On Friday, 3 February 2023, Saint Michael wrote:
> I have a reverse proxy but the newspaper that I am proxying is
> protected by cloudflare, and the block me immediately, even if I use a
> different IP. So somehow they know how to identify my reverse-proxy.
> How is my request different than a r
ins anchor
This is a fallback for clients not matching us.wottot.com.
You probably have a "default" ssl server in your configuration that is
still pointing to a path that you did not cleanup. You should only
define this certificate once in your nginx configurations, not
multiple ti
ot replace your own certificate. It
replaces the unrelated root certificates.
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate
> the primary certificate comes first, then the intermediate certificates
So the file needs to contain
On Mon, 14 Nov 2022 at 21:09, Lukas Tribus wrote:
>
> On Mon, 14 Nov 2022 at 21:00, James Read wrote:
> >
> >
> >
> > On Mon, Nov 14, 2022 at 5:58 PM Lukas Tribus wrote:
> >>
> >> On Mon, 14 Nov 2022 at 17:31, James Read wrote:
> >>
On Mon, 14 Nov 2022 at 21:00, James Read wrote:
>
>
>
> On Mon, Nov 14, 2022 at 5:58 PM Lukas Tribus wrote:
>>
>> On Mon, 14 Nov 2022 at 17:31, James Read wrote:
>> >
>> > I have configured SSL on a number of subdomains including
>> > http
sues:
https://www.ssllabs.com/ssltest/analyze.html?d=us.wottot.com
-lukas
___
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-le...@nginx.org
3)
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1
verify return:1
depth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
verify return:1
depth=0 CN = www.google.com
verify return:1
[...]
cheers,
lukas
___
nginx mailing list -
ule --with-mail --with-stream
--with-openssl=objs.msvc8/lib/openssl-1.1.1m
--with-openssl-opt='no-asm no-tests -D_WIN32_WINNT=0x0501'
--with-http_ssl_module --with-mail_ssl_module --with-stream_ssl_module
C:\nginx-1.21.6>
Lukas
___
nginx m
ps://github.com/drwetter/testssl.sh
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
ill still be
necessary, even if it is pretty much default.
regards,
lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
wastes huge amount of storage while caching the same object
on multiple layers.
What I'd suggest instead is setup a load balancer with URI hashing
in front of it, so the cache hit ratio is as high as possible without
multiple layers caching the same object.
Lukas
__
Hello,
starting with nginx 1.11.11 you can use worker_shutdown_timeout
to limit the amount of time workers stall the shutdown.
However, you will still have increased memory usage.
You will always have increased memory usage while soft reloading.
If you cannot accept that, then you have to stop
ported by pretty much
every browser in a stable release [1].
On linux, you need to install a codec like ffmpeg, but that still beats
flash.
I suggest you invest your time in HTML5 video and current technologies,
instead of the obsolete Adobe Flash with its URI based pseudo streaming.
cheers,
Hello,
> Also, has anyone tried using nginx for DNS load balancing in production?
I would not recommend using nginx to load-balance DNS traffic at all.
nginx is just a dumb UDP proxy and I doubt it performs well enough
in a DNS setup.
dnsdist [1] is written with this purpose in mind and used in
t in an isolated environment, then you can
debug on the client site and on the nginx side.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
e on a test box:
Just trying to wrap my head around this: if we have 100 request per
second of this, we block the event loop for 400 milliseconds every
1000 milliseconds, is that a correct understanding?
Thanks,
Lukas
___
nginx mailing list
nginx
event-driven webserver?
Bcrypt is intentionally slow, I assume having a lot of bcrypt
protected HTTP transactions would block nginx causing it to slow
down severely?
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
le on the backend side.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
y fixable.
Either that or we do it like Apache (returning file abc when the request
is GET /abc xyz HTTP/1.1), but that is still inconsistent and I don't like
it personally.
Thanks,
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/ma
peeringdb/peeringdb/issues/132
cheers,
lukas
[1] https://trac.nginx.org/nginx/ticket/196
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
only actively used for
encryption on the next reload, so regardless which server the client hits,
it always has an uptodate TLS ticket key, allowing decryption.
cheers,
lukas
[1]
https://cbonte.github.io/haproxy-dconv/1.7/management.html#9.3-set%20ssl%20tls-key
[2]
http://n
> But, just curios, why IPv6 upstream can't serve the traffic?
