From mdounin at mdounin.ru Sat Sep 1 00:19:59 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sat, 1 Sep 2012 04:19:59 +0400 Subject: Achieving strong client -> upstrem_server affinity In-Reply-To: References: <20120831085459.GP40452@mdounin.ru> Message-ID: <20120901001957.GD40452@mdounin.ru> Hello! On Fri, Aug 31, 2012 at 07:58:52PM +0530, Srirang Doddihal wrote: [...] > > In addition to "proxy_next_upstream off" you should at least > > specify max_fails=0 for upstream servers. Else a server might > > be considered down and request from a client will be re-hashed to > > another one. > > Got it. How about the following scenario : > > Request - 1] "client-1" is forwarded to "server-1". > Request - 2] "server-1" does not respond properly and hence is > considered down. "client-1" gets an error message > Request - 3] "client-1" is now hashed to "server-2" and is forwarded > to "server-2" > Request - 4] Now will "client-1" continue to be forwarded to > "server-2" or will it be come back to "server-1"? > > i.e Whether the re-hash is permanent or a temporary? The only information kept is upstream server status. As soon as it will be considered alive again (after fail_timeout) - client-1 will be again forwarded to server-1. > > Note that docs might be a bit misleading here as they say one > > should refer to proxy_next_upstream setting to see what is > > considered to be server failure. This isn't exactly true: if > > upstream server fails to return correct http answer (i.e. on > > error, timeout, invalid_header in proxy_next_upstream terms) the > > failure is always counted. > > Understood till here. > > > What can be considered to be failure > > or not is valid http responses, i.e. http_500 and so on. > > > > This was confusing. Are you saying that any only HTTP 1xx, 2xx or 3xx > responses from the upstream server will not count towards failure > count and any 4xx or 5xx responses will be considered as failures? No. The proxy_next_upstream directive have the following valid values (http://nginx.org/r/proxy_next_upstream): : error : timeout : invalid_header : http_500 : http_502 : http_503 : http_504 : http_404 : off By default valid http response regardless of it's status code is just a valid http response and it isn't counted as a failure. But if you'll write "http_500" in proxy_next_upstream, then (perfectly valid and in many cases expected) HTTP response with status code 500 will be counted as a server failure. (And nginx will thow away the response and will try ask another upstream server for a response.) The same applies to http_502, http_503, http_504. [...] > > This is strange, and you may want to provide more info, see > > http://wiki.nginx.org/Debugging. > > > > I will try to get a debug log. Currently I am using the Ubuntu > package. I probably will have do a custom build for this. > > > I would suggest this is likely some configuration error though > > (requests are handled in another location, without > > proxy_next_upstream set to off?). > > All requests to the concerned upstream servers are sent from only one > location and that location has proxy_next_upstream set to off. Anything like "keepalive" ommitted in the upstream block snippet posted for clarity? The only case in the code which allows request to be passed to multiple upstream servers with proxy_next_upstream set to off is a failed request in a cached connection (this case isn't quite correct either, but it's (a) known issue and (b) rather uncommon under normal conditions). > I am setting up a test environment to isolate this issue. I will get > back with more details a little later. > Is there anything specific that you want to capture? Nothing special, just nginx -V (and it's better to make sure there are no 3rd party modules/patches), a minimal full config to reproduce the problem, and a debug log. Much like the link above suggests. Once you'll set a test environment you may also want to check if the problem is still reproduceable with latest nginx. As far as I understand Ubuntu currently ships nginx 1.1.19, which isn't as old as it can be keeping in mind Ubuntu is Debian derivative ;), but there were several important changes in upstream infrastructure since then. While I don't recall anything which might affect "proxy_next_upstream off" case, it's always good idea to test latest version. Maxim Dounin From mdounin at mdounin.ru Sat Sep 1 00:53:06 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sat, 1 Sep 2012 04:53:06 +0400 Subject: Gzip not compressing response body with status code other than 200, 403, 404 In-Reply-To: <877016e0578575554305828cedbaa7a7.NginxMailingListEnglish@forum.nginx.org> References: <877016e0578575554305828cedbaa7a7.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120901005306.GE40452@mdounin.ru> Hello! On Sat, Aug 25, 2012 at 02:32:02AM -0400, soniclee wrote: > I met same problem while try to gzip response with other status code. Any > update for this issue? In some cases it's just not possible to compress response, e.g. you can't compress 206 as it doesn't contain full entity body. Or you can't compress 304 as it has no entity at all. In many cases it's unwise/unsafe to compress responses with some status codes. I.e. you probably don't want to compress 400 (Bad Request) response even if client claimed gzip support before it did some syntax error in the request - as you already know client did something wrong, and it's better to return easy to understand response. Or e.g. if you try to return 500 (Internal Server Error) due to memory allocation error - you probably don't want to allocate memory for gzip. Due to the above reasons gzip compression is done only for certain common and safe response codes. And from the above explanation it should be more or less obvious that it just can't be enabled for all status codes. If you think gzip compression should be enabled for some specific status code - please provide your suggestions with reasoning. Maxim Dounin From ianevans at digitalhit.com Sat Sep 1 05:17:57 2012 From: ianevans at digitalhit.com (Ian Evans) Date: Sat, 01 Sep 2012 01:17:57 -0400 Subject: Photo uploads and scalability In-Reply-To: <201208312201.09257.ne@vbart.ru> References: <5040F700.2070502@digitalhit.com> <201208312201.09257.ne@vbart.ru> Message-ID: <50419A85.3010204@digitalhit.com> On 31/08/2012 2:01 PM, Valentin V. Bartenev wrote: > On Friday 31 August 2012 21:40:16 Ian Evans wrote: > [...] >> From a programming end I already know I'll queue any post-processing >> and inform the reader when it's done so that process can be handled by >> my local server or cloud instances etc. >> > > TIP: You can avoid passing files over an upstream connection. > > Example: > > location = /upload { > proxy_pass http://backend; > client_body_in_file_only clean; > proxy_set_body $request_body_file; > } > > Your application should "mv" uploaded file somewhere, then register a task > for further background processing, and return a response. As photos are several megabytes, should I be looking into nginx's upload module? From pawel at cojestgrane.pl Sat Sep 1 07:06:36 2012 From: pawel at cojestgrane.pl (=?ISO-8859-2?Q?=22Pawe=B3_Marzec_-_cojestgrane.pl=22?=) Date: Sat, 1 Sep 2012 09:06:36 +0200 Subject: Photo uploads and scalability In-Reply-To: <50419A85.3010204@digitalhit.com> References: <5040F700.2070502@digitalhit.com> <201208312201.09257.ne@vbart.ru> <50419A85.3010204@digitalhit.com> Message-ID: upload_module removes uploaded files from body and replaces them with paths to temporary files where there are stored at end. So your backend don't have to parse body again to extract files from it. Parsing costs memory & cpu. If you upload photos, they will land on disk. Your backend can analyze them briefly, make first thumb to be shown back to user and ask/ schedule other workers to make scalling/rotating and any image processing you want to be done later in real background. I'm happy user of upload_module ;-) in tandem with uploadprogress_module It is easy to setup, very. imho: it's worthwhile Regards Pawe? Marzec Wiadomo?? napisana w dniu 2012-09-01, o godz. 07:17, przez Ian Evans: > On 31/08/2012 2:01 PM, Valentin V. Bartenev wrote: >> On Friday 31 August 2012 21:40:16 Ian Evans wrote: >> [...] >>> From a programming end I already know I'll queue any post- >>> processing >>> and inform the reader when it's done so that process can be >>> handled by >>> my local server or cloud instances etc. >>> >> >> TIP: You can avoid passing files over an upstream connection. >> >> Example: >> >> location = /upload { >> proxy_pass http://backend; >> client_body_in_file_only clean; >> proxy_set_body $request_body_file; >> } >> >> Your application should "mv" uploaded file somewhere, then register >> a task >> for further background processing, and return a response. > > As photos are several megabytes, should I be looking into nginx's > upload module? > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From ianevans at digitalhit.com Sat Sep 1 08:42:20 2012 From: ianevans at digitalhit.com (Ian Evans) Date: Sat, 01 Sep 2012 04:42:20 -0400 Subject: Photo uploads and scalability In-Reply-To: References: <5040F700.2070502@digitalhit.com> <201208312201.09257.ne@vbart.ru> <50419A85.3010204@digitalhit.com> Message-ID: <5041CA6C.6070609@digitalhit.com> On 01/09/2012 3:06 AM, "Pawe? Marzec - cojestgrane.pl" wrote: > upload_module removes uploaded files from body and replaces them with > paths to temporary files where there are stored at end. > > So your backend don't have to parse body again to extract files from it. > Parsing costs memory & cpu. > > If you upload photos, they will land on disk. Your backend can analyze > them briefly, make first thumb to be shown back to user and ask/schedule > other workers to make scalling/rotating and any image processing you > want to be done later in real background. > > I'm happy user of upload_module ;-) > in tandem with uploadprogress_module > > It is easy to setup, very. > > imho: it's worthwhile > Is there an article or tutorial that show examples of how to set the module up? I've been looking around and see that some people are using it with the a plugin called plupload. Any experience with that? From pawel at cojestgrane.pl Sat Sep 1 09:12:14 2012 From: pawel at cojestgrane.pl (=?ISO-8859-2?Q?=22Pawe=B3_Marzec_-_cojestgrane.pl=22?=) Date: Sat, 1 Sep 2012 11:12:14 +0200 Subject: Photo uploads and scalability In-Reply-To: <5041CA6C.6070609@digitalhit.com> References: <5040F700.2070502@digitalhit.com> <201208312201.09257.ne@vbart.ru> <50419A85.3010204@digitalhit.com> <5041CA6C.6070609@digitalhit.com> Message-ID: <9D5E2EF2-11FA-4AD8-BBD4-298C1AEEABD0@cojestgrane.pl> try this: http://blog.joshsoftware.com/2010/10/20/uploading-multiple-files-with-nginx-upload-module-and-upload-progress-bar/ Pawe? Marzec Wiadomo?? napisana w dniu 2012-09-01, o godz. 10:42, przez Ian Evans: > On 01/09/2012 3:06 AM, "Pawe? Marzec - cojestgrane.pl" wrote: >> upload_module removes uploaded files from body and replaces them with >> paths to temporary files where there are stored at end. >> >> So your backend don't have to parse body again to extract files >> from it. >> Parsing costs memory & cpu. >> >> If you upload photos, they will land on disk. Your backend can >> analyze >> them briefly, make first thumb to be shown back to user and ask/ >> schedule >> other workers to make scalling/rotating and any image processing you >> want to be done later in real background. >> >> I'm happy user of upload_module ;-) >> in tandem with uploadprogress_module >> >> It is easy to setup, very. >> >> imho: it's worthwhile >> > > Is there an article or tutorial that show examples of how to set the > module up? I've been looking around and see that some people are > using it with the a plugin called plupload. Any experience with that? > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From mdounin at mdounin.ru Sat Sep 1 10:26:32 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sat, 1 Sep 2012 14:26:32 +0400 Subject: Nginx won't send FIN ACK to PHP-FPM In-Reply-To: <09a94de13d22ac34f6c4ab5eaf2a0568.NginxMailingListEnglish@forum.nginx.org> References: <09a94de13d22ac34f6c4ab5eaf2a0568.