Want more timely Centmin Mod News Updates?
Become a Member

Domains Parking Domains with SSL

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Itworx4me, Apr 7, 2019.

  1. Itworx4me

    Itworx4me Premium Member Premium Member

    190
    20
    18
    Mar 14, 2017
    Ratings:
    +32
    Local Time:
    12:38 AM
    Nginx 1.17.X
    MariaDB 10.3.X
  2. eva2000

    eva2000 Administrator Staff Member

    41,095
    9,195
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,106
    Local Time:
    5:38 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    You currently can't automate parking one HTTPS SSL cert enabled domain (yourparkeddomain.com) on top of another HTTPS SSL cert enabled domain (domain.com) as you need for each domain to have it's own SSL certificate reference and Centmin Mod 123.09beta01 can only do one domain Letsencrypt SSL certificate issuance per centmin.sh menu option 2, 22 or nv command runs.

    So for now, it would be a manual process which involves creating the parked domain's own Nginx HTTPS SSL cert enabled vhost via centmin.sh menu option 2 or nv command and setting it up with valid working DNS A records for domain's www and non-www versions if main domain or DNS A for subdomain and ensure it's working and select letsencrypt option with live default HTTPS SSL cert and then editing it's nginx config file at /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf and then just changing root path to your origin domain's root

    in /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf change it's default public web root path from
    Code (Text):
    root /home/nginx/domains/yourparkeddomain.com/public

    to
    Code (Text):
    root /home/nginx/domains/domain.com/public

    which now matches the public web root for domain.com nginx vhost listed in domain.com nginx vhost config file at /usr/local/nginx/conf/conf.d/domain.com.ssl.conf

    now both yourparkeddomain.com and domain.com public web root paths point to /home/nginx/domains/domain.com/public so access via the domains will serve files located in /home/nginx/domains/domain.com/public. It does mean that any configurations you manually setup in /usr/local/nginx/conf/conf.d/domain.com.ssl.conf need to be replicated in /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf.

    you can use common include file templates you set to make it easier i.e. if in both /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf and /usr/local/nginx/conf/conf.d/domain.com.ssl.conf you have a custom location content like
    Code (Text):
    location /test {
      include /usr/local/nginx/conf/php.conf;
      try_files $uri $uri/ /index.php
    }

    you could place that location /test context into a custom template file you create at /home/nginx/domains/domain.com/common_includes.conf and reference it in both /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf and /usr/local/nginx/conf/conf.d/domain.com.ssl.conf as
    Code (Text):
    include /home/nginx/domains/domain.com/common_includes.conf;

    Final note in origin domain's nginx vhost at /usr/local/nginx/conf/conf.d/domain.com.ssl.conf also add canonical header to ensure search engines visiting domain.com know content is originally at domain.com to prevent search engines from flagging yourparkeddomain.com content as duplicated content.
    Code (Text):
    add_header Link "<http://domain.com$request_uri>; rel=\"canonical\"";
    

    i.e. placing the header just below existing add_header entries in default nginx vhost config for HTTPS SSL domains
    Code (Text):
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      add_header X-Xss-Protection "1; mode=block" always;
      add_header X-Content-Type-Options "nosniff" always;
      #add_header Referrer-Policy "strict-origin-when-cross-origin";
      add_header Link "<http://domain.com$request_uri>; rel=\"canonical\"";
    

    then restart nginx and php-fpm services
    Code (Text):
    nprestart

    To confirm just run curl command in SSH against your domain i.e. curl headers and grep filter for word canonical
    Code (Text):
    curl -sI https://domain.com | grep canonical
    

    output would be something like
    Code (Text):
    curl -sI https://domain.com | grep canonical
    Link: <http://domain.com/>; rel="canonical"
    
     
    Last edited: Apr 7, 2019
    • Like Like x 1
  3. Itworx4me

    Itworx4me Premium Member Premium Member

    190
    20
    18
    Mar 14, 2017
    Ratings:
    +32
    Local Time:
    12:38 AM
    Nginx 1.17.X
    MariaDB 10.3.X
    Hello @eva2000

    Everything worked like it should expect for one thing. When viewing the site with the parked domain. It doesn't show my google ads. Is there a way to fix that?

    Thanks,
    Itworx4me
     
  4. eva2000

    eva2000 Administrator Staff Member

    41,095
    9,195
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,106
    Local Time:
    5:38 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Check your html code and browser's dev tools network/console tab for clues. Also maybe you need to setup a property in Google Adsense for the parked domain ? I vaguely recall, Google Adsense alerting me to Adsense showing on my parked domains which needed some configuration.
     
  5. eva2000

    eva2000 Administrator Staff Member

    41,095
    9,195
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,106
    Local Time:
    5:38 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    actually another way of doing parked domains would be this way https://community.centminmod.com/threads/multiple-top-level-domains-in-a-single-webroot.16017/ just more manual work for letsencrypt issuance too though still need canonical header

    If you have not yet created any of the main and parked domains/nginx vhosts, you can use addons/acmetool.sh directly via SANS Multi-Domain SSL Certificates method.