The GoalI had a news portal (Nagarik Aawaj) running on a shared VPS at IP:8085. I wanted to give it a proper domain: devdigest.bishalsunuwar.com.np, using Cloudflare for DNS and free SSL. The ProblemAfter everything was set up, visiting https://devdigest.bishalsunuwar.com.np loaded a completely different website — gmls.com.np, another project hosted on the same VPS. The Debugging ProcessI ran some tests on the VPS: curl -I http://127.0.0.1:80 -H "Host: devdigest.bishalsunuwar.com.np" This returned my Next.js app correctly — so the nginx config on port 80 was working fine. But when accessed through Cloudflare, it kept showing the wrong site. That was the clue. The Root CauseWhen Cloudflare's SSL mode is set to Full, it connects to your server over HTTPS (port 443), not HTTP (port 80). My devdigest nginx config only had: It had no port 443 listener. Meanwhile, the gmls.com.np config had a 443 SSL block. Since nginx had no matching server for devdigest on port 443, it fell back to gmls — the only other config listening on that port. The FixI added an SSL server block to my devdigest nginx config: server { listen 443 ssl; listen [::]:443 ssl; server_name devdigest.bishalsunuwar.com.np; }

The SSL certificate is just Ubuntu's default self-signed "snakeoil" cert. It doesn't matter that it's self-signed because Cloudflare handles the real SSL for visitors. The connection chain is: User → HTTPS (valid Cloudflare cert) → Cloudflare → HTTPS (snakeoil cert) → VPS After reloading nginx, the subdomain worked perfectly. Have you ever had a "one line fix" that took hours to find? Drop it in the comments — I'd love to hear your debugging war stories. And if you have questions about Cloudflare, nginx, or VPS setups, ask away — happy to help. Templates let you quickly answer FAQs or store snippets for re-use. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse