Redirect to main domain with DNS proxy enabled

I encountered a strange issue with the domain mcstaging.sfiziostudio.com, which keeps redirecting (HTTP 302) to the main domain mcstaging.beatriceb.com when the store code is not specified (e.g., /it_ita). The issue resolves when I disable the DNS proxy for sfiziostudio. I’ve tried various Nginx configurations without success.

The website is running on Magento 2. Below is the Nginx configuration (I readjusted URLs, like mcstaging.sfiziostudio.com → sfiziostudio as it doesn’t allow more than 4 links per post):

map $http_host $MAGE_RUN_CODE {
    beatriceb it_it;
    sfiziostudio it_ita;
}

map $http_host $MAGE_ROOT {
    default /home/ubuntu/opt/magento/production/current;
}

upstream fastcgi_backend {
    server unix:/var/run/php/php8.1-fpm.sock;
}

server {
    listen 81;
    server_name localhost;

    location /nginx_status {
        stub_status on;
        allow 127.0.0.1;
        deny all;
    }
}

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name beatriceb sfiziostudio;
    large_client_header_buffers 4 32k;

    access_log /var/log/nginx/$host.access.log;
    error_log  /var/log/nginx/$host.error.log error;

    include /home/ubuntu/opt/magento/production/current/nginx.conf.sample;
    include /etc/nginx/snippets/magento.conf;

    set $MAGE_RUN_TYPE store;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name beatriceb;
    client_max_body_size 200M;
    large_client_header_buffers 4 32k;

    ssl_certificate /etc/letsencrypt/live/beatriceb/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/beatriceb/privkey.pem;

    access_log /var/log/nginx/beatriceb.access.log;
    error_log /var/log/nginx/beatriceb.error.log error;

    include /home/ubuntu/opt/magento/production/current/nginx.conf.sample;
    include /etc/nginx/snippets/magento.conf;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name sfiziostudio;
    client_max_body_size 200M;
    large_client_header_buffers 4 32k;

    ssl_certificate /etc/letsencrypt/live/sfiziostudio/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/sfiziostudio/privkey.pem;

    access_log /var/log/nginx/sfiziostudio.access.log;
    error_log /var/log/nginx/sfiziostudio.error.log error;

    include /home/ubuntu/opt/magento/production/current/nginx.conf.sample;
    include /etc/nginx/snippets/magento.conf;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

In Magento 2 all base URLs are correctly specified for websites. Auto-redirect to Base URL is enabled. When I disable it, the URL stays mcstaging.sfiziostudio.com, but the actual website displayed is mcstaging.beatriceb.com. If I disable the DNS proxy, it works correctly.

The current SSL mode is set to flexible. Could this be the source of the issue? When I tried to enable full SSL mode, I encountered an issue with too many redirects for both the main domain and the sub-domain.

“Flexible” uses HTTP only to your server, even if the client uses HTTPS so never use it, use only “Full (strict)” to ensure Cloudflare uses HTTPS to your origin when the client does, and so the SSL certificate is validated.

If you get “too many redirects” when on Full (strict) it’s likely there are redirects on Cloudflare and your origin that are looping. However, for me, they seem to work ok…
https://cf.sjr.org.uk/tools/check?9681730b378a40068c483240af22c649#connection-worker-http

It is odd you say the redirect to the beatriceb.com domain stops when you turn off the proxy, as that redirect is definitely happening on your origin server…

HTTP/1.1 302 Found
Date: Mon, 29 Apr 2024 15:38:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=tdo7s856v2sqauvk5l5ll55dk3; expires=Mon, 29-Apr-2024 19:38:07 GMT; Max-Age=14400; path=/; domain=mcstaging.sfiziostudio.com; SameSite=Lax
Set-Cookie: _sbp=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.mcstaging.sfiziostudio.com; secure; SameSite=Lax
Location: https://mcstaging.beatriceb.com/eu_en/
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Sat, 29 Apr 2023 15:38:07 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3xTxxnvzzSklPgk1QHCohIGLwMVqQnrjdM9lb888j%2B2TgP9CghppxI4A520iYZN%2Fh1huZgNZFaWgleRJfVDd4kgVuiBMalqkzMrbxttVDX7MHApB0l3CJ3Nw%2FztZz3v4PIl5HeeAT6ZyLna%2BDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87c06094d8886323-LHR
alt-svc: h3=":443"; ma=86400
1 Like