nginx showing default page on wan but not lan

Matthew N asked:

When I access my nginx webserver on lan, it shows me the correct webpage I have setup. For some reason when I try to connect to it through a different network, it returns the default nginx page. It is still able to connect, it just displays the wrong page.

How would I fix this issue so it shows the webpage on both lan and wan? Port forward on my router is functional and is not the issue. The connection goes through a cloudflare proxy, could this be the issue?

Here is my configuration file:

server_tokens off;

server {
listen 80;
server_name <domain>;
if($http_x_forwarded_proto = "http"){
  return 301 https://$server_name$request_uri;
}
}

server {
listen 443 ssl http2;
server_name <domain>;

root /var/www/pterodactyl/public;
index index.php;

access_log /var/log/nginx/pterodactyl.app-access.log;
error_log  /var/log/nginx/pterodactyl.app-error.log error;

# allow larger file uploads and longer script runtimes
client_max_body_size 100m;
client_body_timeout 120s;

sendfile off;

# SSL Configuration
ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;

# See https://hstspreload.org/ before uncommenting the line below.
# add_header Strict-Transport-Security "max-age=15768000; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header X-Frame-Options DENY;
add_header Referrer-Policy same-origin;

location / {
    try_files $uri $uri/ /index.php?$query_string;
}

location ~ \.php$ {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass unix:/run/php/php7.2-fpm.sock;
    fastcgi_index index.php;
    include fastcgi_params;
    fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTP_PROXY "";
    fastcgi_intercept_errors off;
    fastcgi_buffer_size 16k;
    fastcgi_buffers 4 16k;
    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    include /etc/nginx/fastcgi_params;
}

location ~ /\.ht {
    deny all;
}
}

My answer:


You must have your CloudFlare SSL setting set to Full or Full (strict) (recommended). Flexible or Off will not work.


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.