Because if you configure IPv6 on your system but don't have
IPv6 connectivity, it will try and fail.
> If I access the IP Address using browser, it's normal.
Because the browser probably recognizes the broken
configuration and work
:
set $blablaserver "dual-stack-ipv4-ipv6.xtremenitro.org";
server $blablaserver;
Not sure if that works with upstream servers, it does work with proxy_pass.
cheers,
lukas
[1] http://man7.org/linux/man-pages/man5/gai.conf.5.html
___
nginx ma
> which they don't like )?
Obviously there is no correct/matching certificate for this domain name
in the first place, otherwise we wouldn't be in this situation.
As I said, the best way would be to drop the TLS handshake, but nginx
doesn't support this afaik.
Lukas
__
a very common configuration.
Besides, I did provide suggestions about the only way to handle this in nginx
(return specific error codes or certificates from the default server block) and
what would be ideal instead (aborting the TLS handshake like haproxy does
with strict-sni enabled).
lukas
_
> > Any real life experience and evidence backing this?
> yes
Care to elaborate?
> Not sure why you're doubting me here Lukas. Yes, this is a problem. No
> I'm not making it up.
We know that crawlers like Googlebot try HTTPS as well, even if there is no
https link
olution ( nginx of course! )
If this is a real problem (which I doubt), I guess you could just
serve a 403 Forbidden from the default hosts.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> 4 threads and 4 CPU (both for apache and nginx) with 100% CPU load on test
> So, what's the answer now about the http/https (4600/550) ratio for the
> specific case I presented?
It should perform the same as Apache in this case.
___
nginx mailing list
> I agree but I think that separate/different simultaneous users won't use a
> common connection so for this very specific scenario keep-alive won't
> matter. Of course for every individual user keep-alive will matter but this
> aspect for the moment I won't to ignore in testing.
It does matter, a
> I'll do it but I guess the test will no longer be so relevant because I want
> to simulate different users.
Real user/browser DO keep-alive. Sendings thousands of requests per
second in dedicated TLS session is not what you would see in real life
from real users.
> Anyway, the question is in
code too, but it is way more complicated.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
I have a question: secure_link is correctly blocking those requests so its not
generating any traffic.
Why does it bother you then, if it is already blocked?
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> @Lukas do you mean something like this
Yes, that's what I mean.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
]
> with the P-256 elliptic curve [FIPS186].
So as I said initially, using keyfiles is the way to go, you cannot always
change your production configuration for a sniff anyway, and you may not always
have access to the server. So better get familiar with the keyfile ha
Hello,
On 08/16/16 07:37, Lukas Tribus wrote:
>> I use nginx 1.11.3 with nginx upload module.The problem is that Nginx upload
>> module don't support HTTP/2 and thus when you upload you get 500 Internal
>> Error.
>
>> Use a dedicated subdomain, like upload.myweb
isable http2 just
> for the upload and enable it for the rest
This cannot work. The protocol is set in stone before a request is emitted,
therefor you cannot select the protocol based on the location.
> server_name mywebsite.com/upload;
That's not a valid server_name. A server
H:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
> into
> ssl_ciphers "AES128-SHA";
This cannot work, HTTP/2.0 only always certain ciphers [3]. The fact the it
works in Apache means Apache violates the RFC.
Also see nginx manual [4].
Regards,
Lukas
[1]
https://jimshaver.net/
se at this time.
Correct. It has been stated multiple times that mainline is the suggested
branch for HTTP2 use and that statement is still true.
So yes, do not use the stable branch if using HTTP2.
Lukas
___
nginx mailing list
nginx
> Any solution other than switching to
> https://launchpad.net/~nginx/+archive/ubuntu/development (wich scares the
> skull out of me, since this is a production server)?
Use nginx provided binaries if compiling from source is not an option:
http://nginx.org/en/linux_packages.html#mainline
___
> Even adding the valid parameter the issue was not solved.
And what is the issue actually? Just saying "DNS caching issue"
and "problem" isn't really helpful.
___
nginx mailing list
nginx@nginx.org
http://mail
> I updated nginx but the problem persists.
>
> Could it be some sort of misconfiguration of my nginx?
No, but I suggest you try reconfiguring your cipher suites anyway to
exclude anything kerberos related like previously suggested
> nginx version: nginx/1.2.6
> built by gcc 4.4.4 20100726 (Red Hat 4.4.4-13) (GCC)
> [...]