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120901102632.GJ40452@mdounin.ru> Hello! On Mon, Aug 27, 2012 at 08:46:43AM -0400, dantes wrote: > Hey, > > I have Rest API server powered by Nginx and PHP-FPM. Each API call produces > several CURL requests. > > The script that executes the API calls, also utilizes CURL. I use curl multi > exec, with 1,000 threads. All the setup creates a little bit less than 10K > sockets. > > Anyway, here is the problem... > > The script that executes the API calls, let's say 3,000 on 1K threads. It > takes around 170 secs to finish processing all those API calls. However, > when the main script tries to return a response to the browser and initiate > a FIN_WAIT it takes 8 minutes until everything is returned to the browser. > > Here is how it looks: > http://d.pr/i/1WkI > > My theory is that it happens because Nginx puts the worker somehow on hold > or something like that. This was the first worker in the chain of workers. > There is no data being transferred since the worker initiated the request to > PHP-FPM. > > Any ideas what should I do? I would recommend to obtain debug log and show us nginx -V, full config and debug log, much like http://wiki.nginx.org/Debugging suggests. Maxim Dounin From mdounin at mdounin.ru Sat Sep 1 10:36:17 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sat, 1 Sep 2012 14:36:17 +0400 Subject: Problem with own error pages in nginx 1.3.5 In-Reply-To: <771cdbfda3f1e8311a13b9a5f6beaa7a.NginxMailingListEnglish@forum.nginx.org> References: <771cdbfda3f1e8311a13b9a5f6beaa7a.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120901103617.GK40452@mdounin.ru> Hello! On Mon, Aug 27, 2012 at 09:58:19AM -0400, Varix wrote: > I have a problem with my own error pages with nginx 1.3.5. > > [CODE]... > error_page 401 402 403 404 /40x.html; > location = /40x.html { > root /www/default/html; > } > ...[/CODE] > > With Firefox is all OK. > > With IE 8 and IE 9 the browser is unable to show me the an error-site from > the webserver. The error-site from the IE browser is shown. > > with > > [code]... > error_page 401 402 403 404 /40x.html; > location = /40x.html { > root /html; > } > ...[/code] > > the browser show me the error-site from nginx. I change the configuration in > nginx to > > [code]... > error_page 401 402 403 404 /40x.html; > location = /40x.html { > root /www/default/html; > } > ...[/code] > > and restart nginx. Than I push F5 and the browser shows my error-site. When > I call again the website with the brower, the browser is unable to show the > error-site from the webserver. The browser error-page is shown again. How big your error page is? Note that IE won't show pages less than 512 bytes, it will show his own page instead. For builtin error pages nginx adds some padding bytes to make sure error pages are bigger than 512 bytes, see http://nginx.org/r/msie_padding. For your own pages you should take care of this yourself. Maxim Dounin From mdounin at mdounin.ru Sat Sep 1 15:11:42 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sat, 1 Sep 2012 19:11:42 +0400 Subject: Accept connections and close connection hooks in custom module In-Reply-To: References: <20120821123016.GL40452@mdounin.ru> Message-ID: <20120901151142.GN40452@mdounin.ru> Hello! On Tue, Aug 21, 2012 at 10:46:32AM -0400, ConnorMcLaud wrote: > In fact I mostly need catch client deconnection. There is no good way for > that as for accepted connection, isn't it? Actually there is: add a cleanup handler for a connection pool. Maxim Dounin From nginx-forum at nginx.us Sat Sep 1 17:46:46 2012 From: nginx-forum at nginx.us (slevytam) Date: Sat, 1 Sep 2012 13:46:46 -0400 (EDT) Subject: Rewrite a Shortened URL to a Pretty URL? In-Reply-To: <72163348-52A5-4078-851C-43B41E51E077@lavandeira.net> References: <72163348-52A5-4078-851C-43B41E51E077@lavandeira.net> Message-ID: Hi, Thank you for your reply. Sorry for the late response but the forum didn't notify me of your post. I tried your suggestion. rewrite ^/(.*?)/.*$ /entry/index.php?id=$1 permanent; It works for http://www.domain.com/1234/pretty-url-goes-here but it does not work for http://www.domain.com/1234. Also, it does not leave the url as entered. So, for example, if you input http://www.domain.com/1234/pretty-url-goes-here it changes the address bar to http://www.domain.com/entry/id=1234 instead of staying at the pretty url. Any thoughts? Thanks, slevytam Posted at Nginx Forum: http://forum.nginx.org/read.php?2,229974,230447#msg-230447 From edho at myconan.net Sat Sep 1 17:52:00 2012 From: edho at myconan.net (Edho Arief) Date: Sun, 2 Sep 2012 00:52:00 +0700 Subject: Rewrite a Shortened URL to a Pretty URL? In-Reply-To: References: <72163348-52A5-4078-851C-43B41E51E077@lavandeira.net> Message-ID: On Sun, Sep 2, 2012 at 12:46 AM, slevytam wrote: > Hi, > > Thank you for your reply. Sorry for the late response but the forum didn't > notify me of your post. > > I tried your suggestion. > > rewrite ^/(.*?)/.*$ /entry/index.php?id=$1 permanent; > > It works for http://www.domain.com/1234/pretty-url-goes-here but it does not > work for http://www.domain.com/1234. > > Also, it does not leave the url as entered. So, for example, if you input > http://www.domain.com/1234/pretty-url-goes-here it changes the address bar > to http://www.domain.com/entry/id=1234 instead of staying at the pretty > url. > > Any thoughts? > rewrite ^/(\d+)(/|$) /entry/index.php?id=$1; From nginx-forum at nginx.us Sat Sep 1 20:35:36 2012 From: nginx-forum at nginx.us (extern) Date: Sat, 1 Sep 2012 16:35:36 -0400 (EDT) Subject: problem with load php In-Reply-To: <6048d0b44c8b39ea57fd82a045be1de2.NginxMailingListEnglish@forum.nginx.org> References: <6048d0b44c8b39ea57fd82a045be1de2.NginxMailingListEnglish@forum.nginx.org> Message-ID: hi thanks,Do some tutorials to launch it? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230381,230449#msg-230449 From cickumqt at gmail.com Sat Sep 1 22:39:06 2012 From: cickumqt at gmail.com (Christopher Meng) Date: Sun, 2 Sep 2012 06:39:06 +0800 Subject: problem with load php In-Reply-To: References: <6048d0b44c8b39ea57fd82a045be1de2.NginxMailingListEnglish@forum.nginx.org> Message-ID: Google howtoforge -- *Yours sincerely,* *Christopher Meng* Ambassador/Contributor of Fedora Project and many others. http://cicku.me -------------- next part -------------- An HTML attachment was scrubbed... URL: From ianevans at digitalhit.com Sat Sep 1 23:21:46 2012 From: ianevans at digitalhit.com (Ian Evans) Date: Sat, 01 Sep 2012 19:21:46 -0400 Subject: Photo uploads and scalability In-Reply-To: <9D5E2EF2-11FA-4AD8-BBD4-298C1AEEABD0@cojestgrane.pl> References: <5040F700.2070502@digitalhit.com> <201208312201.09257.ne@vbart.ru> <50419A85.3010204@digitalhit.com> <5041CA6C.6070609@digitalhit.com> <9D5E2EF2-11FA-4AD8-BBD4-298C1AEEABD0@cojestgrane.pl> Message-ID: <5042988A.7050209@digitalhit.com> On 01/09/2012 5:12 AM, "Pawe? Marzec - cojestgrane.pl" wrote: > try this: > http://blog.joshsoftware.com/2010/10/20/uploading-multiple-files-with-nginx-upload-module-and-upload-progress-bar/ Thanks. Does anyone know of an example integrating it with PHP? I'm seeing examples for Passenger and Rails, but I don't use them. Thanks for the help. Just want to make sure I can scale from day one. From om.brahmana at gmail.com Sun Sep 2 18:56:53 2012 From: om.brahmana at gmail.com (Srirang Doddihal) Date: Mon, 3 Sep 2012 00:26:53 +0530 Subject: Achieving strong client -> upstrem_server affinity In-Reply-To: <20120901001957.GD40452@mdounin.ru> References: <20120831085459.GP40452@mdounin.ru> <20120901001957.GD40452@mdounin.ru> Message-ID: Hi Maxim, Thanks for the explanation. I understand "upstream" and "proxy" much better now. [...] >> All requests to the concerned upstream servers are sent from only one >> location and that location has proxy_next_upstream set to off. > > Anything like "keepalive" ommitted in the upstream block snippet > posted for clarity? Nope. The "upstream" and "location /http-bind" blocks are posted verbatim. Nothing is removed or changed in those two blocks. > > The only case in the code which allows request to be passed to > multiple upstream servers with proxy_next_upstream set to off is a > failed request in a cached connection (this case isn't quite > correct either, but it's (a) known issue and (b) rather uncommon > under normal conditions). Since I am not using "keepalive" for my upstream servers I am guessing we can safely rule this out. Lets see if something comes out in the test setup. > >> I am setting up a test environment to isolate this issue. I will get >> back with more details a little later. >> Is there anything specific that you want to capture? > > Nothing special, just nginx -V (and it's better to make sure there > are no 3rd party modules/patches), a minimal full config to > reproduce the problem, and a debug log. Much like the link above > suggests. > > Once you'll set a test environment you may also want to check if > the problem is still reproduceable with latest nginx. As > far as I understand Ubuntu currently ships nginx 1.1.19, which > isn't as old as it can be keeping in mind Ubuntu is Debian > derivative ;), but there were several important changes in > upstream infrastructure since then. While I don't recall anything > which might affect "proxy_next_upstream off" case, it's always > good idea to test latest version. Cool. Will try out the latest version too. > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx -- Regards, Srirang G Doddihal Brahmana. The LIGHT shows the way. The WISE see it. The BRAVE walk it. The PERSISTENT endure and complete it. I want to do it all ALONE. From ianevans at digitalhit.com Mon Sep 3 04:24:47 2012 From: ianevans at digitalhit.com (Ian M. Evans) Date: Mon, 3 Sep 2012 00:24:47 -0400 Subject: how to tranparently deal with MogileFS with php and nginx Message-ID: As I'm working on this new project based on image uploads, my brains buzzing with all the stuff I'm reading to try and make the project scalable from day one. As I said in another thread, it's much calmer for me to ask now than when I'm screaming "Help my server's melting" Seeing as there's a MogileFS module for nginx, I thought it would be th best option for seamlessly adding storage if we're successful. I've been looking at the docs (http://www.grid.net.ru/nginx/mogilefs.en.html) and I'm curious how I can make the operations more transparent and seamless for php operations. Uisng this example locations, if I referenced an image in a webpage as /download/abc.jpg it would serve up the file referenced with the abc.jpg. And I see they have an example location of /upload for adding/deleting files. Is there a special way that php has to add the files to that location, since it's been set up on a web server? While the /download location seems pretty easy to deal with an a webserver, I'm wondering if there's a way for PHP to interact with the adding, deleting, etc of files in a way that's more like dealing with a local filesystem. Thanks for any advice. From bra at fsn.hu Mon Sep 3 06:33:01 2012 From: bra at fsn.hu (Attila Nagy) Date: Mon, 03 Sep 2012 08:33:01 +0200 Subject: Setting SSI variables from configuration Message-ID: <50444F1D.5060800@fsn.hu> Hi, I have an SSI page with the following in it:
I would like to set CRAN_HOST to a given value, but I couldn't find any ways of doing this with nginx. Any ideas? Thanks, From mdounin at mdounin.ru Mon Sep 3 08:48:31 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 3 Sep 2012 12:48:31 +0400 Subject: Redirect 404 errors to a separate log file In-Reply-To: References: Message-ID: <20120903084831.GQ40452@mdounin.ru> Hello! On Fri, Aug 24, 2012 at 04:31:17AM -0400, kustodian wrote: > I have been trying for a whole day to figure out how to redirect 404 errors > to a separate log file. I managed to do this in the server directive: > > error_page 404 = @404; > location @404 { > error_log /var/log/nginx/404.log; > } > > This does write all 404 errors to 404.log, but the problem is that it also > writes these errors in the default error.log, and I don't want that. I want > 404 errors to be writtent to only into the 404.log. > > Do you have an idea how to do this? Errors to error_log are logged once they happen, so you can't configure separate error_log to log specific errors (in contrast to access_log). However you may control whether to log "not found" errors or not - there is configuration directive "log_not_found" for this, see http://nginx.org/r/log_not_found. Maxim Dounin From bra at fsn.hu Mon Sep 3 11:03:41 2012 From: bra at fsn.hu (Attila Nagy) Date: Mon, 03 Sep 2012 13:03:41 +0200 Subject: Setting SSI variables from configuration In-Reply-To: <50444F1D.5060800@fsn.hu> References: <50444F1D.5060800@fsn.hu> Message-ID: <50448E8D.3030704@fsn.hu> On 09/03/12 08:33, Attila Nagy wrote: > I have an SSI page with the following in it: > >
> > > I would like to set CRAN_HOST to a given value, but I couldn't find > any ways of doing this with nginx. > Any ideas? Just for the archive: set $CRAN_HOST 'text'; works. (10x Leki :) From markus.jelsma at openindex.io Mon Sep 3 13:39:21 2012 From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=) Date: Mon, 3 Sep 2012 13:39:21 +0000 Subject: Nginx Upstream Check can not find the check servers on status page Message-ID: Hi, We use the Nginx upstream check module [1] with the Nginx upstream fair module for Nginx 1.2.2. Whenever we disable the fair module or compile without the fair module we cannot view the healthcheck status page and the following error is logged: 2012/09/03 13:20:48 [error] 28149#0: *1 [http upstream check] can not find the check servers, have you added the check servers? , client: 1.2.3.4, server: localhost, request: "GET /healthcheck_status HTTP/1.1", host: "" Thanks Markus [1]: https://github.com/yaoweibin/nginx_upstream_check_module From tuxtoti at gmail.com Mon Sep 3 15:34:25 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Mon, 3 Sep 2012 21:04:25 +0530 Subject: regex matching on a cookie Message-ID: Hello, I have a URI like this: example.com/cnvpb/$IntegerA/$TermA eg: example.com/cnvpb/1233/Q4 For this request , I might get cookies with names like abc_cnv1, abc_cnv2, abc_cnv3....abc_cnv5 all or some of them. The value of these cookies are of the format: $integerB#$TermB#$integerC#$TermC Eg: 1234#blahblah#45#Q1 Now this is the requirement: If for any of the cookies in abc_cnv[1-5], $integerA equals $intergerB choose an upstream based on $TermC. I have figured out few of things: 1) Parsing $integerA - Using a regex in the location block 2) Choosing an upstream based on $TermC - using a map block However, I'm stuck at reading cookies (not sure how to read only : abc_cnv[1-5]). I understand it can be done using multiple ifs . But I'm sure there should be a better way than that. Any pointers? Thanks Harish From ne at vbart.ru Mon Sep 3 16:23:36 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Mon, 3 Sep 2012 20:23:36 +0400 Subject: regex matching on a cookie In-Reply-To: References: Message-ID: <201209032023.36159.ne@vbart.ru> On Monday 03 September 2012 19:34:25 Harish Sundararaj wrote: [...] > However, I'm stuck at reading cookies (not sure how to read only : > abc_cnv[1-5]). I understand it can be done using multiple ifs . > But I'm sure there should be a better way than that. > > Any pointers? > http://nginx.org/en/docs/http/ngx_http_core_module.html#variables $cookie_abc_cnv1, $cookie_abc_cnv2, $cookie_abc_cnv1... wbr, Valentin V. Bartenev From mdounin at mdounin.ru Mon Sep 3 18:30:40 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 3 Sep 2012 22:30:40 +0400 Subject: X-accel-redirect serving html download page instead of file. In-Reply-To: References: Message-ID: <20120903183040.GA40452@mdounin.ru> Hello! On Mon, Aug 27, 2012 at 09:29:47PM -0400, wideawake wrote: > I have a script that uses x-accel-redirect on a nginx server to send large > files (150mb+). The script serves downloads fine as long as their is a space > in the name of the directory but not when the directory is a single word. > Anyone know why it would be doing so when the file exists and the path is > correct? > > Layout: /Dir/file.exe /Dir2/file.exe /Another Dir/file.exe > > If it's /Another Dir/file.exe it serves the file perfectly, however if its > /Dir/file.exe it serves the html of the download page. Anyone seen this > before? I would suggest that the reason is that rewrites which are commented out in the config you've posted: > #rewrite ^.*/([-\w\.]+)/([-\w\.]+)\.zip$ > /download.php?model=$1&file=$2.zip last; > #rewrite ^.*/([-\w\.]+)/([-\w\.]+)\.exe$ > /download.php?model=$1&file=$2.exe last; > #rewrite ^.*/([-\w\.]+)/([-\w\.]+)\.nbh$ > /download.php?model=$1&file=$2.nbh last; > #rewrite ^.*/([-\w\.]+)/([-\w\.]+)\.rar$ > /download.php?model=$1&file=$2.rar last; aren't really commented out. And any X-Accel-Redirect results in rewrite match, and a download.php output being returned instead. Obvious solution would be to actually comment them out (or, if they are needed, to place them into a location which doesn't match URIs returned in X-Accel-Redirect). (Files/directories with space work as regular expressions above doesn't match them.) Maxim Dounin From tuxtoti at gmail.com Mon Sep 3 19:34:36 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Tue, 4 Sep 2012 01:04:36 +0530 Subject: regex matching on a cookie In-Reply-To: <201209032023.36159.ne@vbart.ru> References: <201209032023.36159.ne@vbart.ru> Message-ID: Hi Valentin, > > http://nginx.org/en/docs/http/ngx_http_core_module.html#variables > > $cookie_abc_cnv1, $cookie_abc_cnv2, $cookie_abc_cnv1... Ah. I did know how to read it individually. My mistake, should have explained it more clearly. But testing for each of this variables looks bad (is ther a way other than using a if clause ? ) Thanks Harish From tuxtoti at gmail.com Mon Sep 3 19:52:24 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Tue, 4 Sep 2012 01:22:24 +0530 Subject: regex matching on a cookie In-Reply-To: References: Message-ID: Hi all, After a bit of head scratching, I came up with this: 1) Parse $integerA from the URI 2) Have two map blocks. a) one to get $TermC from the cookie b) one to map a backend based on the $TermC Here is what I have got: map $http_cookie $termC { ~adq_cnv(\d+)=($integer[^;]+#(\w{2}))(?:;|$) $3; default "WX"; } map $termC $backend { WX w.x.y.z; AB a.b.c.d; } location ~ ^/cnvpb/(\d+)/ { set $cmpid $1; proxy_pass http://$backend; } But unfortunately it fails saying - "invalid number of map parameters". I think its something to do with variable interpolation. So a few questions: 1) How do I substitute a variable inside a regex ? 2) The regex works with a if condition. I kind of extended it from here: http://wiki.nginx.org/HttpRewriteModule#if. But there seems to be a "space" between "[^;]" and "+" not sure why. Is that right? 3) Anything else that can be done better? Thanks Harish On Mon, Sep 3, 2012 at 9:04 PM, Harish Sundararaj wrote: > Hello, > > I have a URI like this: > > example.com/cnvpb/$IntegerA/$TermA > > eg: > example.com/cnvpb/1233/Q4 > > For this request , I might get cookies with names like > > abc_cnv1, abc_cnv2, abc_cnv3....abc_cnv5 > > all or some of them. The value of these cookies are of the format: > > $integerB#$TermB#$integerC#$TermC > > Eg: > 1234#blahblah#45#Q1 > > Now this is the requirement: > > If for any of the cookies in abc_cnv[1-5], $integerA equals $intergerB > choose an upstream based on $TermC. > > I have figured out few of things: > > 1) Parsing $integerA - Using a regex in the location block > 2) Choosing an upstream based on $TermC - using a map block > > However, I'm stuck at reading cookies (not sure how to read only : > abc_cnv[1-5]). I understand it can be done using multiple ifs . > But I'm sure there should be a better way than that. > > Any pointers? > > Thanks > Harish From tuxtoti at gmail.com Mon Sep 3 19:56:55 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Tue, 4 Sep 2012 01:26:55 +0530 Subject: regex matching on a cookie In-Reply-To: References: Message-ID: Hi all, Sorry that location block should have been: location ~ ^/cnvpb/(\d+)/ { set $integer $1; proxy_pass http://$backend; } Thanks Harish On Tue, Sep 4, 2012 at 1:22 AM, Harish Sundararaj wrote: > Hi all, > > After a bit of head scratching, I came up with this: > > 1) Parse $integerA from the URI > 2) Have two map blocks. > a) one to get $TermC from the cookie > b) one to map a backend based on the $TermC > > Here is what I have got: > > map $http_cookie $termC { > ~adq_cnv(\d+)=($integer[^;]+#(\w{2}))(?:;|$) $3; > default "WX"; > } > > map $termC $backend { > WX w.x.y.z; > AB a.b.c.d; > } > > > location ~ ^/cnvpb/(\d+)/ { > set $cmpid $1; > proxy_pass http://$backend; > } > > > But unfortunately it fails saying - "invalid number of map > parameters". I think its something to do with variable interpolation. > So a few questions: > 1) How do I substitute a variable inside a regex ? > 2) The regex works with a if condition. I kind of extended it from > here: http://wiki.nginx.org/HttpRewriteModule#if. But there seems to > be a "space" between "[^;]" and "+" not sure why. Is that right? > 3) Anything else that can be done better? > > Thanks > Harish > > > On Mon, Sep 3, 2012 at 9:04 PM, Harish Sundararaj wrote: >> Hello, >> >> I have a URI like this: >> >> example.com/cnvpb/$IntegerA/$TermA >> >> eg: >> example.com/cnvpb/1233/Q4 >> >> For this request , I might get cookies with names like >> >> abc_cnv1, abc_cnv2, abc_cnv3....abc_cnv5 >> >> all or some of them. The value of these cookies are of the format: >> >> $integerB#$TermB#$integerC#$TermC >> >> Eg: >> 1234#blahblah#45#Q1 >> >> Now this is the requirement: >> >> If for any of the cookies in abc_cnv[1-5], $integerA equals $intergerB >> choose an upstream based on $TermC. >> >> I have figured out few of things: >> >> 1) Parsing $integerA - Using a regex in the location block >> 2) Choosing an upstream based on $TermC - using a map block >> >> However, I'm stuck at reading cookies (not sure how to read only : >> abc_cnv[1-5]). I understand it can be done using multiple ifs . >> But I'm sure there should be a better way than that. >> >> Any pointers? >> >> Thanks >> Harish From david at styleflare.com Mon Sep 3 21:03:51 2012 From: david at styleflare.com (David | StyleFlare) Date: Mon, 03 Sep 2012 17:03:51 -0400 Subject: Input Headers. - headers_more_module. In-Reply-To: References: <503F9EF9.1020002@styleflare.com> <503FC949.5040801@styleflare.com> Message-ID: <50451B37.4030404@styleflare.com> Updated Today. This worked nicely. Thank you. On 8/30/12 5:33 PM, agentzh wrote: > Hello! > > On Thu, Aug 30, 2012 at 2:30 PM, agentzh wrote: >> location / { >> access_by_lua ' >> local res = ngx.location.capture("/auth") >> if res.status == 200 then >> ngx.req.set_header("X-Server-ID", res.var.pg_server) > Sorry, typo here, this line should be > > ngx.req.set_header("X-Server-ID", ngx.var.pg_server) > > Best regards, > -agentzh > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From tuxtoti at gmail.com Mon Sep 3 22:56:23 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Tue, 4 Sep 2012 04:26:23 +0530 Subject: choosing backend based on header value Message-ID: Hi All, I have a requirement wherein I need to choose a backend based on the value of a header sent by the client. But in all other cases where the header is not set I would like to use the available upstream block with whatever logic (wr/r) it is set to. For eg: upstream backend_boxes { server 192.168.1.30:9001 weight=25; server 192.168.1.45:9001 weight=75; } locatinon ~ ^/test { proxy_pass http://backend_boxes; } But, say If X-Caching-Node is set to 192.168.1.50:9001 , I want the /test request to go to 192.168.1.50:9001. I guess that should be possible? Thanks Harish From zzz at zzz.org.ua Mon Sep 3 23:19:11 2012 From: zzz at zzz.org.ua (Alexandr Gomoliako) Date: Tue, 4 Sep 2012 02:19:11 +0300 Subject: choosing backend based on header value In-Reply-To: References: Message-ID: > I have a requirement wherein I need to choose a backend based on the > value of a header sent by the client. But in all other cases where the > header is not set I would like to use the available upstream block > with whatever logic (wr/r) it is set to. > > For eg: > > upstream backend_boxes { > server 192.168.1.30:9001 weight=25; > server 192.168.1.45:9001 weight=75; > } > > locatinon ~ ^/test { > proxy_pass http://backend_boxes; > } > > But, say If X-Caching-Node is set to 192.168.1.50:9001 , I want the > /test request to go to 192.168.1.50:9001. > > I guess that should be possible? Sure. Be careful though, specify allowed nodes explicitly. map $http_x_caching_node $x { default backend_boxes; 192.168.1.50:9001 192.168.1.50:9001; } server { location /test/ { proxy_pass http://$x; } } From tuxtoti at gmail.com Mon Sep 3 23:29:21 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Tue, 4 Sep 2012 04:59:21 +0530 Subject: choosing backend based on header value In-Reply-To: References: Message-ID: Hi Alexandr, This is exactly what I thought. But then is there a way without explicitly specifying the nodes.? I understand the pitfalls, its just to be used for testing purposes. (like sending a request to a test server) Thanks Harish On Tue, Sep 4, 2012 at 4:49 AM, Alexandr Gomoliako wrote: >> I have a requirement wherein I need to choose a backend based on the >> value of a header sent by the client. But in all other cases where the >> header is not set I would like to use the available upstream block >> with whatever logic (wr/r) it is set to. >> >> For eg: >> >> upstream backend_boxes { >> server 192.168.1.30:9001 weight=25; >> server 192.168.1.45:9001 weight=75; >> } >> >> locatinon ~ ^/test { >> proxy_pass http://backend_boxes; >> } >> >> But, say If X-Caching-Node is set to 192.168.1.50:9001 , I want the >> /test request to go to 192.168.1.50:9001. >> >> I guess that should be possible? > > Sure. Be careful though, specify allowed nodes explicitly. > > map $http_x_caching_node $x { > default backend_boxes; > 192.168.1.50:9001 192.168.1.50:9001; > } > > server { > location /test/ { > proxy_pass http://$x; > } > } > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From tuxtoti at gmail.com Mon Sep 3 23:44:57 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Tue, 4 Sep 2012 05:14:57 +0530 Subject: choosing backend based on header value In-Reply-To: References: Message-ID: Hi, Something that I could now quickly think of is. (thought not sure if it'll work) > > map $http_x_caching_node $x { > default backend_boxes; > 192.168.1.50:9001 192.168.1.50:9001; > } > Changing the map block to: map $http_x_caching_node $x { default backend_boxes; ~^(\d.*) $1; } Maybe there is a better way. Thanks Harish > server { > location /test/ { > proxy_pass http://$x; > } > } > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From zzz at zzz.org.ua Mon Sep 3 23:48:21 2012 From: zzz at zzz.org.ua (Alexandr Gomoliako) Date: Tue, 4 Sep 2012 02:48:21 +0300 Subject: choosing backend based on header value In-Reply-To: References: Message-ID: > This is exactly what I thought. But then is there a way without > explicitly specifying the nodes.? > I understand the pitfalls, its just to be used for testing purposes. > (like sending a request to a test server) There is: map $http_x_caching_node $x { default backend_boxes; ~. $http_x_caching_node; } From tuxtoti at gmail.com Tue Sep 4 00:27:25 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Tue, 4 Sep 2012 05:57:25 +0530 Subject: choosing backend based on header value In-Reply-To: References: Message-ID: That looks good. Thanks a ton. Harish. On Tue, Sep 4, 2012 at 5:18 AM, Alexandr Gomoliako wrote: >> This is exactly what I thought. But then is there a way without >> explicitly specifying the nodes.? >> I understand the pitfalls, its just to be used for testing purposes. >> (like sending a request to a test server) > > There is: > > map $http_x_caching_node $x { > default backend_boxes; > ~. $http_x_caching_node; > } > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From nbubingo at gmail.com Tue Sep 4 02:41:42 2012 From: nbubingo at gmail.com (=?GB2312?B?0qbOsLHz?=) Date: Tue, 4 Sep 2012 10:41:42 +0800 Subject: Nginx Upstream Check can not find the check servers on status page In-Reply-To: References: Message-ID: Hi, Markus, The fair module need extra patch to work with upstream check module: https://github.com/yaoweibin/nginx_upstream_check_module/blob/master/upstream_fair.patch See README for detail. If you don't add any check servers, it'll produce such errors. 2012/9/3 Markus Jelsma : > Hi, > > We use the Nginx upstream check module [1] with the Nginx upstream fair module for Nginx 1.2.2. Whenever we disable the fair module or compile without the fair module we cannot view the healthcheck status page and the following error is logged: > > 2012/09/03 13:20:48 [error] 28149#0: *1 [http upstream check] can not find the check servers, have you added the check servers? , client: 1.2.3.4, server: localhost, request: "GET /healthcheck_status HTTP/1.1", host: "" > > Thanks > Markus > > [1]: https://github.com/yaoweibin/nginx_upstream_check_module > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From sosogh at 126.com Tue Sep 4 02:59:40 2012 From: sosogh at 126.com (sosogh) Date: Tue, 4 Sep 2012 10:59:40 +0800 (CST) Subject: rewrite problem Message-ID: <78c55c96.222d1.1398f3811f6.Coremail.sosogh@126.com> HI list I want to redirect http://www.mysite.com/bbs/viewthread.php?tid=8123&extra= to http://www.mysite.com/forum.php?mod=viewthread&tid=8123 This is what I place in the "server" block in the nginx.conf rewrite ^/bbs/viewthread.php?tid=([0-9]+).*$ /forum.php?mod=viewthread&tid=$1 last; but when visit http://www.mysite.com/bbs/viewthread.php?tid=8123&extra=. It shows 404 error. Could anyone point me out what is wrong? Thank you! -------------- next part -------------- An HTML attachment was scrubbed... URL: From bertrand.caplet at okira.net Tue Sep 4 06:06:49 2012 From: bertrand.caplet at okira.net (Bertrand Caplet) Date: Tue, 04 Sep 2012 08:06:49 +0200 Subject: rewrite problem In-Reply-To: <78c55c96.222d1.1398f3811f6.Coremail.sosogh@126.com> References: <78c55c96.222d1.1398f3811f6.Coremail.sosogh@126.com> Message-ID: <194a59e5-f469-467f-80ec-6d99c2fe1a78@email.android.com> sosogh a ?crit : HI list I want to redirect http://www.mysite.com/bbs/viewthread.php?tid=8123&extra= to http://www.mysite.com/forum.php?mod=viewthread&tid=8123 This is what I place in the "server" block in the nginx.conf rewrite ^/bbs/viewthread.php?tid=([0-9]+).*$ /forum.php?mod=viewthread&tid=$1 last; but when visit http://www.mysite.com/bbs/viewthread.php?tid=8123&extra=. It shows 404 error. Could anyone point me out what is wrong? Thank you! Take a look at your error log, it's write which file nginx can't find and you could see what's wrong with your regex. Regards, -- Envoy? de mon t?l?phone. Excusez la bri?vet?. -------------- next part -------------- An HTML attachment was scrubbed... URL: From cickumqt at gmail.com Tue Sep 4 06:17:00 2012 From: cickumqt at gmail.com (Christopher Meng) Date: Tue, 4 Sep 2012 14:17:00 +0800 Subject: rewrite problem In-Reply-To: <78c55c96.222d1.1398f3811f6.Coremail.sosogh@126.com> References: <78c55c96.222d1.1398f3811f6.Coremail.sosogh@126.com> Message-ID: Please adhere a tail of error log. Thanks. -- *Yours sincerely,* *Christopher Meng* Ambassador/Contributor of Fedora Project and many others. http://cicku.me -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Tue Sep 4 07:58:29 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 4 Sep 2012 11:58:29 +0400 Subject: rewrite problem In-Reply-To: <78c55c96.222d1.1398f3811f6.Coremail.sosogh@126.com> References: <78c55c96.222d1.1398f3811f6.Coremail.sosogh@126.com> Message-ID: <20120904075829.GB40452@mdounin.ru> Hello! On Tue, Sep 04, 2012 at 10:59:40AM +0800, sosogh wrote: > HI list > I want to redirect > http://www.mysite.com/bbs/viewthread.php?tid=8123&extra= > to > http://www.mysite.com/forum.php?mod=viewthread&tid=8123 > > This is what I place in the "server" block in the nginx.conf > rewrite ^/bbs/viewthread.php?tid=([0-9]+).*$ /forum.php?mod=viewthread&tid=$1 last; > > but when visit http://www.mysite.com/bbs/viewthread.php?tid=8123&extra=. > It shows 404 error. > > Could anyone point me out what is wrong? > Thank you! The rewrite in question won't match anything as rewrite work with URI without arguments. Use something like this instead: location = /bbs/viewthread.php { if ($arg_tid ~ ^[0-9]+$) { rewrite ^ /forum.php?mod=viewthread&tid=$arg_tid? last; } ... } Some more details may be found here: http://nginx.org/r/location http://nginx.org/r/rewrite http://nginx.org/r/if Maxim Dounin From markus.jelsma at openindex.io Tue Sep 4 08:14:35 2012 From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=) Date: Tue, 4 Sep 2012 08:14:35 +0000 Subject: Nginx Upstream Check can not find the check servers on status page In-Reply-To: References: Message-ID: Hi ??? , We patched the fair module as per the README. The thing is that the health status page does not work _without_ the fair module enabled. The load balancing still works though. If i switch the fair module back on, the healthcheck status page will work again. Thanks -----Original message----- > From:??? > Sent: Tue 04-Sep-2012 04:45 > To: nginx at nginx.org > Subject: Re: Nginx Upstream Check can not find the check servers on status page > > Hi, Markus, > > The fair module need extra patch to work with upstream check module: > https://github.com/yaoweibin/nginx_upstream_check_module/blob/master/upstream_fair.patch > > See README for detail. > > If you don't add any check servers, it'll produce such errors. > > 2012/9/3 Markus Jelsma : > > Hi, > > > > We use the Nginx upstream check module [1] with the Nginx upstream fair module for Nginx 1.2.2. Whenever we disable the fair module or compile without the fair module we cannot view the healthcheck status page and the following error is logged: > > > > 2012/09/03 13:20:48 [error] 28149#0: *1 [http upstream check] can not find the check servers, have you added the check servers? , client: 1.2.3.4, server: localhost, request: "GET /healthcheck_status HTTP/1.1", host: "" > > > > Thanks > > Markus > > > > [1]: https://github.com/yaoweibin/nginx_upstream_check_module > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > From nbubingo at gmail.com Tue Sep 4 09:01:58 2012 From: nbubingo at gmail.com (=?GB2312?B?0qbOsLHz?