> For example, a request to https://test.example.org/bla/fasel would deliver
> the content for https://foo.example.org/bla/fasel. So basically it delivers
> content for the wrong subdomain. Those occasions are very, very rare and
> totally random in regards to the subdomain from which the content gets
> delivered.
Your configuration has:
proxy_cache_key $ae$scheme://$http_host$request_uri;
and
proxy_cache_use_stale error timeout invalid_header http_502;
I would start with either disabling the proxy_cache_use_stale and/or inspecting
the $http_host.
If I'm not wrong $http_host doesn't get the same treatment as $host which also
comes from user request headers but if not present or empty gets set as
$server_name matching the request.
So if a client doesn't send the 'Host:' header there might be cache entries
basically just with the $request_uri which are served in some specific cases.
Nginx always stores and returns whatever the backend sent as a response.
Since you change the Host header:
proxy_set_header Host $upstream_endpoint;
proxy_set_header X-Forwarded-Host $http_host;
If possible you could add some debug headers on the backends - to see if
request actually landing on the nginx proxy is correctly passed on the backend
(like you could again be missing the X-Forwarded-Host header).
Also you can do a simple MD5 on the problematic request (like md5
https://foo.example.org/bla/fasel -> 4DFDF87BB2FD82629ACB91BB1B1B2A1C
(obviously for the gzipped content you have to add 'gzip' at the beginning) and
then check if the cache file in
/opt/example-org-cache/c/a1/4dfdf87bb2fd82629acb91bb1b1b2a1c actually exists
and what's the content of it.
rr
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