> CentOS 6.7 server
Try disabling kerberos cipher suites [1], you may be hitting
some obscure CentOS/RedHat libc issues [2].
[1]
https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=ngin
> When ssllabs tests for deprecated cipher suites, it stays there forever.
> I have to close the ssllabs test page and then my nginx server stays down
> until i restart it.
Please provide the output of nginx -V.
___
ng
say anything about purging the TLS/SSL Cache which is my
> concern here.
I don't think the sessions are purged, its probably an LRU.
Lukas
[1] http://hg.nginx.org/nginx/rev/d049b0ea00a3
[2] https://www.openssl.org/docs
distribute it to all servers, never
touching a permanent storage (don't save to disk, use something like
tmpfs).
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
errors
Apply this patch:
http://hg.nginx.org/nginx/rev/ff1e625ae55b
Or pull latest source code from the repository.
Regards,
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> also stated "In Linux (and most other Unix based systems) ports below 1024
> need to be opened using the root user. So you need to start NGINX as root
> which will open the port and then drop down to an unprivileged user for the
> port."
>
> Is there a way to achieve this?
Configure the user dir
() to 0.0.0.0:80 failed (13: Permission denied)
>
As user gvp, do you run
sudo /etc/init.d/nginx start
or
/etc/init.d/nginx start
?
The former works, at least for me.
--
Lukas Ruf <http://www.lpr.ch> | Ad Personam
Consecom &l
> Lukas [2016-01-28 22:04]:
>
> > rai...@ultra-secure.de [2016-01-28 15:12]:
> >
> > a customer has this in his .htaccess file (among other things):
> >
> > RewriteCond %{REQUEST_FILENAME} !-f
> > RewriteCond %{REQUEST_FILENAME} !-d
> > RewriteRule
ly sure about the notation in nginx but for regexp what
about:
> location ~* ^(.+)\.(\d+)\.(js|css|png|jpg|gif|gzip)$ {
location ~* ^(.+)\.([\d\.]+)\.(js|css|png|jpg|gif|gzip)$ {
wbr
Lukas
--
Lukas Ruf <http://www.lpr.ch> | Ad Personam
Consecom <http://www.consecom.com> | Ad
Dear all
> Lukas [2016-01-10 14:39]:
>
> Fascinated by nginx, I attempted to integrate it with modsecurity.
>
> Unfortunately, ever when modsecurity is enabled, nginx reports a
> sefault in sysmessages.
>
I tried debugging the issue a bit further (from a user perspective)
deny all;
}
access_log /var/log/nginx/access.log upstreamlog;
error_log /var/log/nginx/error.log debug;
}
Thanks.
wbr.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Hi Felipe
> Felipe Zimmerle [2016-01-11 17:12]:
>
> On Sun, Jan 10, 2016 at 11:05 AM Lukas wrote:
>
> > I found that recommendation. Since I also read that it would not be
> > fully compatible with OWASP/CRS I have not given it a try.
> >
> > What
> Hello,
>
> I'm currently investigating an issue with Linux (3.13.0), nginx (1.6.2),
> vmxnet3 (1.2.0.0-k-NAPI), IPv6 connections and large receive offload (LRO)
> enabled. The workflow we are investigating is a POST of a small file (jpg)
> towards a php5-fpm pool.
>
> From a network (tcpdump) poi
r your hint.
I found that recommendation. Since I also read that it would not be
fully compatible with OWASP/CRS I have not given it a try.
What is the situation regrading OWASP/CRS?
wbr
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> Rainer Duffner [2016-01-10 14:46]:
>
>
> > Am 10.01.2016 um 14:39 schrieb Lukas :
> >
> > Unfortunately, ever when modsecurity is enabled, nginx reports a
> > sefault in sysmessages.
> >
> > Searching the web did not reveal any solution, i.e.
continued
crashing.
Thank you for any hint on solving this issue.
Please find next information related to my setup including some logs.
wbr, Lukas
==
My current setup:
Platform: Linux/4.3.3 running on Debian/wheezy
nginx: self-compiled from sources according to
https://blog.stickleback.dk/nginx
].
Regarding TLS:
There are some efforts in both linux [2] and FreeBSD [3] to implement
TLS in-kernel; leveraging kernel features like sendfile() while sending
it through a in-kernel crypto stack.
