Join Log in
Score:0
thran avatar Server

Nginx puts browser into a redirect loop when using multiple server blocks

cn flag
thran

I'm using Nginx to host a number of virtual hosts (or server blocks in Nginx nomenclature). These hosts all share the same domain with each assigned its own subdomain. One subdomain enters an endless redirect loop, obviously undesirable behavior.

NB: I've redacted my domain name and replaced it with <mysite>.

The root domain - www.<mysite>.com receives requests as expected. It also redirects HTTP requests to HTTPS. It is configured in <mysite>-www.

The subdomain assets.<mysite>.com also receives requests as expected. It isn't configured to redirect HTTP to HTTPS, either protocol is served. There is no trouble. It is configured in <mysite>-holding.

The final subdomain soft.<mysite>.com is configured identically to assets.<mysite>.com but it falters. It instead sends the browser on a redirect loop, each time pointing to https://soft.<mysite>.com This is despite there being no such setting in the config file for this vhost. It is configured in <mysite>-soft.

Config for <mysite>-www:

server {
    server_name www.<mysite>.com;

    listen 80 default_server ;
    listen [::]:80 default_server;

    location / {
        return 301 https://$server_name$request_uri;
    }

    root /var/www/html;
}

server {
    listen              443 ssl default_server;
    ssl_certificate /etc/letsencrypt/live/www.<mysite>.com/fullchain.pem; 
    ssl_certificate_key /etc/letsencrypt/live/www.<mysite>.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;

    root /var/www/html;
    server_name www.<mysite>.com;
    error_page 404 /404.html;

    location / {
        limit_req zone=mylimit burst=20 nodelay;
        try_files $uri $uri/ =404;
        index index.html index.htm;
    }
}

Config for <mysite>-holding:

server {
    listen 80;
    listen [::]:80;
    listen 443 ssl;

    server_name assets.<mysite>.com;

    ssl_certificate /etc/letsencrypt/live/assets.<mysite>.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/assets.<mysite>.com/privkey.pem; 
    include /etc/letsencrypt/options-ssl-nginx.conf;

    root /var/www/holding/html;

    location / {
        limit_req zone=mylimit burst=20 nodelay;
        try_files $uri $uri/ =404;
        index index.html;
    }

The config file for soft.<mysite>.com is identical to the one above, except for where it says 'assets' it says 'soft'. And yet it enters this endless redirect loop.

I've tried varying the location directive. I've consulted the docs which were better than expected. Still, it loops. Help will be appreciated!

78
1 + 1
ssl
Michael Hampton avatar
cz flag
Michael Hampton
Please post the output of `nginx -T`
0
Reply
Score:0
thran avatar Server
cn flag
thran

As it happened, the problem was as follows:

I hadn't symlinked properly from /sites-enabled to /sites-available and it was using an old duplicate of <mysite>-www which caused the redirect loop.

Having the file configured as above in my question was the solution. Either copying it to sites-enabled, or symlinking it properly will solve the problem for anyone in a similar predicament.

Mea culpa.

0 + 1
us flag
Tero Kilkanen
You should have a `default_server` virtual host that captures all the requests not matching any virtual server. It would reveal problems like this easier, it helps with Google duplicate content issues etc.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.