This my real domain with SSL support --> https://www.wknet.se/
This is my cookie free domain --> http://cdnwknet.com/
I want my real site to look like this --> wknet.se/?style when the setup is finished.
In the <head> of my real site I have this --> <link rel="stylesheet" href="http://cdnwknet.com/wk-templates/css/bootstrap.3.2.0.min.css" media="all">. As you see I point the static css file to my cookie free domain.
My config file for the cookie free domain looks like this:
server {
listen 80;
listen [::]:80;
server_name www.cdnwknet.com;
return 301 http://cdnwknet.com$request_uri;
}
server {
listen 80;
server_name cdnwknet.com;
root /var/www/cdnwknet.com/html;
index index.php index.html index.htm;
error_page 403 /error/403.html;
error_page 404 /error/404.html;
charset utf-8;
if ( $request_uri ~ ^(/index\.php)$ ) {
return 301 http://cdnwknet.com;
}
location / {
try_files $uri $uri/ =404;
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
log_not_found off;
fastcgi_hide_header Set-Cookie;
tcp_nodelay off;
break;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location = /error/403.html {
root /var/www/cdnwknet.com/html;
allow all;
}
location = /error/404.html {
root /var/www/cdnwknet.com/html;
allow all;
}
}
In the DNS setup of my real domain I have added a CNAME like this image shows ---> https://i.sstatic.net/y0BkE.jpg
I am using DigitalOcean and my real site and the cookie free domain is on the same Droplet (Server). The cookie free domain has the same IP adress as my real domain.
Now, What am I missing here and is my config of the cookie free domain correct?
Here is a config of my real domain if it needs to be changed:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name wknet.se www.wknet.se;
add_header Strict-Transport-Security max-age=15768000;
return 301 https://www.wknet.se$request_uri;
}
server {
listen 443 ssl;
server_name wknet.se;
ssl_certificate /etc/nginx/ssl/SSL.crt;
ssl_certificate_key /etc/nginx/ssl/KEY.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
ssl_prefer_server_ciphers on;
return 301 https://www.wknet.se$request_uri;
}
server {
listen 443 ssl;
server_name www.wknet.se;
root /var/www/wknet.se/html;
index index.php index.html index.htm;
ssl_certificate /etc/nginx/ssl/SSL.crt;
ssl_certificate_key /etc/nginx/ssl/KEY.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
ssl_prefer_server_ciphers on;
error_page 403 /error/403.html;
error_page 404 /error/404.html;
charset utf-8;
if ( $request_uri ~ ^(/index\.php)$ ) {
return 301 https://www.wknet.se;
}
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
error_log off;
log_not_found off;
}
location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
log_not_found off;
expires 365d;
add_header Cache-Control "public, max-age=315360000";
}
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|png|gif|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off;
log_not_found off;
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
location ~* \.(7z|ai|class|css|csv|ejs|eps|flv|html?|jar|jpe?g|js|json|lzh|m4a|m4v|mov|mp3|pdf|pict|pls|ps|psd|swf|tiff?|txt|webp)$ {
access_log off;
log_not_found off;
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
location = /error/403.html {
root /var/www/wknet.se/html;
allow all;
}
location = /error/404.html {
root /var/www/wknet.se/html;
allow all;
}
}
Add a separate subdomain like static.wknet.se
and add this:
server{
fastcgi_hide_header Set-Cookie;
}