=) Date: Tue, 4 Sep 2012 17:01:58 +0800 Subject: Nginx Upstream Check can not find the check servers on status page In-Reply-To: References: Message-ID: Have you also added the patch for the official upstream module in Nginx :https://github.com/yaoweibin/nginx_upstream_check_module/blob/master/check_1.2.2%2B.patch You should added this patch first. 2012/9/4 Markus Jelsma : > Hi ??? , > > We patched the fair module as per the README. The thing is that the health status page does not work _without_ the fair module enabled. The load balancing still works though. If i switch the fair module back on, the healthcheck status page will work again. > > Thanks > > > > > -----Original message----- >> From:??? >> Sent: Tue 04-Sep-2012 04:45 >> To: nginx at nginx.org >> Subject: Re: Nginx Upstream Check can not find the check servers on status page >> >> Hi, Markus, >> >> The fair module need extra patch to work with upstream check module: >> https://github.com/yaoweibin/nginx_upstream_check_module/blob/master/upstream_fair.patch >> >> See README for detail. >> >> If you don't add any check servers, it'll produce such errors. >> >> 2012/9/3 Markus Jelsma : >> > Hi, >> > >> > We use the Nginx upstream check module [1] with the Nginx upstream fair module for Nginx 1.2.2. Whenever we disable the fair module or compile without the fair module we cannot view the healthcheck status page and the following error is logged: >> > >> > 2012/09/03 13:20:48 [error] 28149#0: *1 [http upstream check] can not find the check servers, have you added the check servers? , client: 1.2.3.4, server: localhost, request: "GET /healthcheck_status HTTP/1.1", host: "" >> > >> > Thanks >> > Markus >> > >> > [1]: https://github.com/yaoweibin/nginx_upstream_check_module >> > >> > _______________________________________________ >> > nginx mailing list >> > nginx at nginx.org >> > http://mailman.nginx.org/mailman/listinfo/nginx >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx >> > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From markus.jelsma at openindex.io Tue Sep 4 09:15:14 2012 From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=) Date: Tue, 4 Sep 2012 09:15:14 +0000 Subject: Nginx Upstream Check can not find the check servers on status page In-Reply-To: References: Message-ID: Yes, without that patch it won't build at all if i remember correctly. I have two Nginx nodes running the same config and build. They both run fine and so does the healthcheck status page until i comment out the fair configuration directive. I'll try to reproduce on another machine. Thanks -----Original message----- > From:??? > Sent: Tue 04-Sep-2012 11:05 > To: nginx at nginx.org > Subject: Re: Nginx Upstream Check can not find the check servers on status page > > Have you also added the patch for the official upstream module in > Nginx :https://github.com/yaoweibin/nginx_upstream_check_module/blob/master/check_1.2.2%2B.patch > > You should added this patch first. > > > 2012/9/4 Markus Jelsma : > > Hi ??? , > > > > We patched the fair module as per the README. The thing is that the health status page does not work _without_ the fair module enabled. The load balancing still works though. If i switch the fair module back on, the healthcheck status page will work again. > > > > Thanks > > > > > > > > > > -----Original message----- > >> From:??? > >> Sent: Tue 04-Sep-2012 04:45 > >> To: nginx at nginx.org > >> Subject: Re: Nginx Upstream Check can not find the check servers on status page > >> > >> Hi, Markus, > >> > >> The fair module need extra patch to work with upstream check module: > >> https://github.com/yaoweibin/nginx_upstream_check_module/blob/master/upstream_fair.patch > >> > >> See README for detail. > >> > >> If you don't add any check servers, it'll produce such errors. > >> > >> 2012/9/3 Markus Jelsma : > >> > Hi, > >> > > >> > We use the Nginx upstream check module [1] with the Nginx upstream fair module for Nginx 1.2.2. Whenever we disable the fair module or compile without the fair module we cannot view the healthcheck status page and the following error is logged: > >> > > >> > 2012/09/03 13:20:48 [error] 28149#0: *1 [http upstream check] can not find the check servers, have you added the check servers? , client: 1.2.3.4, server: localhost, request: "GET /healthcheck_status HTTP/1.1", host: "" > >> > > >> > Thanks > >> > Markus > >> > > >> > [1]: https://github.com/yaoweibin/nginx_upstream_check_module > >> > > >> > _______________________________________________ > >> > nginx mailing list > >> > nginx at nginx.org > >> > http://mailman.nginx.org/mailman/listinfo/nginx > >> > >> _______________________________________________ > >> nginx mailing list > >> nginx at nginx.org > >> http://mailman.nginx.org/mailman/listinfo/nginx > >> > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From mdounin at mdounin.ru Tue Sep 4 10:54:52 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 4 Sep 2012 14:54:52 +0400 Subject: Using rate limitation for files smaller than the defined limit. In-Reply-To: References: <20120731162106.GY40452@mdounin.ru> Message-ID: <20120904105452.GD40452@mdounin.ru> Hello! On Wed, Aug 22, 2012 at 09:24:03AM -0400, leki75 wrote: > Dear Maxim, > > thank you for your suggestions. Analyzing the code the following turned out > about http_write_filter: > 1. it is able to buffer output (eg. postpone_output) > 2. can delay response before sending bytes (limit <= 0) > 3. delays response after sending bytes (nsent - sent) > > As you mentioned we delay sending the last byte of the response and only do > millisecond calculation when sending it. > > $ cat limit_rate.patch > --- src/http/ngx_http_write_filter_module.c 2012-01-18 > 16:07:43.000000000 +0100 > +++ src/http/ngx_http_write_filter_module.c 2012-08-22 > 12:44:03.862873715 +0200 > @@ -47,9 +47,10 @@ > ngx_int_t > ngx_http_write_filter(ngx_http_request_t *r, ngx_chain_t *in) > { > - off_t size, sent, nsent, limit; > + off_t size, sent, nsent, limit, nlimit; > ngx_uint_t last, flush; > ngx_msec_t delay; > + ngx_time_t *t; > ngx_chain_t *cl, *ln, **ll, *chain; > ngx_connection_t *c; > ngx_http_core_loc_conf_t *clcf; > @@ -214,6 +215,23 @@ > limit = r->limit_rate * (ngx_time() - r->start_sec + 1) > - (c->sent - clcf->limit_rate_after); > > + if (last && size == 1) { > + t = ngx_timeofday(); > + > + if (t->msec < r->start_msec) { > + t->sec--; > + t->msec += 1000; > + } > + > + nlimit = r->limit_rate * (t->sec - r->start_sec) > + + r->limit_rate * (t->msec - r->start_msec) / 1000 > + - (c->sent + size - clcf->limit_rate_after); > + > + if (nlimit <= 0) { > + limit = nlimit; > + } > + } > + > if (limit <= 0) { > c->write->delayed = 1; > ngx_add_timer(c->write, > @@ -224,6 +242,12 @@ > return NGX_AGAIN; > } > > + if (last && limit > size - 1) { > + if (size > 1) { > + limit = size - 1; > + } > + } > + > if (clcf->sendfile_max_chunk > && (off_t) clcf->sendfile_max_chunk < limit) > { One obvious problem I see that the patch won't delay last byte if the last flag wasn't yet received by the writer filter. This may e.g. happen when returning proxied respone as last buffer is sent separately there, from ngx_http_upstream_finalize_request(). You may also want to avoid delay of a last byte (and a separate syscall for it) if there is no reason to. Otherwise it should work and looks much better than previous one. > It also turned out that setting sendfile_max_chunk to a small enough value > is also a solution for our problem, but this patch also works with default > sendfile_max_chunk = 0 setting. > > Anyway, in nginx 1.2.3 source we found this: > if (size == 0 && !(c->buffered & NGX_LOWLEVEL_BUFFERED)) { > if (last) { > r->out = NULL; > c->buffered &= ~NGX_HTTP_WRITE_BUFFERED; > > return NGX_OK; > } > > if (flush) { > do { > r->out = r->out->next; > } while (r->out); > > c->buffered &= ~NGX_HTTP_WRITE_BUFFERED; > > return NGX_OK; > } > > Instead we could use this if I am right: > if (size == 0 && !(c->buffered & NGX_LOWLEVEL_BUFFERED)) { > if (last || flush) { > r->out = NULL; > c->buffered &= ~NGX_HTTP_WRITE_BUFFERED; > > return NGX_OK; > } Yes, thank you, the loop is for sure unneeded as is. It probably was here as an incomple code to free chain links, the following patch should be ok (and it saves some memory in some special cases): # HG changeset patch # User Maxim Dounin # Date 1346755968 -14400 # Node ID ab5db32b035b8cd6babc43553b21e0fd01192e7e # Parent 190da901d41edc7e07c81b9588bd24254370c591 Http write filter: replaced unneeded loop with one to free chains. Noted by Gabor Lekeny. diff --git a/src/http/ngx_http_write_filter_module.c b/src/http/ngx_http_write_filter_module.c --- a/src/http/ngx_http_write_filter_module.c +++ b/src/http/ngx_http_write_filter_module.c @@ -185,23 +185,19 @@ ngx_http_write_filter(ngx_http_request_t } if (size == 0 && !(c->buffered & NGX_LOWLEVEL_BUFFERED)) { - if (last) { + if (last || flush) { + for (cl = r->out; cl; /* void */) { + ln = cl; + cl = cl->next; + ngx_free_chain(r->pool, ln); + } + r->out = NULL; c->buffered &= ~NGX_HTTP_WRITE_BUFFERED; return NGX_OK; } - if (flush) { - do { - r->out = r->out->next; - } while (r->out); - - c->buffered &= ~NGX_HTTP_WRITE_BUFFERED; - - return NGX_OK; - } - ngx_log_error(NGX_LOG_ALERT, c->log, 0, "the http output chain is empty"); Maxim Dounin From sosogh at 126.com Tue Sep 4 12:05:46 2012 From: sosogh at 126.com (=?utf-8?B?c29zb2do?=) Date: Tue, 4 Sep 2012 20:05:46 +0800 Subject: rewrite problem References: <78c55c96.222d1.1398f3811f6.Coremail.sosogh@126.com> Message-ID: <201209042005400786084@126.com> Thank you very much .It works. But there is another problem. I want http://www.mysite.com/bbs/ to http://www.mysite.com/ why the following conf does not work? rewrite ^/bbs/$ /index.php last; I want http://www.mysite.com/bbs/thread-4270-1-2.html to http://www.mysite.com/forum.php?mod=viewthread&tid=4270&extra=1&page=2 why the following conf does not work? location ~* ^/bbs/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ { rewrite ^/bbs/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=viewthread&tid=$1&extra=$2&page=$3 break; } Thank you ! Hello! On Tue, Sep 04, 2012 at 10:59:40AM +0800, sosogh wrote: > HI list > I want to redirect > http://www.mysite.com/bbs/viewthread.php?tid=8123&extra= > to > http://www.mysite.com/forum.php?mod=viewthread&tid=8123 > > This is what I place in the "server" block in the nginx.conf > rewrite ^/bbs/viewthread.php?tid=([0-9]+).