive
    Set-Cookie: __cfduid=d9869e347d6d29c83ecbf98e3fe9108a11564203448; expires=Sun, 26-Jul-20 04:57:28 GMT; path=/; domain=.mdasaduzzaman.com; HttpOnly
    Location: https://mdasaduzzaman.com/
    X-Powered-By: centminmod
    Server: cloudflare
    CF-RAY: 4fcc08620c96975a-FRA
    curl -I http://www.mdasaduzzaman.com

    Code:
    HTTP/1.1 302 Moved Temporarily
    Date: Sat, 27 Jul 2019 04:57:57 GMT
    Content-Type: text/html
    Connection: keep-alive
    Set-Cookie: __cfduid=db36b64c273f19d902bd94dab6ff746c81564203477; expires=Sun, 26-Jul-20 04:57:57 GMT; path=/; domain=.mdasaduzzaman.com; HttpOnly
    Location: https://mdasaduzzaman.com/
    X-Powered-By: centminmod
    Server: cloudflare
    CF-RAY: 4fcc09173837d715-FRA

    i haven't changed anything after posting here. so other website curl result is already here. upper side of this post.

    no i am not using cloudflare plugin .
     
  10. idanisur

    idanisur New Member

    14
    4
    3
    Apr 15, 2019
    Ratings:
    +5
    Local Time:
    11:29 AM

    no , it's not showing correct version on facebook preview.if i type the url without https . url is going to correct website. but facebook is showing preview form another website on this server.
     
  11. eva2000

    eva2000 Administrator Staff Member

    41,648
    9,380
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,409
    Local Time:
    3:29 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    troubleshooting within your server would be left to you

    Although from everything shown from curl header redirect checks to your vhost grep for 301/302 all come back as expected for working sites. So if it's just facebook preview showing incorrectly, the problem could be with facebook ??
     
    • Like Like x 1
  12. idanisur

    idanisur New Member

    14
    4
    3
    Apr 15, 2019
    Ratings:
    +5
    Local Time:
    11:29 AM

    Problem fixed . your are Right . problem is with facebook . my friend typed the url into facebook debuger then clicked scrape again . Preview problem gone .
     
    • Informative Informative x 1
  13. eva2000

    eva2000 Administrator Staff Member

    41,648
    9,380
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,409
    Local Time:
    3:29 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    ah learn something new everyday ! (y):cool:
     
    • Like Like x 1