Nginx / Apache reverse Proxy - http works, https don't (strange behavior!)

OS type and version Ubuntu Linux 20.04.5
Webmin version 2.001
Usermin version 1.860
Virtualmin version 7.3-1
Theme version 20.02
Package updates Alle installierten Pakete sind auf dem aktuellesten Stand

:white_check_mark: I have installed nginx and apache to work.
:white_check_mark: Nginx is listen on port 80 and 443 and apache at 8888 and 8443.

But I have following strange behavior:

If I enter an https-address of a domain that exist at the server it does not match… BUT another vhost-file answer the request.

:interrobang: It seems that 443 is handled by the /sites-enabled/-Vhost-File that alphabetical comes at the first position.
So my always answers all https request.
If I remove or deactivate this vhost, another vhost-file answers the https request… the next in the alphabetical order.

The nginx.conf is like that:

user www-data;
worker_processes auto;
pid /run/;
include /etc/nginx/modules-enabled/*.conf; # */

events {
        # to calculate max worker_connections : `ulimit -n * worker_processes`
    worker_connections 1024; # nginx default is 768
        # multi_accept on;
    use epoll;

http {

        sendfile on;
        #tcp_nopush on; // sasu changed
        tcp_nodelay on;
        #keepalive_timeout 65;
        types_hash_max_size 2048;
        keepalive_timeout  30s; 
        keepalive_requests 30;
        send_timeout      30s;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        gzip on;
        gzip_static on;
        gzip_vary on;
        #gzip_proxied any;
        gzip_min_length 10240; # only compress files > 10kb
        gzip_proxied no-cache no-store private expired auth;
        gzip_comp_level 3;
        gzip_buffers 16 8k;
        gzip_http_version 1.1;
        gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;

    # Load lists (e.g. to block bots, redirect SEO...)
    include /etc/nginx/lists/*.conf; #*/
    # generate global variable to check if a bot or not
    # $var1$var2 are to prevent the need of seperated if for each variable in the User-Vhosts
    # add each $var here (without whitespaces!) which should to check to set the "$is_bot" to 1 or ""
    map $search_engines$social_networks $want_bot {
        ~*1     1;
        default 0;
    map $blocked_bots$scanners $block_bot {
        ~*1     1;
        default 0;

    include /etc/nginx/conf.d/*.conf;   #*/
        include /etc/nginx/sites-enabled/*; #*/
        server_names_hash_bucket_size 128;
} file looks like this:

server {
        root /home/xxx-app/domains/;
        index index.php index.htm index.html;
        access_log /var/log/virtualmin/;
        error_log /var/log/virtualmin/;
        fastcgi_param GATEWAY_INTERFACE CGI/1.1;
        fastcgi_param SERVER_SOFTWARE nginx;
        fastcgi_param QUERY_STRING $query_string;
        fastcgi_param REQUEST_METHOD $request_method;
        fastcgi_param CONTENT_TYPE $content_type;
        fastcgi_param CONTENT_LENGTH $content_length;
        fastcgi_param SCRIPT_FILENAME /home/xxx-app/domains/$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $fastcgi_script_name;
        fastcgi_param REQUEST_URI $request_uri;
        fastcgi_param DOCUMENT_URI $document_uri;
        fastcgi_param DOCUMENT_ROOT /home/xxx-app/domains/;
        fastcgi_param SERVER_PROTOCOL $server_protocol;
        fastcgi_param REMOTE_ADDR $remote_addr;
        fastcgi_param REMOTE_PORT $remote_port;
        fastcgi_param SERVER_ADDR $server_addr;
        fastcgi_param SERVER_PORT $server_port;
        fastcgi_param SERVER_NAME $server_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTPS $https;
    client_max_body_size 30M;
        proxy_read_timeout 300;
        proxy_connect_timeout 300;
        proxy_send_timeout 300; 

        location / {
                proxy_pass http://localhost:7761;
                #proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
        listen ssl;
        ssl_certificate /home/xxx-app/domains/;
        ssl_certificate_key /home/xxx-app/domains/;

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.