Have you checked the socket level, and checking kernel log on all 3
servers (nginx and load balancer) meanwhile doing the test?
It could be that for some reason you reach a limit really fast (We had
an issue that we reached the nf_conntrack limit at 600 concurrent users
because we had like 170 r
2 nginx 1.4.6 web servers - ocfs cluster, web root inside mounted LUN
from SAN storage
2 MariaDB 5.5 servers - galera cluster, different network segment than
nginx web servers
nginx servers each two sockets quad core xeon, 128 gb ram
Load balanced via F5 load balancer (round-robin, http performanc
Hi,
Is it possible somehow to let the cache ttl (in proxy_pass caching) be
defined by the client?
Unfortunately it looks like proxy_cache_valid doesn't accept variables
as input.
Thank you in advance.
--
Posted via http://www.ruby-forum.com/.
___
n
> Am 17.03.2015 um 23:32 schrieb Valentin V. Bartenev :
>
> On Tuesday 17 March 2015 09:49:04 alexandru.eftimie wrote:
>> Will there be support for http/2 for upstream connections? I can't seem to
>> find anything about this online ( either SPDY or HTTP/2 for upstream
>> connections )
>>
>
> Th
On Tuesday 17 March 2015 09:49:04 alexandru.eftimie wrote:
> Will there be support for http/2 for upstream connections? I can't seem to
> find anything about this online ( either SPDY or HTTP/2 for upstream
> connections )
>
The problems that SPDY (and HTTP/2) is trying to solve usually do not
ex
Styopa Semenukha schreef op 17-3-2015 om 20:35:
On Tuesday, March 17, 2015 01:24:52 PM vinay bhargav wrote:
Hi,
Sorry for spamming but I'm in deep trouble.
I've accidentally overwritten /etc/nginx/site-availabe/default with some
xyz file. I'm using Ubuntu 14.04. The server is still running. Is
Yes that's what I understood after few tests. I will add the expire by the
PHP script.
Thanks for all the help!
Karl
On Tue, Mar 17, 2015 at 3:07 PM, Nurahmadie Nurahmadie wrote:
>
> On Wed, Mar 18, 2015 at 3:46 AM, Karl Johnson
> wrote:
>
>> Thanks for the reply Nurahmadie.
>>
>> I changed t
On Tuesday, March 17, 2015 01:24:52 PM vinay bhargav wrote:
> Hi,
>
> Sorry for spamming but I'm in deep trouble.
>
> I've accidentally overwritten /etc/nginx/site-availabe/default with some
> xyz file. I'm using Ubuntu 14.04. The server is still running. Is there any
> way I could recover the co
On Wed, Mar 18, 2015 at 3:46 AM, Karl Johnson
wrote:
> Thanks for the reply Nurahmadie.
>
> I changed the location to ~ ^/static/ and the rewrite works again. I've
> added a "expires 1w;" in this location to add an expire on all images in
> /static but it doesn't seem to apply, images give 200 OK
Thanks for the reply Nurahmadie.
I changed the location to ~ ^/static/ and the rewrite works again. I've
added a "expires 1w;" in this location to add an expire on all images in
/static but it doesn't seem to apply, images give 200 OK and never cache.
Is it the right way to do it?
location ~ ^/st
That's because the latter regex location takes precedence over the /static
one.
You should first decide if that regex location should also includes /static
prefix or not.
If it's a yes, then you should also add the same rewrite-rule inside your
regex location, if it's a not, you can turn your /stat
Hello,
I host a website based on Laravel with Nginx 1.6.2 + PHP-FPM 5.6. Most
images on the website are in /static folder and are served to visitors with
a PHP file (see /static location).
I want to add a 30 days expire on all images of this vhost. However, when I
add the "location ~* \.(?:image)
I am trying to configure nginx as reverse proxy that does authentication and
websockets. It proxy-passes request
to apache (/auth/wsgi) for authentication - once that succeeds, it then proxy
passes to the websocked backend,
which is a java based websocket endpoint on tomcat 8.
location /basic/
"fix" applied.
