Support » Localhost Installs » Subdomain redirects to main domain (NGINX and Cloudflare)

  • Greetings!

    I am self hosting WordPress under Ubuntu and have a total of two sites so far (working great) and about to setup a third but this one is going to use a subdomain. I am hosting WordPress (Apache) on a VM (E.G VM-1) and NGINX on another (E.G. VM-2). I have WordPress downloaded and everything configured up to the point where I visit the URL and finish the setup. Problem is whenever I go to the subdomain, I get redirected to the main domain.

    Here’s the NGINX server block for the main site:

        server {
            listen 80;
            server_name MAINSITE.com www.MAINSITE.com;
            return 301 https://$server_name$request_uri;
        }
    
        server {
    
            # SSL configuration
    
            listen 443 ssl http2;
            listen [::]:443 ssl http2;
            server_name MAINSITE.com www.MAINSITE.com;
            ssl        on;
            ssl_certificate         /etc/ssl/certs/MAINSITE/cert.pem;
            ssl_certificate_key     /etc/ssl/private/MAINSITE/key.pem;
    
            location / {
                proxy_pass http://192.168.140.14/;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
            }
    
            # Authenticated Origin Pulls
            ssl_client_certificate /etc/ssl/certs/cloudflare.crt;
            ssl_verify_client on;
    
            # Use only TLSv1.3 and TLSv1.2.
            ssl_protocols TLSv1.3 TLSv1.2;
    
            # Use only TLSv1.3 and TLSv1.2 with below cipher suites:
            ssl_ciphers "TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256";
    
            # Use only TLSv1.3 and TLSv1.2 and only strong ciphers with above curves:
            ssl_ecdh_curve X25519:secp521r1:secp384r1:prime256v1;
    
            # Use Strong Key Exchange
            ssl_dhparam /etc/nginx/dhparam_4096.pem;
    
            # Defend against the BEAST attack
            ssl_prefer_server_ciphers on;
    
        }

    and here’s for the subdomain:

        server {
            listen 80;
            server_name SUBDOMAIN.MAINSITE.COM www.SUBDOMAIN.MAINSITE.COM;
            return 301 https://$server_name$request_uri;
        }
    
        server {
    
            # SSL configuration
    
            listen 443 ssl http2;
            listen [::]:443 ssl http2;
            server_name SUBDOMAIN.MAINSITE.COM www.SUBDOMAIN.MAINSITE.COM;
            ssl        on;
            ssl_certificate         /etc/ssl/certs/SUBDOMAIN.MAINSITE.COM/cert.pem;
            ssl_certificate_key     /etc/ssl/private/SUBDOMAIN.MAINSITE.COM/key.pem;
    
            location / {
                proxy_pass http://192.168.140.14/;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
            }
    
            # Authenticated Origin Pulls
            ssl_client_certificate /etc/ssl/certs/cloudflare.crt;
            ssl_verify_client on;
    
            # Use only TLSv1.3 and TLSv1.2.
            ssl_protocols TLSv1.3 TLSv1.2;
    
            # Use only TLSv1.3 and TLSv1.2 with below cipher suites:
            ssl_ciphers "TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256";
    
            # Use only TLSv1.3 and TLSv1.2 and only strong ciphers with above curves:
            ssl_ecdh_curve X25519:secp521r1:secp384r1:prime256v1;
    
            # Use Strong Key Exchange
            ssl_dhparam /etc/nginx/dhparam_4096.pem;
    
            # Defend against the BEAST attack
            ssl_prefer_server_ciphers on;
    
        }

    The CNAME is configured properly under Cloudflare.

    Any ideas what I am doing wrong?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Dion

    (@diondesigns)

    You need an A record for the subdomain, not a CNAME record.

    Otherwise…this isn’t a WordPress issue, and you would be best served by asking your question on one of the StackExchange sites (perhaps serverfault).

    @diondesigns That did it. Thank you for your help!

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.