My domain serves the wrong website?!

Hello, a long time ago i setup a website: www.vanneerven.net, i enabled certificates with certbot succesfully..
The domain pointed to a ubuntu-server in my lan. I forwarded port 80 in that router to that ubuntu-server. Let's call it server A.

Now i have another domain: www.murdie.nl. The website is running on another ubuntu-server in my lan. Let's call it server B.
On my new website / domain i ran the command 'sudo certbot --nginx' after i pointed my router to forward port 80 to this server B.

My problem is now that when i go to the domain www.murdie.nl the wrong website is shown, it displays the website vanneerven.net. When i look at the certificate it is indeed saying vanneerven.net. Why don't i get i certificate for www.murdie,nl ??? And why is the wrong website shown.

I have ubuntu-server with gunicorn and nginx running on both servers.

My domain is: www.murdie.nl / murdie.nl

I ran this command: first i did 'sudo certbot --nginx' and afterwards 'sudo certbot renew'

It produced this output: Successfully deployed certificate for murdie.nl to /etc/nginx/sites-enabled/murdie
Your existing certificate has been successfully renewed, and the new certificate has been installed.

My web server is (include version): nginx/1.24.0 (Ubuntu)

The operating system my web server runs on is (include version): ubuntu server 22

My hosting provider, if applicable, is: strato.nl

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 2.8.0

This is my nginx config for server B with the website www.murdie.nl what i want't to show:

server {
server_name murdie.nl *.murdie.nl;
client_max_body_size 6M;

location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
    root /home/hvn/virtualenvs/murdie/murtie;
}

location / {
    include proxy_params;
    proxy_pass http://unix:/run/gunicorn.sock;
}

location /media/ {
    root /home/hvn/virtualenvs/murdie/murtie;
}



listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/murdie.nl/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/murdie.nl/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = murdie.nl) {
return 301 https://$host$request_uri;
} # managed by Certbot

listen 80;
server_name murdie.nl *.murdie.nl;
return 404; # managed by Certbot

}

Many thanx in advanced.

1 Like

You can only forward port 80 to one server. You have to make one be the reverse proxy for both. Kinda like

server {
  server_name murdie.nl *.murdie.nl;
  location / {
    proxy_pass gunicorn etc;
  }
}
server {
  server_name vanneerven.net *.vanneerven.net;
  location / {
    proxy_pass http://internal_ip_of_other_server;
 } 
}
4 Likes

Many thnx for the reply.

In my lan i have two servers with both there own nginx process running.
One server i wanna use as an internal website. I doesn't need a public domain necessary.
One server i wanna use a external website (www.murdie.nl).

So in my router i forwarded port 80 to my second server for www.murdie.nl

I now stopped the server which is running vanneerven.net which i wanna use now as an internal website.
When i now enter www.murdie.nl the browser reports it can't make a connection.
So somehow the domain www.murdie.nl points to my server i wanna use for internal use. But how does it get there? I'm forwarding port 80 to my other server and the nginx-config points to the gunicorn process to run my website for www.murdie.nl

Isn't youre solution for 1 nginx-config pointing to two websites?
I have to servers with eithet a nginx-config. How to configure those two?

Thnx,

2 Likes

Forward your port to the server hosting the external facing website.

Then either use dns-01 for the internal server (you can use an internal ip in dns if you do this), or proxy the http-01 challenge through the public facing server (you have to use the public ip in dns, and the public facing server needs to know and respond "nothing to see here" if you ask for the "internal" website).

4 Likes

Again thnx for the reply/time.
I stopped gunicorn and nginx on the server which serves the internal website.
On the server which serves my public website i have beneath nginx-config. That worked before.
Also my lan-router points port 80 to my server for public website (www.murdie.nl).
But when i now type www.murdie,nl i still get a "no connection" error.
When i type my public ip-number i get the standard nginx Welcome-screen.
So my conclusion now is that my domain-server not processed the change from pointing www.vanneerven.net to my public-IP from www.murdie.nl to my public-IP.

When i do the "sudo certbot --nginx" command do i get a certificate related to my public IP or is the certificate related to my server which is behind the public IP?

Thnx

server {
server_name murdie.nl *.murdie.nl;
 client_max_body_size 6M;

location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
    root /home/hvn/virtualenvs/murdie/murtie;
}

location / {
    include proxy_params;
    proxy_pass http://unix:/run/gunicorn.sock;
}

location /media/ {
    root /home/hvn/virtualenvs/murdie/murtie;
}



listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/murdie.nl/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/murdie.nl/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
if ($host = murdie.nl) {
    return 301 https://$host$request_uri;
} # managed by Certbot


listen 80;
server_name murdie.nl *.murdie.nl;
return 404; # managed by Certbot
1 Like

The certificate only cares about the domain name.

4 Likes

Looks solved now!
Was a stupid fault of my own!
In my router i pointed port 80 to my server which serves my public website.
But port 443 pointed to my other server. Now i changed that and now it works again!

Thnx for the time.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.