I'm not saying splice() is a must-have; I certainly don't need it
personally, but there
id the IPv4 bind.
Same goes for 443/ssl.
Imho, what you want is just listen to both address-families
(without declaring IPv6):
listen 80;
listen 443 ssl;
Regards,
Lukas
[1] http://nginx.org/en/docs/http/ngx_http_core_module.html#
the user-agent
There is no one to blame other than the original host.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
and redirect that request to HTTPS.
What you need is to look at is the scheme indicated in the Referer header.
However be advised that there are certain combinations where the Referer
is blank (a HTTP frame embedded in a HTTPS site).
Lukas
> Yes I know,
> but it's very strange situation that can't understand. Code is the same,
> nothing is changed. Only nginx version and http2 support on host.
nginx 1.9.5 has a bug (#800): $server_protocol is empty on HTTP2.
This is fixed in nginx 1.9.6, so with 1.9.6 PHP/FCGI for
the first time see
> Thanks Lukas! I tried configtest but with 100k files in conf.d, it
> takes 3 minutes to finish, during which time there may be another file
> dropped in conf.d and trigger another configtest. This sometimes causes
> several config test running at the same time.
> A reload on
sting the config first is what you should do.
Lukas
[1] http://nginx.org/en/docs/control.html#reconfiguration
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> Ah, this is probably the problem:
>
> built with OpenSSL 1.0.1f 6 Jan 2014
It is. ALPN is supported only in the 1.0.2 branch.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.or
> I'm attempting to deploy http2 with nginx 1.9.6 using teward's Ubuntu
> packages (https://launchpad.net/~nginx/+archive/ubuntu/development). I've
> got openssl 1.0.2d on both client and server and I'm testing with Chrome
> Canary and Firefox 41.0.2.
Post "nginx -V" output.
> I was under the impression that SPDY support had been dropped from
> NGINX altogether -
> however http://nginx.org/en/docs/http/ngx_http_core_module.html#listen
> seems to suggest it might still be possible to select it.
Yeah up until 1.9.4:
> The spdy parameter (*1.3.15-1.9.4*) allows accept
st: nginx.org\n\n"
> |nc -6 -i 10 nginx.org 80
> Ncat: Idle timeout expired (1 ms).
Looks like an MTU issue then (small response OK, big responses timeout).
Check if you correctly clamp MSS on IPv6.
Lukas
___
80
Use HTTP/1.1 to get proper errors back and use
the Host header to actually hit the correct website.
IPv6 and IPv4 behaves the same.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
eds to differentiate between "site.com" and "site.com/",
which a) you are not doing and b) is not possible, as its the same exact HTTP
request.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
HTTP works.
You can only do this with subdirectories, in both nginx
and apache (and every other webserver for that matter),
because both of the following requests are valid:
"GET example.com/subdir/ HTTP/1.1"
or
"GET example.com/subdir HTTP/1.1"
But *not* with &
ut parsing) of the
actual HTTTP request, imho.
In reality $request_time accounts for the complete request, response and
logging, so yes, you are right.
This is clearer in [1] then it is in [2]:
> between the first bytes were read from the client and
> *the log write after the last bytes w
rt somehow
> the total time necessary to read all the packets of a particular HTTP query?
> I was thinking that if available, I could add it to the HTTP query in the
> form of an HTTP header? If not, how easy would it be to implement such a
> mechanism?
What about
> I think this is synchronize operation.
What backend protocol? HTTP/TCP? That not blocking at all, no need
to improve anything. What the thread pool currently improves is
sendfile() I/O operations.
Lukas
___
ngi
Hi,
> I tried to not fail the nginx server if ssl cert is not available.
You do that by checking the config first (nginx -t), if successful,
then you reload. This is the proper way to do it.
> Also i do not believe its proper to fail the entire server if one
> server block fails.
It is.
> Some errors are still present:
>
> [emerg] 19351#19351: duplicate listen options for 0.0.0.0:80 in ...
>
> Is there a way to use "reuseports" for multiple locations?
You have to declare it once and only once.
Please read:
http://nginx.org/en/docs/http/ngx_http_core_mo
balancing, that will fix your issue.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> i testing this site, "https://tools.keycdn.com/freak";
>
> result message : Vulnerable! The domain www.ktkumhorent.com:443 is
> vulnerable to the SSL FREAK attacks.
