SYSTEM INFORMATION | |
---|---|
OS type and version | Ubuntu Linux 20.04.5 |
Webmin version | 2.001 |
Usermin version | 1.860 |
Virtualmin version | 7.3-1 |
Theme version | 20.02 |
Package updates | Alle installierten Pakete sind auf dem aktuellesten Stand |
I have installed nginx and apache to work.
Nginx is listen on port 80 and 443 and apache at 8888 and 8443.
But I have following strange behavior:
If I enter an https-address of a domain that exist at the server it does not match… BUT another vhost-file answer the request.
It seems that 443 is handled by the /sites-enabled/
-Vhost-File that alphabetical comes at the first position.
So my api.xxx.xxx
always answers all https request.
If I remove or deactivate this vhost, another vhost-file beta.xxx.xxx
answers the https request… the next in the alphabetical order.
The nginx.conf is like that:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf; # */
events {
# to calculate max worker_connections : `ulimit -n * worker_processes`
worker_connections 1024; # nginx default is 768
# multi_accept on;
use epoll;
}
http {
sendfile on;
#tcp_nopush on; // sasu changed
tcp_nodelay on;
#keepalive_timeout 65;
types_hash_max_size 2048;
keepalive_timeout 30s;
keepalive_requests 30;
send_timeout 30s;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_static on;
gzip_vary on;
#gzip_proxied any;
gzip_min_length 10240; # only compress files > 10kb
gzip_proxied no-cache no-store private expired auth;
gzip_comp_level 3;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;
# Load lists (e.g. to block bots, redirect SEO...)
include /etc/nginx/lists/*.conf; #*/
# generate global variable to check if a bot or not
# $var1$var2 are to prevent the need of seperated if for each variable in the User-Vhosts
# add each $var here (without whitespaces!) which should to check to set the "$is_bot" to 1 or ""
map $search_engines$social_networks $want_bot {
~*1 1;
default 0;
}
map $blocked_bots$scanners $block_bot {
~*1 1;
default 0;
}
include /etc/nginx/conf.d/*.conf; #*/
include /etc/nginx/sites-enabled/*; #*/
server_names_hash_bucket_size 128;
}
api.xxx.xxx file looks like this:
server {
server_name api.xxx-app.eu;
listen 178.127.31.196;
root /home/xxx-app/domains/api.xxx-app.eu/public_html;
index index.php index.htm index.html;
access_log /var/log/virtualmin/api.xxx-app.eu_access_log;
error_log /var/log/virtualmin/api.xxx-app.eu_error_log;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/xxx-app/domains/api.xxx-app.eu/public_html$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/xxx-app/domains/api.xxx-app.eu/public_html;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS $https;
client_max_body_size 30M;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_send_timeout 300;
location / {
proxy_pass http://localhost:7761;
#proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
listen 178.127.31.196:443 ssl;
ssl_certificate /home/xxx-app/domains/api.xxx-app.eu/ssl.combined;
ssl_certificate_key /home/xxx-app/domains/api.xxx-app.eu/ssl.key;
}