*$ /forum.php?mod=viewthread&tid=$1 last; > > but when visit http://www.mysite.com/bbs/viewthread.php?tid=8123&extra=. > It shows 404 error. > > Could anyone point me out what is wrong? > Thank you! The rewrite in question won't match anything as rewrite work with URI without arguments. Use something like this instead: location = /bbs/viewthread.php { if ($arg_tid ~ ^[0-9]+$) { rewrite ^ /forum.php?mod=viewthread&tid=$arg_tid? last; } ... } Some more details may be found here: http://nginx.org/r/location http://nginx.org/r/rewrite http://nginx.org/r/if Maxim Dounin _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From meteor8488 at 163.com Tue Sep 4 13:42:00 2012 From: meteor8488 at 163.com (fhal) Date: Tue, 4 Sep 2012 21:42:00 +0800 (CST) Subject: how can I block the attack like this? Message-ID: <116653.243d3.13991842484.Coremail.meteor8488@163.com> Hi all, Today my server was attacked. After checked Nginx access log, I found logs like below: 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" It seems the attacker was using some tool to attack my server. You can see that the user agent / browser version are blank. Due to I can't block the blank user agent (some web browser is using blank user agent, for example, UC), is there any way can I use to block this kind of attack? Thank -------------- next part -------------- An HTML attachment was scrubbed... URL: From magic.drums at gmail.com Tue Sep 4 13:45:54 2012 From: magic.drums at gmail.com (magic.drums at gmail.com) Date: Tue, 4 Sep 2012 09:45:54 -0400 Subject: how can I block the attack like this? In-Reply-To: <116653.243d3.13991842484.Coremail.meteor8488@163.com> References: <116653.243d3.13991842484.Coremail.meteor8488@163.com> Message-ID: Hi, WAF(http://code.google.com/p/naxsi/) at possible solution? Regards, On Tue, Sep 4, 2012 at 10:42 AM, fhal wrote: > Hi all, > > Today my server was attacked. After checked Nginx access log, I found logs > like below: > > 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET > /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" > > 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET > /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" > > 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET > /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" > > > It seems the attacker was using some tool to attack my server. You can see > that the user agent / browser version are blank. > > Due to I can't block the blank user agent (some web browser is using blank > user agent, for example, UC), is there any way can I use to block this kind > of attack? > > > Thank > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -- Victor Pereira -------------- next part -------------- An HTML attachment was scrubbed... URL: From j.vanarragon at lukkien.com Tue Sep 4 13:49:21 2012 From: j.vanarragon at lukkien.com (Jaap van Arragon) Date: Tue, 04 Sep 2012 15:49:21 +0200 Subject: how can I block the attack like this? In-Reply-To: Message-ID: Hi, If the user is coming from the same ip address you can block it in your iptables or firewall. Regards On 9/4/12 3:45 PM, "magic.drums at gmail.com" wrote: > Hi, > WAF(http://code.google.com/p/naxsi/)?at possible solution? > > Regards, > > On Tue, Sep 4, 2012 at 10:42 AM, fhal wrote: >> ?Hi all, >> >> Today my server was attacked. After checked Nginx access log, I found logs >> like below: >> >> >> 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET >> /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" >> >> 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET >> /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" >> >> 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET >> /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" >> >> >> >> It seems the attacker was using some tool to attack my server. You can see >> that the user agent / browser version are blank. >> >> Due to I can't block the blank user agent (some web browser is using blank >> user agent, for example, UC), is there any way can I use to block this kind >> of attack? >> >> >> >> Thank >> >> >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From magic.drums at gmail.com Tue Sep 4 14:14:57 2012 From: magic.drums at gmail.com (magic.drums at gmail.com) Date: Tue, 4 Sep 2012 10:14:57 -0400 Subject: how can I block the attack like this? In-Reply-To: References: Message-ID: what I see is that you want to block XSS attacks and code injection, that is why I recommend a WAF Regards, On Tue, Sep 4, 2012 at 10:49 AM, Jaap van Arragon wrote: > Hi, > > If the user is coming from the same ip address you can block it in your > iptables or firewall. > > Regards > > > > On 9/4/12 3:45 PM, "magic.drums at gmail.com" wrote: > > Hi, > WAF(http://code.google.com/p/naxsi/) at possible solution? > > Regards, > > On Tue, Sep 4, 2012 at 10:42 AM, fhal wrote: > > Hi all, > > Today my server was attacked. After checked Nginx access log, I found logs > like below: > > > 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET > /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" > > 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET > /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" > > 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET > /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" > > > > It seems the attacker was using some tool to attack my server. You can see > that the user agent / browser version are blank. > > Due to I can't block the blank user agent (some web browser is using blank > user agent, for example, UC), is there any way can I use to block this kind > of attack? > > > > Thank > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -- Victor Pereira -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Tue Sep 4 17:21:24 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 4 Sep 2012 21:21:24 +0400 Subject: rewrite problem In-Reply-To: <201209042005400786084@126.com> References: <78c55c96.222d1.1398f3811f6.Coremail.sosogh@126.com> <201209042005400786084@126.com> Message-ID: <20120904172124.GN40452@mdounin.ru> Hello! On Tue, Sep 04, 2012 at 08:05:46PM +0800, sosogh wrote: > Thank you very much .It works. > But there is another problem. > > > I want > http://www.mysite.com/bbs/ > to > http://www.mysite.com/ > > why the following conf does not work? > rewrite ^/bbs/$ /index.php last; Define "does not work". If in doubt, try looking into error log, probably with rewrite_log on; added to your config (and error_log set to at least "notice" level), it should give you enough information to find out what goes wrong. > I want > http://www.mysite.com/bbs/thread-4270-1-2.html > to > http://www.mysite.com/forum.php?mod=viewthread&tid=4270&extra=1&page=2 > > > why the following conf does not work? > location ~* ^/bbs/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ { > rewrite ^/bbs/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ /forum.php?mod=viewthread&tid=$1&extra=$2&page=$3 break; > } This will likely result in /forum.php source code being returned as you use "break" and doesn't handle php in the location in question. See http://nginx.org/r/rewrite for details. Maxim Dounin > > > Thank you ! > > > > > > > > Hello! > On Tue, Sep 04, 2012 at 10:59:40AM +0800, sosogh wrote: > > HI list > > I want to redirect > > http://www.mysite.com/bbs/viewthread.php?tid=8123&extra= > > to > > http://www.mysite.com/forum.php?mod=viewthread&tid=8123 > > > > This is what I place in the "server" block in the nginx.conf > > rewrite ^/bbs/viewthread.php?tid=([0-9]+).*$ /forum.php?mod=viewthread&tid=$1 last; > > > > but when visit http://www.mysite.com/bbs/viewthread.php?tid=8123&extra=. > > It shows 404 error. > > > > Could anyone point me out what is wrong? > > Thank you! > The rewrite in question won't match anything as rewrite work with > URI without arguments. Use something like this instead: > location = /bbs/viewthread.php { > if ($arg_tid ~ ^[0-9]+$) { > rewrite ^ /forum.php?mod=viewthread&tid=$arg_tid? last; > } > ... > } > Some more details may be found here: > http://nginx.org/r/location > http://nginx.org/r/rewrite > http://nginx.org/r/if > Maxim Dounin > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From ianevans at digitalhit.com Tue Sep 4 17:47:31 2012 From: ianevans at digitalhit.com (Ian M. Evans) Date: Tue, 4 Sep 2012 13:47:31 -0400 Subject: Nginx location rule for Wordpress Multisite in subdirectories In-Reply-To: <20120830212737.GA18253@craic.sysops.org> References: <20120827204738.GD32371@craic.sysops.org> <503D2644.9020806@digitalhit.com> <20120830212737.GA18253@craic.sysops.org> Message-ID: On Thu, August 30, 2012 5:27 pm, Francis Daly wrote: > "prefix" locations (location, location ^~, and location =; although > the last isn't really a prefix) have the longest matching one chosen, > independent of the order in the config file. > > That's one of the reasons why it is good to avoid "regex" locations > if possible. Thanks for the info. From tuxtoti at gmail.com Tue Sep 4 19:55:07 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Wed, 5 Sep 2012 01:25:07 +0530 Subject: Variable interpolation in a regex. Message-ID: Hello All, I have a map block: map $http_cookie $myVal { "~adq_cnv(\d+)=($cmpid[^;]+#(?P\w{2}))(?:;|$)" $DC; default "XYZ"; } The $cmpid used in the left side of a map is to be interpolated from a location block : location ~ ^/cnv/(\d+)/ { set $cmpid $1; ... } But that is not working. I tried different variations like : ${cmpid}, \$cmpid . But to no luck. Any help would be appreciated. Thanks Harish From ne at vbart.ru Tue Sep 4 20:03:03 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Wed, 5 Sep 2012 00:03:03 +0400 Subject: Variable interpolation in a regex. In-Reply-To: References: Message-ID: <201209050003.03156.ne@vbart.ru> On Tuesday 04 September 2012 23:55:07 Harish Sundararaj wrote: > Hello All, > > I have a map block: > > map $http_cookie $myVal { > "~adq_cnv(\d+)=($cmpid[^;]+#(?P\w{2}))(?:;|$)" $DC; > default "XYZ"; > } > [...] > > But that is not working. I tried different variations like : ${cmpid}, > \$cmpid . But to no luck. > > Any help would be appreciated. Regular expressions in config file are compiled at the configuration phase, so you can't use variables there. wbr, Valentin V. Bartenev From tuxtoti at gmail.com Tue Sep 4 20:46:24 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Wed, 5 Sep 2012 02:16:24 +0530 Subject: Variable interpolation in a regex. In-Reply-To: <201209050003.03156.ne@vbart.ru> References: <201209050003.03156.ne@vbart.ru> Message-ID: Hi Valentin, Thanks. Is there any way to achieve the same thing through some other means, even if it takes a hit on the performance ? Thanks Harish On Wed, Sep 5, 2012 at 1:33 AM, Valentin V. Bartenev wrote: > On Tuesday 04 September 2012 23:55:07 Harish Sundararaj wrote: >> Hello All, >> >> I have a map block: >> >> map $http_cookie $myVal { >> "~adq_cnv(\d+)=($cmpid[^;]+#(?P\w{2}))(?:;|$)" $DC; >> default "XYZ"; >> } >> > [...] >> >> But that is not working. I tried different variations like : ${cmpid}, >> \$cmpid . But to no luck. >> >> Any help would be appreciated. > > Regular expressions in config file are compiled at the configuration phase, so > you can't use variables there. > > wbr, Valentin V. Bartenev > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From meteor8488 at 163.com Wed Sep 5 00:48:43 2012 From: meteor8488 at 163.com (fhal) Date: Wed, 5 Sep 2012 08:48:43 +0800 (CST) Subject: how can I block the attack like this? In-Reply-To: References: Message-ID: <665e09f4.2b7e.13993e68c05.Coremail.meteor8488@163.com> Thanks . But it seems WAF can only support nginx which version is lower than 1.2.0. At 2012-09-04 22:14:57,"magic.drums at gmail.com" wrote: what I see is that you want to block XSS attacks and code injection, that is why I recommend a WAF Regards, On Tue, Sep 4, 2012 at 10:49 AM, Jaap van Arragon wrote: Hi, If the user is coming from the same ip address you can block it in your iptables or firewall. Regards On 9/4/12 3:45 PM, "magic.drums at gmail.com" wrote: Hi, WAF(http://code.google.com/p/naxsi/) at possible solution? Regards, On Tue, Sep 4, 2012 at 10:42 AM, fhal wrote: Hi all, Today my server was attacked. After checked Nginx access log, I found logs like below: 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" It seems the attacker was using some tool to attack my server. You can see that the user agent / browser version are blank. Due to I can't block the blank user agent (some web browser is using blank user agent, for example, UC), is there any way can I use to block this kind of attack? Thank _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -- Victor Pereira -------------- next part -------------- An HTML attachment was scrubbed... URL: From magic.drums at gmail.com Wed Sep 5 01:47:52 2012 From: magic.drums at gmail.com (magic.drums at gmail.com) Date: Tue, 4 Sep 2012 21:47:52 -0400 Subject: how can I block the attack like this? In-Reply-To: <665e09f4.2b7e.13993e68c05.Coremail.meteor8488@163.com> References: <665e09f4.2b7e.13993e68c05.Coremail.meteor8488@163.com> Message-ID: I see that the documentation says it works only with older versions of nginx and according to what I see in the installation manual can be compiled with any version of nginx On Sep 4, 2012 9:49 PM, "fhal" wrote: > Thanks . > But it seems WAF can only support nginx which version is lower than 1.2.0. > > > At 2012-09-04 22:14:57,"magic.drums at gmail.com" > wrote: > > what I see is that you want to block XSS attacks and code injection, that > is why I recommend a WAF > > Regards, > > On Tue, Sep 4, 2012 at 10:49 AM, Jaap van Arragon < > j.vanarragon at lukkien.com> wrote: > >> Hi, >> >> If the user is coming from the same ip address you can block it in your >> iptables or firewall. >> >> Regards >> >> >> >> On 9/4/12 3:45 PM, "magic.drums at gmail.com" wrote: >> >> Hi, >> WAF(http://code.google.com/p/naxsi/) at possible solution? >> >> Regards, >> >> On Tue, Sep 4, 2012 at 10:42 AM, fhal wrote: >> >> Hi all, >> >> Today my server was attacked. After checked Nginx access log, I found >> logs like below: >> >> >> 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET >> /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" >> >> 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET >> /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" >> >> 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET >> /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" >> >> >> >> It seems the attacker was using some tool to attack my server. You can >> see that the user agent / browser version are blank. >> >> Due to I can't block the blank user agent (some web browser is using >> blank user agent, for example, UC), is there any way can I use to block >> this kind of attack? >> >> >> >> Thank >> >> >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx >> >> >> >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx >> > > > > -- > Victor Pereira > > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nbubingo at gmail.com Wed Sep 5 01:52:33 2012 From: nbubingo at gmail.com (=?GB2312?B?0qbOsLHz?=) Date: Wed, 5 Sep 2012 09:52:33 +0800 Subject: how can I block the attack like this? In-Reply-To: References: <665e09f4.2b7e.13993e68c05.Coremail.meteor8488@163.com> Message-ID: Try the limit_conn moule: http://nginx.org/en/docs/http/ngx_http_limit_conn_module.html. Or the limit_req module: http://nginx.org/en/docs/http/ngx_http_limit_req_module.html. 2012/9/5 magic.drums at gmail.com : > I see that the documentation says it works only with older versions of nginx > and according to what I see in the installation manual can be compiled with > any version of nginx > > On Sep 4, 2012 9:49 PM, "fhal" wrote: >> >> Thanks . >> But it seems WAF can only support nginx which version is lower than 1.2.0. >> >> >> At 2012-09-04 22:14:57,"magic.drums at gmail.com" >> wrote: >> >> what I see is that you want to block XSS attacks and code injection, that >> is why I recommend a WAF >> >> Regards, >> >> On Tue, Sep 4, 2012 at 10:49 AM, Jaap van Arragon >> wrote: >>> >>> Hi, >>> >>> If the user is coming from the same ip address you can block it in your >>> iptables or firewall. >>> >>> Regards >>> >>> >>> >>> On 9/4/12 3:45 PM, "magic.drums at gmail.com" wrote: >>> >>> Hi, >>> WAF(http://code.google.com/p/naxsi/) at possible solution? >>> >>> Regards, >>> >>> On Tue, Sep 4, 2012 at 10:42 AM, fhal wrote: >>> >>> Hi all, >>> >>> Today my server was attacked. After checked Nginx access log, I found >>> logs like below: >>> >>> >>> 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET >>> /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" >>> >>> 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET >>> /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" >>> >>> 116.114.17.182 - - [04/Sep/2012:20:27:41 +0800] "GET >>> /member.php??username=xxxx&rndnum=-1777927191 HTTP/1.1" 500 186 "-" "-" "-" >>> >>> >>> >>> It seems the attacker was using some tool to attack my server. You can >>> see that the user agent / browser version are blank. >>> >>> Due to I can't block the blank user agent (some web browser is using >>> blank user agent, for example, UC), is there any way can I use to block this >>> kind of attack? >>> >>> >>> >>> Thank >>> >>> >>> >>> _______________________________________________ >>> nginx mailing list >>> nginx at nginx.org >>> http://mailman.nginx.org/mailman/listinfo/nginx >>> >>> >>> >>> >>> _______________________________________________ >>> nginx mailing list >>> nginx at nginx.org >>> http://mailman.nginx.org/mailman/listinfo/nginx >> >> >> >> >> -- >> Victor Pereira >> >> >> >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From lists at ruby-forum.com Wed Sep 5 09:07:48 2012 From: lists at ruby-forum.com (Waldo Emerson) Date: Wed, 05 Sep 2012 11:07:48 +0200 Subject: How to deal with Windows 7 password recovery In-Reply-To: References: Message-ID: Hi Lincolne, According to me if you have forget your windows 7 Administrator password then boot disk is the only option which can help you to reset your password. Either you can use Windows 7 boot disk(as suggested by your friend) or any other third party windows password recovery tool. -- Posted via http://www.ruby-forum.com/. From zhuzhaoyuan at gmail.com Wed Sep 5 17:06:04 2012 From: zhuzhaoyuan at gmail.com (Joshua Zhu) Date: Thu, 6 Sep 2012 01:06:04 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 Message-ID: Hi folks, We are excited to announce that Tengine-1.4.0 has been released. This is the first release of the 1.4 development branch. You can either checkout the source code from github: https://github.com/taobao/tengine or download the tarball directly: http://tengine.taobao.org/download/tengine-1.4.0.tar.gz The highlight of this release is the dynamic module loading support (http://tengine.taobao.org/document/dso.html). We now can load modules upon demand instead of having to recompile nginx with the individual modules. It is very convenient for module developers and corporations. And as this release, Tengine is based on Nginx-1.2.3. Complete changelog is as follows: *) Feature: added the dynamic module loading support (a.k.a. DSO), so we don't have to recompile tengine when we want to add a new module. (monadbobo) *) Feature: updated the Lua module to the latest stable version. (chaoslawful, agentzh, jinglong) *) Feature: added json and csv format output for the upstream_check module. (yaoweibin) *) Feature: added the 'log_empty_request' directive which could be used to turn off logs from a connection without HTTP data. (zhuzhaoyuan) *) Feature: added the 'concat_delimiter' directive to the concat module to allow adding delimiter between each file. (dinic) *) Feature: added the 'concat_ignore_file_error' directive to ignore file errors and the syntax of concat is less strict now. (dinic) *) Feature: added the 'default' option to the 'error_page' directive to set all error pages to default values. (jinglong) *) Feature: added the 'priority' directive of the procs module. (yzprofile) *) Feature: added the 'delay_start' directive of the procs module. (yzprofile) *) Change: merged changes from nginx-1.2.3. (zhuzhaoyuan) *) Bugfix: fixed a segmentation fault bug of the geo module when 'range' was set without default value. (yzprofile) *) Bugfix: fixed a segmentation fault bug with the procs module. (yzprofile) *) Bugfix: fixed a socket leak bug when upstream_check was enabled. (yaoweibin) *) Bugfix: fixed some bugs of the limit_req module. (monadbobo) *) Bugfix: fixed wrong format types with error logs. (yaoweibin) *) Bugfix: fixed a compile error if the perl module was used with procs. (yzprofile) For those who don't know Tengine, it is a free and open source distribution of Nginx with some advanced features. See our website for more details: http://tengine.taobao.org Have fun! Regards, -- Joshua Zhu Senior Software Engineer Server Platforms Team at Taobao From smallfish.xy at gmail.com Thu Sep 6 01:57:06 2012 From: smallfish.xy at gmail.com (smallfish) Date: Thu, 6 Sep 2012 09:57:06 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: Message-ID: great! -- blog: http://chenxiaoyu.org On Thu, Sep 6, 2012 at 1:06 AM, Joshua Zhu wrote: > Hi folks, > > We are excited to announce that Tengine-1.4.0 has been released. This > is the first release of the 1.4 development branch. You can either > checkout the source code from github: > https://github.com/taobao/tengine or download the tarball directly: > http://tengine.taobao.org/download/tengine-1.4.0.tar.gz > > The highlight of this release is the dynamic module loading support > (http://tengine.taobao.org/document/dso.html). We now can load modules > upon demand instead of having to recompile nginx with the individual > modules. It is very convenient for module developers and corporations. > And as this release, Tengine is based on Nginx-1.2.3. > Complete changelog is as follows: > *) Feature: added the dynamic module loading support (a.k.a. DSO), > so we don't have to recompile tengine when we want to add a new > module. (monadbobo) > *) Feature: updated the Lua module to the latest stable version. > (chaoslawful, agentzh, jinglong) > *) Feature: added json and csv format output for the > upstream_check module. (yaoweibin) > *) Feature: added the 'log_empty_request' directive which could be > used to turn off logs from a connection without HTTP data. > (zhuzhaoyuan) > *) Feature: added the 'concat_delimiter' directive to the concat > module to allow adding delimiter between each file. (dinic) > *) Feature: added the 'concat_ignore_file_error' directive to > ignore file errors and the syntax of