Wow that looks promising. Can't try until tomorrow because it's 2am but I'll
try first thing tomorrow. From a best practices point of view would one
solution be better than the other assuming both work? The second suggestion
seems more straight-forward and avoids patches/fixes which is a good th
Sergey -
Thanks for the quick reply.
Note I am not asking after format of message content akin to what's available
for access_log,
just the interpretation of the numerical parts of the apparent pattern in the
error_log messages posted:
"[] # : "
Perhaps you mean even the "[] #" isn't fixed or
Is there documentation for the format of error messages nginx posted to
error_log?
Specifically, following the level in square brackets are two numbers separated
by '#'; what do these represent?
For instance, the message on the page Advanced Configuration with Snippets |
NGINX Ingress
Controlle
listed in:
http://nginx.org/en/docs/mail/ngx_mail_core_module.html
http://nginx.org/en/docs/mail/ngx_mail_proxy_module.html
http://nginx.org/en/docs/mail/ngx_mail_smtp_module.html
Any ideas how to achieve this?
Thanks
Scott
___
nginx mailing list
nginx
Hi All,
I am having difficulty forcing downloads of mp4 files with a ?download
query in the url.
I am proxying files from an s3 bucket like this
location ~* ^/myvideo/content/(.*) {
set $bucket 'mys3buket.domain.com';
set $aws_access 'my_aws_access_key';
set $aws_s
I'm currently looking at swapping out some of our Apache web servers for
Nginx to act as a reverse proxy.
One of my issues is that I need, at least in the short term, for the log
format to remain the same.
I have two issues that are cropping up.
The first is that with my current configuration I
data in my case is that the upstream server times out when it
doesn't read data for 30 seconds, so there is a 30-second period where
the socket buffers are clear on both sides (yet nginx doesn't continue
to send up the data).
-Scott
On 6/22/18 4:25 PM, scott.o...@oracle.com wrote:
that the writev()
never gets a partial write -- it is to make the partial writev scenario
actually work.
-Scott
On 6/22/18 4:18 PM, Peter Booth wrote:
How large is a large POST payload?
Are the nginx and upstream systems physical hosts in same data center?
What are approx best case / typic
also tried on
keepalive_timeout 60s;
keepalive_requests 200;
open_file_cache max=2000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
gzip on;
gzip_types text/plain text/css text/javascript text/xml
application/x-javascript application/xml;
gzip_min_length 500;
gzip_comp_level 7;
Everything works fine if the upstream reads data fast enough; it's only
when nginx gets a partial write upstream that there is a problem. Am I
missing something here?
-Scott
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
i thought this would work but for some reason it doesn't.
location /auth {
auth_basic_user_file /etc/nginx/.htpasswd;
auth_basic "Secret";
return 200 'hello';
}
When i specify the return, 200 or 301, it just skips the auth_basic and
processes the return statement.
If i comm
Suggest looking at gitlab:
https://about.gitlab.com/downloads/
It works well with Nginx and meets most needs for version control. If you
stick with the standard bundle and plugins then your upgrade management for
gitlab will remain clean and simple.
IMHO
On 31 Oct 2015 16:40, "Francis Daly" wro
uild nginx
from source with that option enabled.
*[image: userimage]Scott Larson[image: los angeles]
<https://www.google.com/maps/place/4216+Glencoe+Ave,+Marina+Del+Rey,+CA+90292/@33.9892151,-118.4421334,17z/data=!3m1!4b1!4m2!3m1!1s0x80c2ba88ffae914d:0x14e1d00084d4d09c>Lead
Systems Admini
The mod_security module for nginx does require libapr-1.
*[image: userimage]Scott Larson[image: los angeles]
<https://www.google.com/maps/place/4216+Glencoe+Ave,+Marina+Del+Rey,+CA+90292/@33.9892151,-118.4421334,17z/data=!3m1!4b1!4m2!3m1!1s0x80c2ba88ffae914d:0x14e1d00084d4d09c>Lead
S
ES128-SHA:RC4-SHA:RC4-MD5:DES-CBC3-SHA;
*[image: userimage]Scott Larson[image: los angeles]
<https://www.google.com/maps/place/4216+Glencoe+Ave,+Marina+Del+Rey,+CA+90292/@33.9892151,-118.4421334,17z/data=!3m1!4b1!4m2!3m1!1s0x80c2ba88ffae914d:0x14e1d00084d4d09c>Lead
Systems Administrator[im
*[image: userimage]Scott Larson[image: los angeles]
<https://www.google.com/maps/place/4216+Glencoe+Ave,+Marina+Del+Rey,+CA+90292/@33.9892151,-118.4421334,17z/data=!3m1!4b1!4m2!3m1!1s0x80c2ba88ffae914d:0x14e1d00084d4d09c>Lead
Systems Administrator[image: wdlogo] <https://www.wiredrive.com
I can second the fact FreeBSD + nginx is a rocking combo. We've been
running that for years under ever increasing traffic and it only requires a
few basic adjustments to the OS, even fewer in 10 since a lot of system
defaults were cranked up for modern times. Our current hardware handling
ngin
quot; This
> is not really a problem from what I have read but I will spend a little
> time trying to figure how to correct this also.
