Nginx errors only on Proxied DNS

Hi

my settings:

On Cloudflare I have example.com with wildcard DNS:
with record:

Type Name Content proxied
A example.com 12.34.56.78 yes
A * 12.34.56.78 yes
And Full(Strict) SSL

I own another domain: app1.com, not on Cloudflare:

Type Name Content
A app1.com 12.34.56.78
A www.app1.com 12.34.56.78
I have nginx with the following config (minimized version) for app1.com:
server {
	listen 443;
	server_name app1.com www.app1.com;
	
	location /{
		proxy_pass app1.example.com;
		proxy_set_header Host myworker.example.workers.dev;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	    proxy_set_header X-Forwarded-Ssl on;
	    proxy_ssl_server_name on;
	}
}

Some info

  • Without cloudflare proxy, app1.com always work perfectly (even without proxy_ssl_server_name on)
  • (With proxy) If I remove proxy_ssl_server_name on directive I can’t access app1.com at all- I get error 403 or 421 (pictures below)
  • (With proxy) It’s not that I can’t access app1.com- it’s that some of the requests are being timeout by nginx, Causing the site to take a few minutes to load, Some app1.error.log logs from nginx:
2024/04/04 21:24:43 [error] 885944#0: *17 upstream timed out (110: Connection timed out) while connecting to upstream, client: <my_home_public_ip>, server: app1.com, request: "GET /assets/website-theme/transparent.png HTTP/2.0", upstream: "https://[2a06:98c1:3121::7]:443/assets/website-theme/transparent.png", host: "app1.com", referrer: "https://app1.com/"

2024/04/04 21:24:43 [error] 885944#0: *17 upstream timed out (110: Connection timed out) while connecting to upstream, client: <my_home_public_ip>, server: app1.com, request: "GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/2.0", upstream: "https://[2a06:98c1:3120::7]:443/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js", host: "app1.com", referrer: "https://app1.com/"

2024/04/04 22:21:54 [error] 890667#0: *633 upstream timed out (110: Connection timed out) while connecting to upstream, client: <my_home_public_ip>, server: app1.com, request: "GET /assets/website-theme/custom-colors/colour-blue-dark.min.css HTTP/2.0", upstream: "https://[2a06:98c1:3120::7]:443/assets/website-theme/custom-colors/colour-blue-dark.min.css", host: "app1.com", referrer: "https://app1.com/"
  • It’s not the same files/requests being timeout every time, it differ every-time I refresh the page

To summarize:
Any ideas on how to make proxy work with app1.com ? Thanks

image

Small correction, without this line:
proxy_set_header Host myworker.example.workers.dev;
``

Another clue- the timeout error does not occur when using an nginx reverse proxy on a different server than example.com

So if I have app1.com Record A directed to 123.456.789.444 and on that server I do a proxy_pass to app1.example.com (which is not on 123.456.789.444 but at 12.34.56.78) then it works without error.
Meaning the error somehow related to both the sites being hosted on the same machine, and having cloudflare between them, which probably somehow confuses nginx proxy_pass. Still not sure how to solve this

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.