Hello Everyone,
Trying build nginx 1.6.2 and --pid-path is not honored by build. Doesn't
matter what I change it stays in /run/nginx.pid.
Here buiild output
http://fpaste.org/143079/41361548/
Thank you in advance.
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,254122,254122#msg-2
Thank you.
I tried. Removed $1, restarted Nginx. But it does not work. Still the same
issue.
Jake
On 17 October 2014 23:36, mex wrote:
> iirc you donw need a $1 behind alias like in rewrite-rules
>
> http://nginx.org/en/docs/http/ngx_http_core_module.html#alias
>
> the following should work
>
This was fun...
I found a subdomain's vhost was allowing RC4, and fixing that the RC4 alert
go away for scanning the main site. I think this might be an issue with the
way the Qualys scanner works. Thank you all for helping & kudos to Scott
Larson for putting up with me :)
-jkl
On Fri, Oct 17, 2
no, not that domain. i'll contact you off-list :D
On Fri, Oct 17, 2014 at 7:41 PM, Scott Larson wrote:
> Just to be thorough, are you sure nginx is actually using the config
> file that you think it is? If we’re talking about your personal domain I
> see TLS 1.0 and SSL 3.0 available which
Just to be thorough, are you sure nginx is actually using the config file
that you think it is? If we’re talking about your personal domain I see TLS 1.0
and SSL 3.0 available which in this snippet you have not enabled. This behavior
isn’t something I’m able to replicate with the 1.7.6/1.0.
using openssl101j, I get the same results with the following in both my
vhost config and nginx.conf
ssl_protocols TLSv1.2 TLSv1.1;
ssl_ciphers
EECDH+aRSA+AESGCM:EECDH+aRSA+AES:EDH+aRSA+AESGCM:EDH+aRSA+AES:DES-CB
C3-SHA:!EXP:!CAMELLIA:!DSS:!MEDIUM:!LOW:!aNULL:!eNULL:!RC4;
ssl_prefer_se
The CA will never provide a key, if this was a simple renewal of the
existing certificate the key already in place would be the one to reuse.
One thing to note however is that SHA1 is being aggressively phased out now
due the the Google policy change with Chrome. If that matters to you,
you'll
Hello!
On Fri, Oct 17, 2014 at 05:19:29PM +0100, Ian wrote:
> Hi All,
>
> My client's SSL certificates are about to run out, and we have gone through
> the process of
> getting the replacements from Godaddy. However their instructions as to how
> to use them
> are useless.
>
> I expected a .cr
Hi All,
My client's SSL certificates are about to run out, and we have gone
through the process of
getting the replacements from Godaddy. However their instructions as to
how to use them
are useless.
I expected a .crt and possibly a .key file, and I expected to simply
replace the existing f
Hi mex,
Yes, it's apacheconfig, Litespeed is drop-in replacement for Apache.
Here is my full nginx -V http://fpaste.org/142890/60334141/raw
I don't have nginx with different openssl-library installed.
Thanks.
On 10/17/2014 10:29 PM, mex wrote:
>> Regarding POODLEbleed[1] issue, I've disable SS
iirc you donw need a $1 behind alias like in rewrite-rules
http://nginx.org/en/docs/http/ngx_http_core_module.html#alias
the following should work
location /wifi {
alias /var/www/owums/public; # <-- be sure to point to 'public'!
passenger_base_uri /wifi;
passenger_app_root /var/www/
> Regarding POODLEbleed[1] issue, I've disable SSLv3 on `ssl_protocols`
thats the most important part
> directive. But, ssllabs.com says that :
>
> snip
> Downgrade attack prevention No, TLS_FALLBACK_SCSV not supported (more
> info[2])
TLS_FALLBACK_SCSV also prevents downgrades fro
Yeah i do the same with the IP each nginx process knows the machine to
locate via http://172.0.0.1; each machine is assigned its own localhost ip.
The only thing that does not use the IP is each servers nginx pulls from
static data from the mapped hard drive Z:/ But taken into consideration i
run
Hi there,
Regarding POODLEbleed[1] issue, I've disable SSLv3 on `ssl_protocols`
directive. But, ssllabs.com says that :
snip
Downgrade attack prevention No, TLS_FALLBACK_SCSV not supported (more
info[2])
snip
But on LiteSpeed[3] configuration, it says yes.
snip
Thank you very much Maxim, I will check your recommendation I will post the
results here.
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,254095,254105#msg-254105
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo
That php issue should be solved for awhile now, also deploy proper php.ini
settings for each domain.
ea:
[PATH=s:/webroot/domain.nl]
open_basedir = s:/webroot/domain.nl
doc_root = s:/webroot/domain.nl
error_reporting = E_ALL & ~E_NOTICE
error_log = s:/logging/php/domain.nl.errors.log
upload_tmp_dir
Hi,
I am running a ruby application on Nginx. It is working fine on Apache.
When I try to load the ruby application on Nginx, I get this error: "Failed
to load resource: the server responded with a status of 404 (Not Found)" It
fails to find two .json files. I had the same issue with Apache before
I suppose i should explain my enviorment odly enough i did a picture a while
back to explain it too.
Here is the pic
http://hwdmediashare.co.uk/media/kunena/attachments/19987/Untitled_2014-09-19.png
To explain it :
A VRack is a virtual rack all my servers are connected to eachother by a
ethernet
Hello!
On Fri, Oct 17, 2014 at 08:24:18AM -0400, timbo wrote:
> Hello all,
>
> Nginx is the reverse proxy+ MS Remote Desktop Gateway using SSL, the first
> authentication is working, the problem is when I try to open a program in
> this environment for example wordpad.exe of session host RD, it
Hi Maxim,
so I dig into it a bit further and it seems as that I made an error in
pairing of tcpdump outputs with nginx error logs. I triple checked it
now and the upstream server really killed the connection without sending
a response in cases nginx triggers an error.
I am sorry for the noise.
R
Hello all,
Nginx is the reverse proxy+ MS Remote Desktop Gateway using SSL, the first
authentication is working, the problem is when I try to open a program in
this environment for example wordpad.exe of session host RD, it ask for
user and password (I use the same credentials used to connect in
Scott Larson Wrote:
---
> Something else must be going on here. Looking at your ssl_cipher
> string, you're opening with a rough declaration of specific ciphers
> you'll
> support, none of which should pull in RC4. It's specific enough in
> fact
>
With a backend (like php) you are always bound to what the backend can
handle, nginx is just a portal here.
The amount of backends should be balanced with the best balance setting like
leastconn/iphash, ea: http://nginx.org/en/docs/http/load_balancing.html and
also consider Lua for managing/offload
23 matches
Mail list logo