>
> On Tue, Dec 30, 2014 at 2:38 PM, Scott Larson wrote:
>
>> That test should point you in some direction but you're probably
&g
That test should point you in some direction but you're probably
missing an intermediate certificate which would normally be provided by the
issuer and appended to the file containing your server certificate.
*__Scott LarsonSystems AdministratorWiredrive/LA310 823
8238 ext.
Without knowing everything in the mix my first thought would be the
NFS head node is being tapped out and can't keep up. Generally you'd solve
this with some type of caching, either at a CDN level or you could look at
the SlowFS module. I've not checked to see if it still compiles against the
If you're using nginx as a reverse proxy you'll want a cert set up on
that node. Without it, worst case is your link between the proxy and the
IIS server is secure but your link between the remote client and the proxy
will be insecure defeating the whole purpose. Best case is an error will be
requiring SSL, then I’m going to do
it right and not be rolling out potentially compromised
libraries/protocols/ciphers.
__
Scott Larson
Systems Administrator
Wiredrive/LA
310 823 8238 ext. 1106
310 943 2078 fax
www.wiredrive.com <http://www.wiredrive.com/>
www.twitt
/1.0.1i combo.
__
Scott Larson
Systems Administrator
Wiredrive/LA
310 823 8238 ext. 1106
310 943 2078 fax
www.wiredrive.com <http://www.wiredrive.com/>
www.twitter.com/wiredrive <http://www.twitter.com/wiredrive>
www.facebook.com/wiredrive <http://www.wiredrive.com/fac
The CA will never provide a key, if this was a simple renewal of the
existing certificate the key already in place would be the one to reuse.
One thing to note however is that SHA1 is being aggressively phased out now
due the the Google policy change with Chrome. If that matters to you,
you'll
Something else must be going on here. Looking at your ssl_cipher
string, you're opening with a rough declaration of specific ciphers you'll
support, none of which should pull in RC4. It's specific enough in fact
that your subsequent excluded ciphers don't even come into play. To test
this I sw
I'm personally partial to just outright declaring my supported ciphers
rather than using the exclusion bits. My personal server is aggressively
strict, the setup for our production gear is much less so. Either way it
allows me to know exactly what's available to clients.
For lunatics with DSA
Frankly it sounds more like laziness or being averse to change. All I
can relay is experience with our setup here which is purely FreeBSD with an
internal Poudriere based package build server, and system/config management
with Salt. Taken as a whole it's a painless and relatively trivial proce
t; On Mon, Jul 07, 2014 at 02:39:32AM -0400, Ron Scott-Adams wrote:
>
>> I’m not having much luck trying to configure this site the way I want. I’m
>> modifying http://wiki.nginx.org/Piwik to suit a case in which it is served
>> out of a subsite location, e.g. example.co
I’m not having much luck trying to configure this site the way I want. I’m
modifying http://wiki.nginx.org/Piwik to suit a case in which it is served out
of a subsite location, e.g. example.com/stats.
I’ve created 2 configuration files. One is included outside the server sections
of the main si
I'm not personally a fan of telling nginx to glob all .html files for
PHP processing, but maybe that's just me and unrelated. If other PHP apps
are working I'd dig into the logging for that. Generally when I run into
situations like this it has nothing to do with nginx and instead is
something
standard practice when I don't have lots of resources for
> servers.
>
> Thanks,
>
> Tony
>
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,242426,248937#msg-248937
>
> ___
> nginx mailing list
> n
In setting up OCSP stapling on 1.5.10 I've found it behaving in a way
which is opposite to what I perceive is documented. There it states that
the contents of ssl_trusted_certificate are not sent to the client. However
when I enable ssl_stapling_verify, which requires the inclusion of in this
in user, and that's simpler since that
process only needs to communicate via local sockets.
--
Scott Ribe
scott_r...@elevated-dev.com
http://www.elevated-dev.com/
(303) 722-0567 voice
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
uld corrupt the old emulation layer so completely that it would not run
at all until you rebooted the server (even killing and restarting the "blued"
stuff would not do it).
