Answer the question
In order to leave comments, you need to log in
J
J
John Johnson2019-08-05 21:24:50
John Johnson, 2019-08-05 21:24:50
How to specify settings for Nginx?
There is a site one-action.club
I asked a person to set up a redirect of subdomains to the domain, as a result it turned out that the site now opens with subdomain.one-action.club, but not with a direct link one-action.club. And this problem is connected only with https.
What can be wrong ?
Here are the nginx configs:
server {
listen 80;
root /var/www/binom;
index index.html index.php;
try_files $uri $uri/ =404;
server_name one-action.club *.one-action.club www.one-action.club fb-social1.one-action.club fb-social2.one-action.club fb-social3.one-action.club fb-social4.one-action.club fb-social5.one-action.club;
access_log off;
error_log /var/log/nginx/binom.error.log;
# Binom url customization
#error_page 404 = /click.php?type=404;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
try_files $fastcgi_script_name =404;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param REDIRECT_STATUS 200;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
############### SSL Settings ###############
listen 443 ssl http2;
keepalive_timeout 60;
ssl_certificate /etc/letsencrypt/live/fb-social5.one-action.club/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/fb-social5.one-action.club/privkey.pem; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/one-action.club/fullchain.pem;
ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:RSA+3DES:!NULL:!RC4;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:10m;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 1.1.1.1;
add_header Strict-Transport-Security "max-age=31536000";
############################################
}Error that is output:
3 answer(s)
@ky0
@rionnagel
K
ky0, 2019-08-05 @ky0
This is not the same config. Show related to your site from /etc/nginx/sites-enabled/.
R
rionnagel, 2019-08-07 @rionnagel
There is also a button - "Go to the site (Not safe)". Is there any further error?
The problem is in setting up certificates. If you want to use one certificate for all subdomains, you need to use a wildcard. Those. *.mysite.ru, and not mysite.ru, and not even asdasd.mysite.ru with www.mysite.ru, or that each of the subdomains be registered in the certificate, including.
Similar questions
V
M
K
Z
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question