Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Warn about using a WordPress site host as the web server hostname (that also hosts that site) #446

Open
3 tasks done
strarsis opened this issue Jan 26, 2023 · 3 comments
Open
3 tasks done

Warn about using a WordPress site host as the web server hostname (that also hosts that site) #446

strarsis opened this issue Jan 26, 2023 · 3 comments
Labels
enhancement

Comments

@strarsis
Copy link
Contributor

Terms

Summary

When a Trellis web server has a hostname assigned that is also used as the host of a WordPress site in that same web server, loopback connection problems occur.
(A loopback connection being a connection of that web server (commonly from inside the WordPress PHP app) to its own (public) host.)

As the /etc/hosts has a default mapping of the server hostname to 127.0.0.1, also at the very top (so it will always win when resolving the hostname on that system), the hostname on that system will always and immediately be resolved to (default IPv4 localhost) 127.0.0.1.
nginx on the Trellis web server listens on the public IP address(es) – also on localhost (127.0.0.1), but isn't configured the same for localhost connections, TLS among other things. Therefore loopback connections for this host will fail.

It makes sense to add a warning to the Trellis documentation about using a hostname (as a domain) for the web server, that also one of its WordPress sites uses, as this will cause issues with loopback connections for that site domain.

Motivation

Why are we doing this?

Prevent issues with loopback connections, also helping with finding out about this issues for existing web server installations that already made that mistake.

What use cases does it support?

All use cases I am aware of.

What is the expected outcome?

Prevent this issue from occurring, also helping affected server admins.

Potential conflicts / foreseeable issues

No real conflicts. It should be very easy to set up a separate host name for the web server itself, like a subdomain (e.g. web-1.web-agency.tld).

Additional Context

roots.io Discourse discussion where this issue was discovered:
https://discourse.roots.io/t/ssl3-read-bytes-tlsv1-unrecognized-name-downloading-domain-satispress-packages-json/24639/1
@swalkinshaw
Copy link
Member

Lost track of this. Do you want to submit a PR to add this warning @strarsis?

Though I'm concerned this is something people just won't read/notice before server creation.

@strarsis
Copy link
Contributor Author

@swalkinshaw: Additionally or alternatively, Trellis itself could do the check for the WordPress sites:
When a WordPress site canonical host equals to the host of the Trellis system itself, emit a warning, ideally directly at the beginning.

@swalkinshaw
Copy link
Member

I think I was hesitant of that because this is a rare edge case but it's really hard to debug and figure out so I'd be okay adding that check.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@swalkinshaw @strarsis