Issue My websites are crossing paths in either NGINX or DNS

[andylehti]

I made two separate subscriptions with their own PHP/NGINX setup, but they seem to be crossing paths.

Example:

When I am in the admin section of Example1, the URL will replace Example1 with Example2.

https://example1.com/wp-admin/admin.php?page=rank-math-options-titles
> Log In ‹ example 2 understand — WordPress

I checked the DNS, and it appears to be fine. I thought perhaps it was REDIS as I had them on the same database; I changed their databases and the issue is still occurring.

The issue happens when I seem to be randomly logged out, and the NGINX rules for redirection take over. But instead of taking them from Example1's NGINX Directives, it comes from Example2's Directives. Both of the directives are moderately the same. The only thing I can see is that NGINX kicks you out of any admin area if you're not logged in, and it only makes sense that it's grabbing from EXAMPLE2's CONF and replacing the URL with EXAMPLE2 since it grabbed it from NGINX. I can't think of any other way it could do this. It only happens when I get logged out and try to enter the admin area.

The websites were not cloned either. It was started fresh and the only thing I ever did was copy the NGINX file over. I had a problem though when I first made the new subscription. It told me that NGINX DIRECTIVE was duplicated on EXAMPLE3's NGINX CONF. So, I have no I idea why they are crossing.

Here is the NGINX conf if you need it.

## in headers section ##

X-Frame-Options: "SAMEORIGIN" always
X-XSS-Protection: "1; mode=block" always
X-Content-Type-Options: "nosniff" always
Referrer-Policy: "strict-origin-when-cross-origin" always
Strict-Transport-Security: "max-age=31536000; includeSubDomains
X-Served-By: "Hennepin County District Attorney";
Expect-CT: "max-age=60"
Feature-Policy: display-capture 'none'; microphone 'none'; midi 'none'; screen-wake-lock

## END headers section ##

gzip on;               # enable gzip
gzip_http_version 1.1; # turn on gzip for http 1.1 and higher
gzip_disable "msie6";  # IE 6 had issues with gzip
gzip_comp_level 5;     # inc compresion level, and CPU usage
gzip_min_length 300;   # minimal weight to gzip file
gzip_proxied any;      # enable gzip for proxied requests (e.g. CDN)
gzip_buffers 16 8k;    # compression buffers (if we exceed this value, disk will be used instead of RAM)
gzip_vary on;          # add header Vary Accept-Encoding (more on that in Caching section)

# define files which should be compressed
gzip_types text/plain;
gzip_types text/css;
gzip_types application/vnd.ms-fontobject;
gzip_types application/x-font-ttf;
gzip_types font/opentype;
gzip_types image/svg+xml;
gzip_types image/x-icon;

# Redirections END

## Cache START

set $cache_uri $request_uri;

# POST requests -goto- PHP
if ($request_method = POST) {
    set $cache_uri 'null cache';
}
if ($query_string != "") {
    set $cache_uri 'null cache';
}

# Stop Cache on URI
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
    set $cache_uri 'null cache';
}

# Stop Cache on Admin/Comments
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") {
    set $cache_uri 'null cache';
}

## End CACHE

# deny . files
location ~ /\.(?!well-known) {
    deny all;
}

# WordPress Try Files Index Locator
location / {
    try_files /wp-content/cache/wp-rocket/$http_host/$cache_uri/index.html $uri/ /index.php?$args;
}

# Enable JSON
location ~ ^/wp-json/ {
    rewrite ^/wp-json/(.*?)$ /?rest_route=/$1 last;
}


location /http/ {
    proxy_http_version 1.1;
    proxy_set_header Connection "";
}


# Disable XMLRPC
location ~ xmlrpc.php { deny all; }

# Protect System Files
location = /nginx.conf { deny all; }
location = /redis.conf { deny all; }
location = /backblazeb2.conf { deny all; }
location = /oracle.html { deny all; }
location = /wp-admin/install.php { deny all; }
location = /nginx.conf { deny all; }
location ~ /\.htaccess$ { deny all; }
location ~ /readme\.html$ { deny all; }
location ~ /readme\.txt$ { deny all; }
location ~ /wp-config.php$ { deny all; }
location ~ ^/wp-admin/includes/ { deny all; }
location ~ ^/wp-includes/[^/]+\.php$ { deny all; }
location ~ ^/wp-includes/js/tinymce/langs/.+\.php$ { deny all; }
location ~ ^/wp-includes/theme-compat/ { deny all; }
location ~ ^.*/\.git/.*$ { deny all; }
location ~ ^.*/\.svn/.*$ { deny all; }
location ^(.*)/uploads/(.*).php(.?){ deny all; }
location /external-link/ { }

# Filter Requests
if ( $request_method ~* ^(TRACE|TRACK)$ ) { return 403; }

# Filter Suspicious Queries
set $susquery 0;
if ( $arg_redirect_to) { return 302 https://drewspace.co/; }
if ( $args ~* "\.\./" ) { set $susquery 1; }
if ( $args ~* "\.(bash|git|hg|log|svn|swp|cvs)" ) { set $susquery 1; }
if ( $args ~* "etc/passwd" ) { set $susquery 1; }
if ( $args ~* "boot\.ini" ) { set $susquery 1; }
if ( $args ~* "ftp:" ) { set $susquery 1; }
if ( $args ~* "https?:" ) { set $susquery 1; }
if ( $args ~* "(<|%3C)script(>|%3E)" ) { set $susquery 1; }
if ( $args ~* "mosConfig_[a-zA-Z_]{1,21}(=|%3D)" ) { set $susquery 1; }
if ( $args ~* "base64_decode\(" ) { set $susquery 1; }
if ( $args ~* "%24&x" ) { set $susquery 1; }
if ( $args ~* "127\.0" ) { set $susquery 1; }
if ( $args ~* "(^|\W)(globals|encode|localhost|loopback)($|\W)" ) { set $susquery 1; }
if ( $args ~* "(^|\W)(insert|concat|union|declare)($|\W)" ) { set $susquery 1; }
if ( $args ~* "%[01][0-9A-F]" ) { set $susquery 1; }
if ( $args ~ "^loggedout=true" ) { set $susquery 0; }
if ( $args ~ "^action=jetpack-sso" ) { set $susquery 0; }
if ( $args ~ "^action=rp" ) { set $susquery 0; }
if ( $http_cookie ~ "wordpress_logged_in_" ) { set $susquery 0; }
if ( $susquery = 1 ) { return 403; }

# Filter Non-English Characters
if ($args ~* "%[A-F][0-9A-F]") { return 403; }