Want more timely Centmin Mod News Updates?
Become a Member

Sysadmin Website headers

Discussion in 'System Administration' started by fabianski, May 19, 2019.

  1. fabianski

    fabianski Member

    102
    14
    18
    Feb 20, 2019
    Brazil
    Ratings:
    +36
    Local Time:
    11:45 PM
    something strange happens with my site.
    When accessing with WWW (https://www.mydomain.org) the headers are shown correctly.
    http://prntscr.com/nq9pwq

    But by directly accessing (https://mydomain.org) some headers shown in the other version are not shown
    https://prnt.sc/nq9qc2

    I remember having tested at SecurityHeaders some time ago and all the headers were shown correctly, I do not know what might have led to this.

    Here are my nginx configuration files
    mydomain.org.ssl.conf
    I just modified two things.
    Line 61 wprocket
    Line 142 ip acess redirection

    nginx.conf
    no changes

    *I use the cloudflare only for dns

    Thanks
     
  2. eva2000

    eva2000 Administrator Staff Member

    42,733
    9,667
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,920
    Local Time:
    12:45 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    believe you have incorrect redirect if your main domain is with non-www version the 2nd server{} context needs to list in server_name only the domain you intend to be the main destination domain = non-www version so

    change from
    Code (Text):
     server {
       
       server_name mydomain.org www.mydomain.org;
       return 302 https://mydomain.org$request_uri;
       include /usr/local/nginx/conf/staticfiles.conf;
     }
    
    server {
      listen 443 ssl http2 reuseport;
      server_name mydomain.org www.mydomain.org;
    

    change to
    Code (Text):
     server {
       
       server_name mydomain.org www.mydomain.org;
       return 302 https://mydomain.org$request_uri;
       include /usr/local/nginx/conf/staticfiles.conf;
     }
    
    server {
      listen 443 ssl http2 reuseport;
      server_name mydomain.org;
    

    otherwise you're testing header for the 302 redirect itself with www version of your domain
     
  3. fabianski

    fabianski Member

    102
    14
    18
    Feb 20, 2019
    Brazil
    Ratings:
    +36
    Local Time:
    11:45 PM
    Hi, thanks for the help.
    The problem was being caused by wprocket, some pages that were not cached had their header displayed correctly, users logged in as well.
     
    • Informative Informative x 1
  4. eva2000

    eva2000 Administrator Staff Member

    42,733
    9,667
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,920
    Local Time:
    12:45 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Ah wp plugin related :)