Nginx - Host two node servers without accessing port number from the other server

Question

Very new to Nginx here. I have a VPS, where I host two node servers behind Nginx. (followed this guide)

examplesite.com:3838 anothersite.com:3839

I have two .conf files for each in /etc/nginx/conf.d/ as follows:

examplesite.com.conf

server {
    listen 80;

    server_name examplesite.com;

    location / {
        proxy_pass http://localhost:3838;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

anothersite.com.conf

server {
    listen 80;

    server_name anothersite.com;

    location / {
        proxy_pass http://localhost:3839;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

My problems are that if I go to examplesite.com:3839, it serves me anothersite.com. Also, if I navigate to the server's IP address, I get examplesite.com's site. Lastly, and most importantly, if I go to anothersite.com it serves 'examplesite.com'.

Am I missing something major?

Answer 1

My problems are that if I go to examplesite.com:3839, it serves me anothersite.com

This has nothing to do with nginx. You are bypassing nginx entirely here and connecting your browser straight to your express app (because you are putting the port into your browser address bar). So this means you have the wrong express app listening on 3839. Stop that app and start up the anothersite.com express app listening on 3839 and things will start making a lot more sense.

So in general your express apps should bind to the loopback IP with app.listen(3838, '127.0.0.1', callback). This will prevent connections directly to the express apps, which is better from a usability perspective: ports in URLs are basically unheard of for any legitimate web site, and a security perspective: better to let nginx protect your apps from the Internet.

As to what happens when you put an IP address instead of a hostname in your browser, that's a fundamental reality of virtual hosting. virtual hosting means serving multiple web sites with their own domain names on a single server at a single IP address, and it only works with host names in the browser (which then send the HTTP "Host" header, which is the lynchpin that makes virtual hosting possible). So without a hostname, all you can do is arbitrarily select one of you apps to be the default and do listen 80 default; in your nginx config. You could also force a redirect to the hostname or respond with a dedicated "hey we don't allow browsing by IP" page if you like (although I haven't seen a site that actually does that).

Lastly, and most importantly, if I go to anothersite.com it serves 'examplesite.com'.

Double check your work. Are you sure the apps and ports are not crisscrossed? Your example looks fine as long as otherwise everything is correctly configured. When you browse to anothersite.com nginx should proxy that to port 3839 which should be the correct application.