dereisige
Apr 05, 2016
view2203
view3
0
Goto Top

Nginx ruft nicht die richtige default Seite auf

GermanQuestionHosting, HousingInternet
Hallo Leute,
ich habe ein kleines Problem mit meinem nginx Server bei unbekannten Domains und Sub Domains lande ich immer auf der „Z-Push - Open Source ActiveSync“ Index Seite und nicht wie gewollt auf der Seite die im nginx Default konfiguriert ist.

Ich habe zwei nginx conig’s
mailcow
# mailcow site configuration
# ! Do not remove this header !
server {
	listen 80;
	listen [::]:80;
	server_name mailconf.example.com;
	server_tokens off;
	root /var/www/mail;
	return 301 https://$host$request_uri;
}
server {
	listen 443;
	listen [::]:443;
	ssl on;
	ssl_certificate         /etc/ssl/mail/mail.crt;
	ssl_certificate_key     /etc/ssl/mail/mail.key;
	ssl_prefer_server_ciphers on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';  
	ssl_dhparam /etc/ssl/mail/dhparams.pem;
	add_header Strict-Transport-Security max-age=15768000;
	ssl_session_timeout 30m;
	server_name autodiscover.example.com;
	server_tokens off;
	root /var/www/zpush;
	index index.php;
	charset utf-8;
	rewrite (?i)^/autodiscover/autodiscover\.xml$ /autodiscover/autodiscover.php;
	location / {
		try_files $uri $uri/ /index.php;
	}
	location /Microsoft-Server-ActiveSync {
		rewrite ^(.*)$  /index.php last;
	}
	location ~ /(\.ht|Core|Specific) {
		deny all;
		return 404;
	}
	location ~ ^(.+\.php)(.*)$ {
		try_files $fastcgi_script_name =404;
		fastcgi_split_path_info  ^(.+\.php)(.*)$;
		fastcgi_pass   unix:/var/run/php5-fpm.sock;
		fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
		fastcgi_param  PATH_INFO        $fastcgi_path_info;
		include        /etc/nginx/fastcgi_params;
		fastcgi_index index.php;
		fastcgi_read_timeout 630;
	}
}
server {
	listen 443;
	listen [::]:443;
	ssl on;
	ssl_certificate         /etc/ssl/mail/mail.crt;
	ssl_certificate_key     /etc/ssl/mail/mail.key;
	ssl_prefer_server_ciphers on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';  
	ssl_dhparam /etc/ssl/mail/dhparams.pem;
	add_header Strict-Transport-Security max-age=15768000;
	ssl_session_timeout 30m;
	server_name dav.example.com;
	server_tokens off;
	root /var/www/dav;
	index server.php;
	charset utf-8;
	rewrite ^/.well-known/caldav /server.php redirect;
	rewrite ^/.well-known/carddav /server.php redirect;
	location / {
		try_files $uri $uri/ /server.php?$args;
	}
	location ~ /(\.ht|Core|Specific) {
		deny all;
		return 404;
	}
	location ~ ^(.+\.php)(.*)$ {
		try_files $fastcgi_script_name =404;
		fastcgi_split_path_info  ^(.+\.php)(.*)$;
		fastcgi_pass   unix:/var/run/php5-fpm.sock;
		fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
		fastcgi_param  PATH_INFO        $fastcgi_path_info;
		include        /etc/nginx/fastcgi_params;
	}
}
server {
	listen 443;
	listen [::]:443;
	server_name mailconf.example.com;
	server_tokens off;
	ssl on;
	ssl_certificate         /etc/ssl/mail/mail.crt;
	ssl_certificate_key     /etc/ssl/mail/mail.key;
	ssl_prefer_server_ciphers on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';  
	ssl_dhparam /etc/ssl/mail/dhparams.pem;
	add_header Strict-Transport-Security max-age=15768000;
	ssl_session_timeout 30m;
	client_max_body_size 25m;
	root /var/www/mail;
	index index.html index.htm index.php;
	error_page 502 /redir.html;
	location /redir.html {
		return 301 /admin.php;
	}
	location ~ ^/(rc/logs|pfadmin/ADDITIONS)/ {
		deny all;
	}
	location ~ /(\.ht) {
		deny all;
		return 404;
	}
	location = /favicon.ico {
		log_not_found off;
		access_log off;
	}
	location = /robots.txt {
		allow all;
		log_not_found off;
		access_log off;
	}
	location / {
		try_files $uri $uri/ index.php;
	}
    location ~ \.php$ {
        include fastcgi_params;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm-mail.sock;
        fastcgi_index index.php;
        fastcgi_param HTTPS on;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		fastcgi_read_timeout 630;
		fastcgi_keep_conn on;
    }
}
server {
	listen 80;
	listen [::]:80;
	server_name mail.example.com webmail.example.com;
	server_tokens off;
	root /var/www/roundcube;
	return 301 https://$host$request_uri;
}
server {
	listen 443;
	listen [::]:443;
	server_name mail.example.com webmail.example.com;
	server_tokens off;
	ssl on;
	ssl_certificate /etc/ssl/mail/mail.crt;
	ssl_certificate_key /etc/ssl/mail/mail.key;
	ssl_prefer_server_ciphers on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers 
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';  
	ssl_dhparam /etc/ssl/mail/dhparams.pem;
	add_header Strict-Transport-Security max-age=15768000;
	ssl_session_timeout 30m;
	client_max_body_size 25m;
	root /var/www/roundcube;
	index index.html index.htm index.php;
	error_page 502 /redir.html;
	location /redir.html {
		return 301 /admin.php;
	}
	location ~ ^/(rc/logs|pfadmin/ADDITIONS)/ {
		deny all;
	}
	location ~ /(\.ht) {
		deny all;
		return 404;
	}
	location = /favicon.ico {
		log_not_found off;
		access_log off;
	}
	location = /robots.txt {
		allow all;
		log_not_found off;
		access_log off;
	}
	location / {
		try_files $uri $uri/ index.php;
	}
    location ~ \.php$ {
        include fastcgi_params;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm-mail.sock;
        fastcgi_index index.php;
        fastcgi_param HTTPS on;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		fastcgi_read_timeout 630;
		fastcgi_keep_conn on;
    }
}