Enjoy yourself; I sure as hell did not ;-)
--
Scott Ribe
scott_r...
a different one. Sorry for the noise.
--
Scott Ribe
scott_r...@elevated-dev.com
http://www.elevated-dev.com/
(303) 722-0567 voice
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
u have configured things that way...)
--
Scott Ribe
scott_r...@elevated-dev.com
http://www.elevated-dev.com/
(303) 722-0567 voice
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
R's exception handling is returning that page to nginx.
So I know exactly what to do ;-)
--
Scott Ribe
scott_r...@elevated-dev.com
http://www.elevated-dev.com/
(303) 722-0567 voice
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org
So I'm in the early stages of rolling out a system to production, and a few app
errors are cropping up that didn't get caught in testing, and it occurs to me:
it would be nice if the default "we're sorry, but something went wrong" error
page could include a timestamp
ow and that's why
you're assuming you know what we mean by "run php" or "echo text"...)
--
Scott Ribe
scott_r...@elevated-dev.com
http://www.elevated-dev.com/
(303) 722-0567 voice
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
l getting the error as mentioned in subject
>
>
> On Sun, Jul 14, 2013 at 4:27 AM, Scott Ribe
> wrote:
> From nginx to something upstream? (That's what I meant.)
>
> On Jul 13, 2013, at 4:54 PM, Atul Bansal wrote:
>
> > ya
> >
> >
> > On Su
>From nginx to something upstream? (That's what I meant.)
On Jul 13, 2013, at 4:54 PM, Atul Bansal wrote:
> ya
>
>
> On Sun, Jul 14, 2013 at 4:22 AM, Scott Ribe
> wrote:
> On Jul 13, 2013, at 4:48 PM, Atul Bansal wrote:
>
> > The log error that i am gettin
On Jul 13, 2013, at 4:48 PM, Atul Bansal wrote:
> The log error that i am getting is when I try to run any php file in my
> browser.
Are you trying to pass requests to PHP over port 80?
--
Scott Ribe
scott_r...@elevated-dev.com
http://www.elevated-dev.com/
(303) 722-0567
3, at 12:40 PM, Scott Ribe wrote:
> I'm getting this error after installing the certificate & key:
>
> [emerg] 809#0: SSL_CTX_use_PrivateKey_file("/paging/site/config/server.key")
> failed (SSL: error:0B080074:x509 certificate
> routines:X509_check_private_key:ke
rted over with a new csr, thinking I had screwed up
and used the wrong key or something), and am still getting the error. I've
double-checked to make sure that nginx is using the config file I expect, and
that it specifies the correct locations for the cert & key.
How should I proceed in
"%Y-%m-%d %H:%M:%S" or 2013-05-14 15:40:21
- Original Message -
> That format doesn't fulfill my need though. It's close.. but not quite a
> match. I need this format:
>
>
> - Original Message -----
> > On 15 May 2013 10:13, Casey Scott wr
That format doesn't fulfill my need though. It's close.. but not quite a match.
I need this format:
- Original Message -
> On 15 May 2013 10:13, Casey Scott wrote:
> > From what I can tell, iso_8601 is a specific format. Do you mean that I can
> > mani
>From what I can tell, iso_8601 is a specific format. Do you mean that I can
>manipulate it?
Thanks,
Casey
- Original Message -
> Yes, it is possible.
>
> See http://nginx.org/r/log_format, or, more specifically, $time_iso8601
>
> C.
>
> On 15 May 201
Is it possible to format the time Nginx uses in access.log to match this?
"%Y-%m-%d %H:%M:%S" or 2013-05-14 15:40:21
My goal is to have Nginx access logs match the time format of the rest of our
environment so that monitoring tools/dashboards/etc. can adopt Nginx's
access logs. From what I've
Yes, thanks. Packet level debugging would be the next step. Just thought
someone on the list may have run into this hard limit before.
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Hi Maxim,
Yes, did that before posting to the list and no error 414 is logged. I
have not come across this before and hence the question to the list. Based
on the lack of anything logged it does look to be a hard limit being
reached in the browser, but again, I thought that I would post to the l
Hi Maxim,
The logs (even with debug enabled) do not produce any evidence to isolate
this to the browser hitting a maximum count. However, on the other hand
there is no evidence of large_client_header_buffers being reached either.
Any other thought on isolating the issue beyond changing the GET t
Thanks for the reply Maxim.
We are performing a rather large data update via our api using GET and have
hit this error. The changes to both nginx.conf and to the vhosts make no
difference and the process dies with 414 at the same line of the update.
After some more resarch we came across a pos
large_client_header_buffers 4 32k; option.
414 error no matter what changes are made. Any ideas?
Scott
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
52 matches
Mail list logo
