Description of problem: The default server (server_name _) is not the default server. Version-Release number of selected component (if applicable): nginx version: nginx/1.28.0 How reproducible: 100% Steps to Reproduce: 1. Install nginx 2. Add another server in `/etc/nginx/conf.d/example.org.conf` using `server_name example.org` and pointing to a custom HTML page 3. Open your browser and connect to the server using your IP address (i.e. not example.org) Actual results: It will show the custom page for example.org Expected results: Since the custom server should be limited to requests from example.org, it should show the HTML page from the default server Additional info: From the Nginx documentation (https://nginx.org/en/docs/http/ngx_http_core_module.html#listen): > If none of the directives have the `default_server` parameter then the first server with the `address:port` pair will be the default server for this pair. Because of this behavior, the default server will be the first one parsed in `/etc/nginx/conf.d/`, which is rather non-deterministic. I think there are two potential solutions: 1. Add `default_server` to the listen ports of the default server, like this: ``` listen 80 default_server; listen [::]:80 default_server; ``` 2. Move the line `include /etc/nginx/conf.d/*.conf;` _after_ the default `server` block, this way the server block defined in `/etc/nginx/nginx.conf` will always be the first one defined and thus the default one, unless another server in `conf.d/` defines `default_server` on port 80.
Hi there, thanks for taking the time to file this bug report and providing suggestions to fix this bug. Solution 1 that you suggested was what we had initially. It was removed as a result of https://bugzilla.redhat.com/show_bug.cgi?id=1373822 However, at the time we didn't move the include line for conf.d/* below the first server block, so the behaviour you described here occurs. I will do some testing with option #2 to see if there are any side effects of doing this.
Thanks for the quick answer! FYI I took a look at the content of nginx.conf in Debian (testing): https://packages.debian.org/forky/nginx-common Click on the link "all" at the bottom and choose a mirror, then you can open the .deb with File Roller and open the data.tar.xz file, and there you'll find the file at /data/etc/nginx/nginx.conf. They include the conf file at the very end of the `http` block, like this: ``` http { // ... include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } ``` And then they have a default config located at `/etc/nginx/sites-enabled/default` (they use a post-install script to create a symlink of the conf file from sites-available/ to sites-enabled/. Here's the interesting parts: ``` server { listen 80 default_server; listen [::]:80 default_server; // ... server_name _; // ... } ``` While I like the `sites-available`/`sites-enabled` pattern, I also don't think it's a good choice to use `default_server` here as only one server can have it, so an admin would have no choice but to change the `default` file which comes from the package and, most of the time, you don't want to change the files directly coming with the package. They are forced to do that because they want all the servers to be located in `sites-enabled/`, but they don't control the order in which they are included as it depends on the globbing. Considering all that, I think solution #2 might be the best solution here. So we would have that: * /etc/nginx/nginx.conf: * declare a first server with `server_name _`, but **no** `default_server` on the `listen` properties * then, includes all the files in /etc/nginx/conf.d/*.conf Thanks to this: * admins have a fallback default server (for the port 80) * but, as soon as they'll declare a server in /etc/nginx/conf.d/*.conf with `default_server` on the `listen` properties, it becomes the next default server (for the defined port...) * and admins don't have to change /etc/nginx/nginx.conf for that to work
FEDORA-2026-4de4d247a0 (nginx-1.28.3-1.fc44, nginx-mod-brotli-1.0.0~rc-7.fc44, and 5 more) has been submitted as an update to Fedora 44. https://bodhi.fedoraproject.org/updates/FEDORA-2026-4de4d247a0
FEDORA-2026-4de4d247a0 has been pushed to the Fedora 44 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2026-4de4d247a0` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2026-4de4d247a0 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2026-4de4d247a0 (nginx-1.28.3-1.fc44, nginx-mod-brotli-1.0.0~rc-7.fc44, and 5 more) has been pushed to the Fedora 44 stable repository. If problem still persists, please make note of it in this bug report.