Re: Disable NGINX caching 304 Responses from Origin Server

Hi! Have you used the proxy_cache_valid ? Maybe you can add this directive to disable the 304 cache explicitly. proxy_cache_valid 304 0; On 24 July 2017 at 23:20:35, Ryan Barclay (r...@rbftpnetworks.com) wrote: We ha

Re: Matt Wilcox's Setting up a (reasonably) secure home web-server with Raspberry Pi 'howto'

Thanks. Sorted :-) John On 24 July 2017 at 22:20, Viaduct Lists wrote: > I’ve done the same. > > Try listen port 8080, as anything < port 1024 needs to run as root. Then > in your url, enter hedge.local:8080. Shove hedge.local into your > /etc/hosts file and point to the proper IP. But you n

Re: Buffering issues with nginx

On Mon, Jul 24, 2017 at 12:24:43PM -0400, Dan34 wrote: Hi there, > I did some logs on my proxy test and compared results with wireshark trace > at some random point in time (t=511sec) > And numbers match exactly between logs and wireshark. Out of interest -- are these buffers especially big bec

Re: Buffering issues with nginx

I did some logs on my proxy test and compared results with wireshark trace at some random point in time (t=511sec) And numbers match exactly between logs and wireshark. This is a log line from my test proxy: time: 511s, bytesSent:5571760, down:{ SND:478720 OUTQ:280480 } up:{ RCV:5109117 INQ:38370

Disable NGINX caching 304 Responses from Origin Server

We have a pretty simple setup with NGINX sitting on the front and a backend server (on a separate physical server) that provides the content. Nginx then caches content based on the EXPIRES and Cache-Control headers set by the origin server. We noticed that NGINX was not issuing 304 headers to

Re: Buffering issues with nginx

I wrote my own proxy and it appears that the data is all stuck in socket buffers. If SNDBUF isn't set, then OS will resize it if you try to write more data than remote can accept. Overall, in my tests I see that this buffer grows to 2.5MB and in wireshark I see that difference grows up to 5MB. As d

Re: How to rate-limit jorgee malware scanner?

You should be running the rate limiter already. But note every legitimate request is also limited, not just jorgee. I find anything less than 10 requests a second visually (as in interpreted by a human) slows down how the page loads. Say you run htperf on your server. I don't recall my exact numb

Re: How to rate-limit jorgee malware scanner?

Hi all, Unfortunately, its impossible to use limit_req within the http location using a "if" statement like so: http { limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; if ($http_user_agent ~* (Jorgee)) { limit_req zone=one burst=5; return 403; } } As a workaround I use limit_

Re: Matt Wilcox's Setting up a (reasonably) secure home web-server with Raspberry Pi 'howto'

I’ve done the same. Try listen port 8080, as anything < port 1024 needs to run as root. Then in your url, enter hedge.local:8080. Shove hedge.local into your /etc/hosts file and point to the proper IP. But you need to enter the port number in that url to fetch it on the LAN. > On Jul 23,

Re: How to rate-limit jorgee malware scanner?

Hi! Nginx carries with the limit_req_module . I think it is a good helper. On 24 July 2017 at 20:10:05, Gary Sellani (li...@lazygranch.com) wrote: I just detect the use agent and return 444, but every attempt to get a file will show

Re: How to rate-limit jorgee malware scanner?

I just detect the use agent and return 444, but every attempt to get a file will show up in your access.log. https://www.buildersociety.com/threads/block-unwanted-bots-on-apache-nginx-constantly-updated.1898/ I get two or three jorgee "sessions" a day. They tend not to use the domain name but

post_action

Hi All, As post_action is no longer documented could someone tell me if post_action will be dropped from future releases, should I use it? Thanks. Jonathan ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

How to rate-limit jorgee malware scanner?

Hi, The Jorgee malware scanner is creating a lot of activity on my site. I would like to rate-limit its connections to nginx based on the User-Agent, since blocking all IP addresses with iptables seems impossible. Is their a quick way of doing this ? Thank you in advance , E -- Etienne Rob

Re: Specify a Vary: Accept-Encoding header

Phillip, Right now this Rails website is almost too slow to tune, and so you will need to make some radical changes that you might later choose to undo. You should run the rails app in production mode, which, by default will cache everything. That should give you th breathing room needs dto ru