30

I'm trying to set up a website using an Ubuntu machine running nginx. For some reason, I'm able to access the site by the domain name in Safari and Firefox, but in Chrome it's unable to access the server. However, I'm able to use curl, Postman, etc. and I get the index.html back as I'd like to.

I found that in Chrome I'm able to access the site using the IP address, and I'm totally lost on where to check next.

Here's my configuration file:

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;

    index index.html index.htm index.nginx-debian.html;

    server_name _;

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
    }

}

I've changed the response code just to make sure that this is the configuration that I'm actually hitting.

Any help would be appreciated!

Edit: The domain is gwilliam.dev

Andrew Gwilliam
  • 410
  • 4
  • 6
  • Have you flushed your browser cache? – davidgo Dec 08 '19 at 18:04
  • Yes. I've tried that a few times but it doesn't seem to make a difference. – Andrew Gwilliam Dec 08 '19 at 19:20
  • There is still an error.Your index.html is doing some (javascript) magic to change the address bar to https://gwilliam.dev/construction. However it's not doing the simple HTTP 302 that I'd normally expect. When I go to https://gwilliam.dev/construction it shows 404. Weird. – kubanczyk Dec 11 '19 at 20:27
  • @kubanczyk yeah I'm aware of that, I'm finishing up finals right now and then I'll address it. I'm redirecting to /construction on purpose, but haven't quite figured out the 404 yet. Thanks! – Andrew Gwilliam Dec 12 '19 at 22:40

2 Answers2

84

Your problem is because you are using a .dev domain.

The entire .dev top-level domain (TLD) is on the HSTS preload list and that means you must access it using HTTPS. According to your nginx config snippet, you are only providing HTTP bindings, not HTTPS.

In fact, I am surprised that you are able to access the domain using Firefox, since Firefox has been forcing .dev to HTTPS since at least mid-2018. You might be using a very old version, in which case you should upgrade immediately.

The easiest way to get HTTPS support on your site is LetsEncrypt. Once you have that set up, your site should work in Chrome.

Moshe Katz
  • 3,053
  • 3
  • 26
  • 41
  • 1
    Interesting. So Safari just doesn't care and fetches the site no matter what? – Andrew Gwilliam Dec 09 '19 at 07:06
  • 7
    @AndrewGwilliam I know a number of computer security researchers who have a very low opinion of Apple because they don't implement some of the simplest security features that other browser makers have. Even for non-security features, Safari is so bad compared to Chrome and Firefox that the company I work for does not support Safari in our web apps. The only other browser we don't support is classic Internet Explorer. – Moshe Katz Dec 09 '19 at 12:22
  • 3
    Just scroll though https://caniuse.com for things Safari doesn't support to see what I mean. – Moshe Katz Dec 09 '19 at 12:25
  • 3
    I'd give a second +1 for LetsEncrypt if I could. It is very easy to configure and use. – T.J.L. Dec 09 '19 at 14:43
  • @MosheKatz Thank you! Worked like a charm. – Andrew Gwilliam Dec 09 '19 at 16:07
2

Start by verifying that chrome is properly resolving the target site's hostname (FQDN) to the correct IP address, by looking at Chrome's dns cache a few seconds after you try opening the site in chrome. You can view the Chrome dns cache by opening chrome://net-internals/#dns in Chrome.

Depending on whether the FQDN is listed in Chrome's dns cache, and whether the IP is correct, will give you an idea what to do next.

If the FQDN is listed but incorrect, Chrome is getting the wrong IP from somewhere. If its not even listed, then Chrome is not resolving the IP address. Either way you will narrow down what is actually happening.

Some things to try with Chrome.

  1. Try in a private tab.
  2. Login to the same computer as a different user. If the behavior is the same, it's a system-wide setting, possibly the Chrome version. If it works as another user, it is a problem in your Chrome profile.
  3. Try temporarily setting up a fresh Chrome user profile to see if that fixes the issue. If it does it is one of your Chrome settings. You can google where you Chrome profile is located, which varies based on the operating system. All you have to do is move it out of the way while Chrome is closed, then when you re-open Chrome it will generate a new profile. Once you are done verifying, you can delete the new temporary profile, and restore the original. There is lots of information on how to do this, so Google it for screenshots/details if you need to.
user1522091
  • 79
  • 1
  • 5