Apache, Plesk

πŸ”§ Fix: 421 Misdirected Request Error on All Websites in Plesk with Apache + Nginx

17 Jul

βœ… Symptoms

All websites on the server return the following error in the browser:

421 Misdirected Request

Additionally, the following error is logged in the domain’s log (Plesk > Domains > example.com > Logs):

AH02032: Hostname default-203_0_113_2 (default host as no SNI was provided) and hostname www.example.com provided via HTTP have no compatible SSL setup

⚠️ Cause

This issue occurs due to recent changes in Apache that affect how it handles SNI (Server Name Indication) when used in conjunction with Nginx as a reverse proxy.

After Apache implemented fixes for recent CVEs, it became more strict about SNI handling, leading to this misdirected request behavior when Nginx fails to pass the proper SNI hostname upstream.

πŸ› οΈ Resolution

To fix the issue, configure Nginx to forward the correct SNI information when proxying HTTPS requests to Apache.

  1. SSH into your Plesk server.

  2. Add the following global Nginx configuration override:

bash
echo -e "proxy_ssl_server_name on;\nproxy_ssl_name \$host;" > /etc/nginx/conf.d/fixssl.conf

  1. Restart the Nginx service to apply the fix:

bash
service nginx restart

πŸ“Œ Note

This workaround ensures that Nginx sends the correct SNI when proxying SSL requests, aligning with Apache’s stricter hostname verification logic.

The root cause is still being investigated. You can follow updates via the official Plesk knowledge base article.

Let me know if you’d like a version styled for Facebook, LinkedIn, or your team’s KB system (Markdown, HTML, etc).

Leave a Comment

We are a Professional AWS Managed company of experienced talented engineers. We are top skilled in AWS Architecture, DevOps, Monitoring and Security Solutions.

AWS PS Copyright Β© 2019 Designed byΒ Laraship
About AWS PS