This is what I see when running ssllabs again:
2015/03/17 18:08:33 [crit] 14508#0: *478 SSL_do_handshake() failed (SSL:
error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early) while SSL
handshaking, client: 64.41.200.104, server: 0.0.0.0:443
2015/03/17 18:08:34 [crit] 145
nginx has no support for SNMP
You should be able to whitelist IP's using whatever SNMP daemon you are
using.
On 17/03/15 16:16, Igal @ Lucee.org wrote:
> hi,
>
> can it be used as reverse proxy for any protocol or is it limited to
> http(s) and smtp?
>
> I'm trying to setup a reverse proxy for S
nginx has no support for SNMP
You should be able to whitelist IP's using whatever SNMP daemon you are
using.
On 17/03/15 16:16, Igal @ Lucee.org wrote:
> hi,
>
> can it be used as reverse proxy for any protocol or is it limited to
> http(s) and smtp?
>
> I'm trying to setup a reverse proxy for S
The *feeling* that the problem is related to SNI is getting stronger.
This is the error log when running ssllabs.com on the server:
==> stderr.log <==
2015/03/17 17:12:45 [crit] 40733#0: *925 SSL_do_handshake() failed (SSL:
error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early) while S
Will try it.
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,256381,257339#msg-257339
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
hi,
can it be used as reverse proxy for any protocol or is it limited to
http(s) and smtp?
I'm trying to setup a reverse proxy for SNMP for the purpose opening
remote SNMP access and using the proxy for whitelisting IPs etc.
is that possible?
TIA
Igal
___
Yes, it's at least strange.
The reproducing configuration is rather complex task, this newer happens in
usual browsing session (and not just in parsing config, of course). I'm
still trying to limit it to something I can publish.
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,256381,257
may you just try my "fix"? At least, it will save me time for searching in
completely wrong place.
--- nginx-1.7.10/src/http/modules/ngx_http_ssl_module.c.orig 2015-02-10
15:33:34.0 +0100
+++ nginx-1.7.10/src/http/modules/ngx_http_ssl_module.c 2015-03-17
14:55:58.282130993 +0100
@@ -7
I am on nginx 1.7.10 with LibreSSL 2.1.5.
This is what I see in the error log:
2015/02/03 20:23:30 [alert] 69020#0: *16 ignoring stale global SSL error
(SSL: error:14085042:SSL routines:SSL3_CTX_CTRL:called a function you should
not call) while SSL handshaking, client: [...IP...], server: 0.0.0.
Hi,
I refactored Robs code so it can be merged with latest nginx.
Multi certificate support works only for OpenSSL >= 1.0.2.
Only certificates with different crypto algorithms (ECC/RSA/DSA) can be
used b/c of OpenSSL limitations, otherwise (RSA+SHA-256 / RSA-SHA-1 for
example) only last specified i
Hello!
Yesterday we launched the 2015 NGINX User Survey. [1]
This survey gives us the opportunity to better understand your perspective on
NGINX today and what might make us even more valuable for you in the future.
The insights you share will be used to help plan the NGINX roadmap and
influen
Hello!
On Tue, Mar 17, 2015 at 03:01:09PM +0100, Daniël Mostertman wrote:
> Maxim Dounin schreef op 17-3-2015 om 14:49:
> >Hello!
> >
> >On Tue, Mar 17, 2015 at 09:49:04AM -0400, alexandru.eftimie wrote:
> >
> >>Will there be support for http/2 for upstream connections? I can't seem to
> >>find a
Hello!
On Tue, Mar 17, 2015 at 10:11:48AM -0400, rbqdg9 wrote:
> > So, the alert is harmless and can be safely ignored.
> The real problem - it doesnt, it always accompanied by something like:
> nginx[32624] trap invalid opcode ip:47e04d sp:7fff6971ae50 error:0 in
> nginx[40+a]
> (exactl
I am trying to log the incomming HTTP Request with the below given
log_fromat. It is logging only '-'. could you please help what I am doing
wrong.