Right, also see:
https://www.ssllabs.com/ssltest/analyze.html?d=ktkumhorent.com
Your site is extremely vulnerable, it even allows
> i was update nginx-1.7.12 version.
> but, same error.
What error? How exactly do you come to the
conclusion that your site is vulnerable?
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailma
enssl-1.0.1m.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> Hello
>
> I'm running Nginx installed from the nginx.org repos on a Ubuntu Server
> 14.04.
> There are about a dozen different sites running on this server, mostly using
> PHP-FPM backend.
They are gonna need a backtrace from that coredump:
http://wiki.nginx.org/Debu
>> Debian stable ships PHP 5.4.39, it doesn't make any sense to use
>> dotdeb.
>
> i've gemoved the dotdeb php package and installed the php that is shipped by
> debian.
Get a coredump and open a debian bug with the backtrace, here's how to
do it:
https://rtcamp.com/tutorials/php/core-dump-php5-fp
> installed on a openVZ VPS with 24GB Ram and 12 Cores also tested on a
> physical machine with 32GB ram and 8 cores. both managed with ISPconfig3.
>
> PHP 5.4.39-1~dotdeb.1 (fpm-fcgi) (built: Mar 22 2015 08:08:54)
> nginx/1.6.2
> mysql
PHP crashes, report the problem to whoever is providing suppo
tributions, not some github fork and don't
configure any "engines" in nginx.
Best thing for you to do is to used precompiled binaries from nginx.org
or your linux distro, instead of compiling them on your own.
Lukas
__
changes in nginx, seems like a never
ending cat and mouse game.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
idn't remove this
definition.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> We've been unable to reproduce it with any one browser or IP address. It
> really is very intermittent. Fortunately, I believe we've gotten to the
> bottom of this. It looks like our data center switched us over to anti-DDoS
> route. This means all of our traffic has been passing through hardware
> I just finished running an experiment that has shed some light on the issue.
> It has not yet been solved though.
>
> I setup another nginx server with the same configuration with an upstream
> app that always responds with HTTP 200. I included JS on each page load in
> production to make a singl
ad every single certificate in that
directory for you (at startup), and it will handle those certificates based on
SNI.
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
working configuration.
Regards,
Lukas
[1] https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
nformation, not an error
in this context, and is expected (for example kqueue is a BSD feature, you
don't have it on linux).
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> I guess are running with an nginx executable from a third party, that has
> been linked to an older release of openssl.
Since you can reproduce it with openssl s_client, it probably is more
complicated than that.
can you provide an ssldump of the failed connection attempt?
id you install it (for example did you install openssl and nginx via
apt-get from original ubuntu repositoriers, or did you install from nginx
repository or from source)?
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
you read that? From the information you provided, there
is no way to understand the issue here at all.
Reproduce this with nginx in debug mode, post the output and better
yet, post an ssldump sample of the failed hand
e or patch libressl by removing the
TLSEXT_TYPE_application_layer_protocol_negotiation symbol definition:
http://pastebin.com/raw.php?i=ZQ5peJvL
Lukas
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
S. This way,
you can tunnel plaintext SPDY to a nginx backend, without
changing your architecture or replacing the frontend proxy software,
as long as the frontend is capable of negotiation via NPN or ALPN.
Lukas
_
loading and never ends. https spdy works normally.
>
> I'm using nginx 1.7.8.
>
> Is http spdy supported?
There is no HTTP SPDY. Plaintext SPDY has a single use-case:
when a frontent proxy handles SSL/TLS and negotiates (via NPN
or ALPN) SPDY.
You can not connect to pl
which
safeguards SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS?
Lukas
nginx-safeguard-SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS.diff
Description: Binary data
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
> I don't understand this "upstream" "upstream" "upstream backend server".
> The upstream is served by fastcgi - fpm.sock on my own server. How do I
> attend this problem?
> Where do I dig exactly?
PHP or its FastCGI/FPM interface.
_
It heavily depends on the mp4 file used. moov atom needs to be at the beginning
of the file, for example. Get mp4box and read its doc, it will help you prepare
the file for streaming.
> To: nginx@nginx.org
> Subject: Re: Nginx serving Large static files on windows
> From: nginx-fo...@nginx.us
>
1 - 100 of 188 matches
Mail list logo
