• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue My websites are crossing paths in either NGINX or DNS

A

andylehti

New Pleskian
I made two separate subscriptions with their own PHP/NGINX setup, but they seem to be crossing paths.

Example:

When I am in the admin section of Example1, the URL will replace Example1 with Example2.

https://example1.com/wp-admin/admin.php?page=rank-math-options-titles
> Log In ‹ example 2 understand — WordPress

I checked the DNS, and it appears to be fine. I thought perhaps it was REDIS as I had them on the same database; I changed their databases and the issue is still occurring.

The issue happens when I seem to be randomly logged out, and the NGINX rules for redirection take over. But instead of taking them from Example1's NGINX Directives, it comes from Example2's Directives. Both of the directives are moderately the same. The only thing I can see is that NGINX kicks you out of any admin area if you're not logged in, and it only makes sense that it's grabbing from EXAMPLE2's CONF and replacing the URL with EXAMPLE2 since it grabbed it from NGINX. I can't think of any other way it could do this. It only happens when I get logged out and try to enter the admin area.

The websites were not cloned either. It was started fresh and the only thing I ever did was copy the NGINX file over. I had a problem though when I first made the new subscription. It told me that NGINX DIRECTIVE was duplicated on EXAMPLE3's NGINX CONF. So, I have no I idea why they are crossing.

Here is the NGINX conf if you need it.

NGINX: 
## in headers section ##

X-Frame-Options: "SAMEORIGIN" always
X-XSS-Protection: "1; mode=block" always
X-Content-Type-Options: "nosniff" always
Referrer-Policy: "strict-origin-when-cross-origin" always
Strict-Transport-Security: "max-age=31536000; includeSubDomains
X-Served-By: "Hennepin County District Attorney";
Expect-CT: "max-age=60"
Feature-Policy: display-capture 'none'; microphone 'none'; midi 'none'; screen-wake-lock

## END headers section ##

gzip on;               # enable gzip
gzip_http_version 1.1; # turn on gzip for http 1.1 and higher
gzip_disable "msie6";  # IE 6 had issues with gzip
gzip_comp_level 5;     # inc compresion level, and CPU usage
gzip_min_length 300;   # minimal weight to gzip file
gzip_proxied any;      # enable gzip for proxied requests (e.g. CDN)
gzip_buffers 16 8k;    # compression buffers (if we exceed this value, disk will be used instead of RAM)
gzip_vary on;          # add header Vary Accept-Encoding (more on that in Caching section)

# define files which should be compressed
gzip_types text/plain;
gzip_types text/css;
gzip_types application/vnd.ms-fontobject;
gzip_types application/x-font-ttf;
gzip_types font/opentype;
gzip_types image/svg+xml;
gzip_types image/x-icon;

# Redirections END

## Cache START

set $cache_uri $request_uri;

# POST requests -goto- PHP
if ($request_method = POST) {
    set $cache_uri 'null cache';
}
if ($query_string != "") {
    set $cache_uri 'null cache';
}

# Stop Cache on URI
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
    set $cache_uri 'null cache';
}

# Stop Cache on Admin/Comments
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") {
    set $cache_uri 'null cache';
}

## End CACHE

# deny . files
location ~ /\.(?!well-known) {
    deny all;
}

# WordPress Try Files Index Locator
location / {
    try_files /wp-content/cache/wp-rocket/$http_host/$cache_uri/index.html $uri/ /index.php?$args;
}

# Enable JSON
location ~ ^/wp-json/ {
    rewrite ^/wp-json/(.*?)$ /?rest_route=/$1 last;
}


location /http/ {
    proxy_http_version 1.1;
    proxy_set_header Connection "";
}


# Disable XMLRPC
location ~ xmlrpc.php { deny all; }

# Protect System Files
location = /nginx.conf { deny all; }
location = /redis.conf { deny all; }
location = /backblazeb2.conf { deny all; }
location = /oracle.html { deny all; }
location = /wp-admin/install.php { deny all; }
location = /nginx.conf { deny all; }
location ~ /\.htaccess$ { deny all; }
location ~ /readme\.html$ { deny all; }
location ~ /readme\.txt$ { deny all; }
location ~ /wp-config.php$ { deny all; }
location ~ ^/wp-admin/includes/ { deny all; }
location ~ ^/wp-includes/[^/]+\.php$ { deny all; }
location ~ ^/wp-includes/js/tinymce/langs/.+\.php$ { deny all; }
location ~ ^/wp-includes/theme-compat/ { deny all; }
location ~ ^.*/\.git/.*$ { deny all; }
location ~ ^.*/\.svn/.*$ { deny all; }
location ^(.*)/uploads/(.*).php(.?){ deny all; }
location /external-link/ { }

# Filter Requests
if ( $request_method ~* ^(TRACE|TRACK)$ ) { return 403; }

# Filter Suspicious Queries
set $susquery 0;
if ( $arg_redirect_to) { return 302 https://drewspace.co/; }
if ( $args ~* "\.\./" ) { set $susquery 1; }
if ( $args ~* "\.(bash|git|hg|log|svn|swp|cvs)" ) { set $susquery 1; }
if ( $args ~* "etc/passwd" ) { set $susquery 1; }
if ( $args ~* "boot\.ini" ) { set $susquery 1; }
if ( $args ~* "ftp:" ) { set $susquery 1; }
if ( $args ~* "https?:" ) { set $susquery 1; }
if ( $args ~* "(<|%3C)script(>|%3E)" ) { set $susquery 1; }
if ( $args ~* "mosConfig_[a-zA-Z_]{1,21}(=|%3D)" ) { set $susquery 1; }
if ( $args ~* "base64_decode\(" ) { set $susquery 1; }
if ( $args ~* "%24&x" ) { set $susquery 1; }
if ( $args ~* "127\.0" ) { set $susquery 1; }
if ( $args ~* "(^|\W)(globals|encode|localhost|loopback)($|\W)" ) { set $susquery 1; }
if ( $args ~* "(^|\W)(insert|concat|union|declare)($|\W)" ) { set $susquery 1; }
if ( $args ~* "%[01][0-9A-F]" ) { set $susquery 1; }
if ( $args ~ "^loggedout=true" ) { set $susquery 0; }
if ( $args ~ "^action=jetpack-sso" ) { set $susquery 0; }
if ( $args ~ "^action=rp" ) { set $susquery 0; }
if ( $http_cookie ~ "wordpress_logged_in_" ) { set $susquery 0; }
if ( $susquery = 1 ) { return 403; }

# Filter Non-English Characters
if ($args ~* "%[A-F][0-9A-F]") { return 403; }
 
You must log in or register to reply here.

Similar threads

B
Question How is the server.conf file generated?
Replies
6
Views
886
Raul A.
R
s-light
Question NINGX CORS for multiple sub.domains
Replies
1
Views
787
s-light
s-light
Z
Issue Scheduled Backup: Not working anymore and access rights issues since 18.0.66
Replies
14
Views
1K
zamkc
Z
R
Issue Cannot restart NGINX
Replies
1
Views
497
Raul A.
R
S
Question How can I make my changes to Nginx site config Permanent per site?
Replies
3
Views
647
Raul A.
R
Back
Top