Thanks in advance.
nginx.conf
http {
include mime.types;
default_type application/octet-stream;
log_format postdata $re
> So, the alert is harmless and can be safely ignored.
The real problem - it doesnt, it always accompanied by something like:
nginx[32624] trap invalid opcode ip:47e04d sp:7fff6971ae50 error:0 in
nginx[40+a]
(exactly one "invalid opcode" for each "function you should not call" in
nginx log
Maxim Dounin schreef op 17-3-2015 om 14:49:
Hello!
On Tue, Mar 17, 2015 at 09:49:04AM -0400, alexandru.eftimie wrote:
Will there be support for http/2 for upstream connections? I can't seem to
find anything about this online ( either SPDY or HTTP/2 for upstream
connections )
No, and there are
Hello!
On Tue, Mar 17, 2015 at 09:49:04AM -0400, alexandru.eftimie wrote:
> Will there be support for http/2 for upstream connections? I can't seem to
> find anything about this online ( either SPDY or HTTP/2 for upstream
> connections )
No, and there are no plans.
--
Maxim Dounin
http://nginx
Will there be support for http/2 for upstream connections? I can't seem to
find anything about this online ( either SPDY or HTTP/2 for upstream
connections )
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,256561,257321#msg-257321
___
nginx ma
Hello!
On Mon, Mar 16, 2015 at 06:01:05PM -0400, antodas wrote:
> Hello -,
>
> I have the similar problem.. !!
>
> I installed testlink and running using nginx.
>
> Sometimes.. Testlink hangs .. and I need to restart NGINX to get going.
>
> 6380#6120: *524 WSARecv() failed (10054: An existin
Hello!
On Tue, Mar 17, 2015 at 06:25:51AM -0400, rbqdg9 wrote:
> Maxim Dounin Wrote:
> ---
> > If you see problems with nginx 1.7.9, consider following hints
> > at http://wiki.nginx.org/Debugging.
> I think it will not help (at least if not di
@itpp, you're right but even if we can partially solve this problem, it'll
be sufficient for us. Well, using below method worked in our case :
location ~ \.(mp4)$ {
mp4;
root /var/www/html/conversion;
expires 1d;
valid_referers server
and yes, upgrade to libressl 2.1.5 didn't solve this.
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,256381,257315#msg-257315
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Which can all be faked (eventually), build some kind of
validation/authentication system before launching your app.
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,257269,257314#msg-257314
___
nginx mailing list
nginx@nginx.org
http://mailman.
Maxim Dounin Wrote:
---
> If you see problems with nginx 1.7.9, consider following hints
> at http://wiki.nginx.org/Debugging.
I think it will not help (at least if not did by anyone who really knows
both openssl and nginx internals).
the problem
@itpp, as i sent the logs above that referer_header for android requests
are empty, maybe blocking requests based on empty referer_header will
partially resolve our issue ? Following is the config i used to block empty
referer_header but in vain.
valid_referers server_names ~.;
if ($invalid_refere
I'd use some kind of authentication based on a user logging in before
allowing use of a service, an encrypted cookie or something along that line.
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,257269,257303#msg-257303
___
nginx mailing list
"The OpenSSL project team would like to announce the forthcoming release
of OpenSSL versions 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf.
These releases will be made available on 19th March. They will fix a
number of security defects. The highest severity defect fixed by these
releases is classified as "hi
@itpp thanks for suggestion but the problem is , this is the invalid way of
blocking requests belong to android and the reason is , our official
android app will be releasing soon and filtering based on this user-agent
will block valid users as well. So we need something different such as,
adding s
Hi,
Sorry for spamming but I'm in deep trouble.
I've accidentally overwritten /etc/nginx/site-availabe/default with some
xyz file. I'm using Ubuntu 14.04. The server is still running. Is there any
way I could recover the config file.
Note: Recovering the default file is very important for me.
T
42 matches
Mail list logo