default
##
# You should look at the following URL's in order to grasp a solid understanding 
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http:{{comment_single_line_double_slash:0}}
# http:{{comment_single_line_double_slash:1}}
# http:{{comment_single_line_double_slash:2}}
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
	listen 80 default_server;
	listen [::]:80 default_server;

	# SSL configuration
	#
	# listen 443 ssl default_server;
	# listen [::]:443 ssl default_server;
	#
	# Self signed certs generated by the ssl-cert package
	# Don't use them in a production server!  
	#
	# include snippets/snakeoil.conf;

	root /var/www/html;

	# Add index.php to the list if you are using PHP
	index index.html index.htm index.nginx-debian.html;

	server_name _;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
	}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#
	#	# With php5-cgi alone:
	#	fastcgi_pass 127.0.0.1:9000;
	#	# With php5-fpm:
	#	fastcgi_pass unix:/var/run/php5-fpm.sock;
	#}

	# deny access to .htaccess files, if Apache's document root  
	# concurs with nginx's one  
	#
	#location ~ /\.ht {
	#	deny all;
	#}
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#	listen 80;
#	listen [::]:80;
#
#	server_name example.com;
#
#	root /var/www/example.com;
#	index index.html;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}
comment-contentCommentShareShare
Share on Facebook Share on Twitter Share on Reddit Share on Linkedin

Content-Key: 300955

Url: https://administrator.de/contentid/300955

Printed on: April 23, 2024 at 21:04 o'clock

3 Comments
Latest comment
Goto Top
Member: Dani
Dani Apr 06, 2016 at 06:16:01 (UTC)
Goto Top
Moin,
ich habe ein kleines Problem mit meinem nginx Server bei unbekannten Domains und Sub Domains lande ich immer auf der „Z-Push - Open Source ActiveSync“ Index Seite und nicht wie gewollt auf der Seite die im nginx Default konfiguriert ist.
Kann es sein, dass Problem tritt nur auf wenn du eine unbekannte Subdomain mit HTTPs aufrufst? Bei HTTP funktioniert alles wie gewollt...


Gruß,
Dani
Member: DerEisige
DerEisige May 04, 2016 at 08:14:43 (UTC)
Goto Top
ja genau
Member: Dani
Dani May 09, 2016 at 08:07:33 (UTC)
Goto Top
Moin,
Abhilfe schafft eigentlich nur eine Default Webseite für HTTPS wie bereits für HTTP existiert.


Gruß,
Dani
GermanQuestionHosting, HousingInternet
Hotly discussed
gleixnerdCheck of ZFW Firewallgleixnerd - 5 CommentsjstrickerWireguard VPN on UDM Pro behind Fritzbox - Handshake did not completejstricker - 3 CommentsAlexWishaHow to set up and configure a Linux GRE tunnelAlexWisha - 3 Comments