concat is less strict now. > (dinic) > *) Feature: added the 'default' option to the 'error_page' > directive to set all error pages to default values. (jinglong) > *) Feature: added the 'priority' directive of the procs module. > (yzprofile) > *) Feature: added the 'delay_start' directive of the procs module. > (yzprofile) > *) Change: merged changes from nginx-1.2.3. (zhuzhaoyuan) > *) Bugfix: fixed a segmentation fault bug of the geo module when > 'range' was set without default value. (yzprofile) > *) Bugfix: fixed a segmentation fault bug with the procs module. > (yzprofile) > *) Bugfix: fixed a socket leak bug when upstream_check was > enabled. (yaoweibin) > *) Bugfix: fixed some bugs of the limit_req module. (monadbobo) > *) Bugfix: fixed wrong format types with error logs. (yaoweibin) > *) Bugfix: fixed a compile error if the perl module was used with > procs. (yzprofile) > > For those who don't know Tengine, it is a free and open source > distribution of Nginx with some advanced features. See our website for > more details: http://tengine.taobao.org > Have fun! > > Regards, > > -- > Joshua Zhu > Senior Software Engineer > Server Platforms Team at Taobao > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From cickumqt at gmail.com Thu Sep 6 04:01:38 2012 From: cickumqt at gmail.com (Christopher Meng) Date: Thu, 6 Sep 2012 12:01:38 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: Message-ID: Does nginx support DSO now? -- *Yours sincerely,* *Christopher Meng* Ambassador/Contributor of Fedora Project and many others. http://cicku.me -------------- next part -------------- An HTML attachment was scrubbed... URL: From zhuzhaoyuan at gmail.com Thu Sep 6 04:23:50 2012 From: zhuzhaoyuan at gmail.com (Joshua Zhu) Date: Thu, 6 Sep 2012 12:23:50 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: Message-ID: Hi, On Thu, Sep 6, 2012 at 12:01 PM, Christopher Meng wrote: > Does nginx support DSO now? Not yet, as far as I know. And that's why we developed this feature (Dynamic Module Loading) by ourselves. BTW, we'll pick out the patches against standard Nginx and post them on this mailing list later. Regards, -- Joshua Zhu Senior Software Engineer Server Platforms Team at Taobao From david.yu.ftw at gmail.com Thu Sep 6 05:19:08 2012 From: david.yu.ftw at gmail.com (David Yu) Date: Thu, 6 Sep 2012 13:19:08 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: Message-ID: On Thu, Sep 6, 2012 at 1:06 AM, Joshua Zhu wrote: > Hi folks, > > We are excited to announce that Tengine-1.4.0 has been released. This > is the first release of the 1.4 development branch. You can either > checkout the source code from github: > https://github.com/taobao/tengine or download the tarball directly: > http://tengine.taobao.org/download/tengine-1.4.0.tar.gz > > The highlight of this release is the dynamic module loading support > (http://tengine.taobao.org/document/dso.html). We now can load modules > upon demand instead of having to recompile nginx with the individual > modules. It is very convenient for module developers and corporations. > And as this release, Tengine is based on Nginx-1.2.3. > Complete changelog is as follows: > *) Feature: added the dynamic module loading support (a.k.a. DSO), > so we don't have to recompile tengine when we want to add a new > module. (monadbobo) > *) Feature: updated the Lua module to the latest stable version. > (chaoslawful, agentzh, jinglong) > *) Feature: added json and csv format output for the > upstream_check module. (yaoweibin) > *) Feature: added the 'log_empty_request' directive which could be > used to turn off logs from a connection without HTTP data. > (zhuzhaoyuan) > *) Feature: added the 'concat_delimiter' directive to the concat > module to allow adding delimiter between each file. (dinic) > *) Feature: added the 'concat_ignore_file_error' directive to > ignore file errors and the syntax of concat is less strict now. > (dinic) > *) Feature: added the 'default' option to the 'error_page' > directive to set all error pages to default values. (jinglong) > *) Feature: added the 'priority' directive of the procs module. > (yzprofile) > *) Feature: added the 'delay_start' directive of the procs module. > (yzprofile) > *) Change: merged changes from nginx-1.2.3. (zhuzhaoyuan) > *) Bugfix: fixed a segmentation fault bug of the geo module when > 'range' was set without default value. (yzprofile) > *) Bugfix: fixed a segmentation fault bug with the procs module. > (yzprofile) > *) Bugfix: fixed a socket leak bug when upstream_check was > enabled. (yaoweibin) > *) Bugfix: fixed some bugs of the limit_req module. (monadbobo) > *) Bugfix: fixed wrong format types with error logs. (yaoweibin) > *) Bugfix: fixed a compile error if the perl module was used with > procs. (yzprofile) > > For those who don't know Tengine, it is a free and open source > distribution of Nginx with some advanced features. See our website for > more details: http://tengine.taobao.org > Have fun! > Very nice! If you have a benchmark comparing performance with compiled modules vs DSO, please do share. I'm expecting the speed difference to be too small to notice. > > Regards, > > -- > Joshua Zhu > Senior Software Engineer > Server Platforms Team at Taobao > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -- When the cat is away, the mouse is alone. - David Yu -------------- next part -------------- An HTML attachment was scrubbed... URL: From mike503 at gmail.com Thu Sep 6 05:54:27 2012 From: mike503 at gmail.com (Michael Shadle) Date: Wed, 5 Sep 2012 22:54:27 -0700 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: Message-ID: I would love to see and even pledge a bounty (if Igor, Maxim and team even need any money anymore! :p) to get DSO into nginx mainline... On Wed, Sep 5, 2012 at 10:19 PM, David Yu wrote: > > > On Thu, Sep 6, 2012 at 1:06 AM, Joshua Zhu wrote: >> >> Hi folks, >> >> We are excited to announce that Tengine-1.4.0 has been released. This >> is the first release of the 1.4 development branch. You can either >> checkout the source code from github: >> https://github.com/taobao/tengine or download the tarball directly: >> http://tengine.taobao.org/download/tengine-1.4.0.tar.gz >> >> The highlight of this release is the dynamic module loading support >> (http://tengine.taobao.org/document/dso.html). We now can load modules >> upon demand instead of having to recompile nginx with the individual >> modules. It is very convenient for module developers and corporations. >> And as this release, Tengine is based on Nginx-1.2.3. >> Complete changelog is as follows: >> *) Feature: added the dynamic module loading support (a.k.a. DSO), >> so we don't have to recompile tengine when we want to add a new >> module. (monadbobo) >> *) Feature: updated the Lua module to the latest stable version. >> (chaoslawful, agentzh, jinglong) >> *) Feature: added json and csv format output for the >> upstream_check module. (yaoweibin) >> *) Feature: added the 'log_empty_request' directive which could be >> used to turn off logs from a connection without HTTP data. >> (zhuzhaoyuan) >> *) Feature: added the 'concat_delimiter' directive to the concat >> module to allow adding delimiter between each file. (dinic) >> *) Feature: added the 'concat_ignore_file_error' directive to >> ignore file errors and the syntax of concat is less strict now. >> (dinic) >> *) Feature: added the 'default' option to the 'error_page' >> directive to set all error pages to default values. (jinglong) >> *) Feature: added the 'priority' directive of the procs module. >> (yzprofile) >> *) Feature: added the 'delay_start' directive of the procs module. >> (yzprofile) >> *) Change: merged changes from nginx-1.2.3. (zhuzhaoyuan) >> *) Bugfix: fixed a segmentation fault bug of the geo module when >> 'range' was set without default value. (yzprofile) >> *) Bugfix: fixed a segmentation fault bug with the procs module. >> (yzprofile) >> *) Bugfix: fixed a socket leak bug when upstream_check was >> enabled. (yaoweibin) >> *) Bugfix: fixed some bugs of the limit_req module. (monadbobo) >> *) Bugfix: fixed wrong format types with error logs. (yaoweibin) >> *) Bugfix: fixed a compile error if the perl module was used with >> procs. (yzprofile) >> >> For those who don't know Tengine, it is a free and open source >> distribution of Nginx with some advanced features. See our website for >> more details: http://tengine.taobao.org >> Have fun! > > > Very nice! If you have a benchmark comparing performance with compiled > modules vs DSO, please do share. > I'm expecting the speed difference to be too small to notice. > >> >> >> Regards, >> >> -- >> Joshua Zhu >> Senior Software Engineer >> Server Platforms Team at Taobao >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx > > > > > -- > When the cat is away, the mouse is alone. > - David Yu > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From cickumqt at gmail.com Thu Sep 6 06:11:10 2012 From: cickumqt at gmail.com (Christopher Meng) Date: Thu, 6 Sep 2012 14:11:10 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: Message-ID: I hope this,too. IMO,nginx should apply this patch therefore people can load or unload modules like apache. My servers use epel to install nginx, however this may be difficult for users to compile and use a 3rd party module which they want,so DSO REALLY solve my problem. And I've taken a look at nginx mailinglist,it seems the upstream doesn't want to patch this feature into master branch.Right? if so, that's a pity...... -- *Yours sincerely,* *Christopher Meng* Ambassador/Contributor of Fedora Project and many others. http://cicku.me -------------- next part -------------- An HTML attachment was scrubbed... URL: From zhuzhaoyuan at gmail.com Thu Sep 6 06:24:44 2012 From: zhuzhaoyuan at gmail.com (Joshua Zhu) Date: Thu, 6 Sep 2012 14:24:44 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: Message-ID: Hi David, On Thu, Sep 6, 2012 at 1:19 PM, David Yu wrote: > [snip] > > Very nice! If you have a benchmark comparing performance with compiled > modules vs DSO, please do share. > I'm expecting the speed difference to be too small to notice. > Yeah we have compared the performance though I have no formal report on hand. The performance difference was too trivial to notice. Regards, -- Joshua Zhu Senior Software Engineer Server Platforms Team at Taobao From r at roze.lv Thu Sep 6 06:48:58 2012 From: r at roze.lv (Reinis Rozitis) Date: Thu, 6 Sep 2012 09:48:58 +0300 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: Message-ID: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> > I would love to see and even pledge a bounty (if Igor, Maxim and team even > need any money anymore! :p) to get DSO into nginx mainline... Sorry to hijack Tengine release thread but whats the gain/advantages of having dynamic modules (potentially having a performance loss) in nginx versus a single executable? On a moderate system it takes like 3-5 seconds to recompile full source and seamlessly rotate to the new version. rr From nbubingo at gmail.com Thu Sep 6 06:49:31 2012 From: nbubingo at gmail.com (=?GB2312?B?0qbOsLHz?=) Date: Thu, 6 Sep 2012 14:49:31 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: Message-ID: In our internal simple tests, it shows about 2% performance differences between dynamic and static loading. We welcome any third party benchmark report with this module. 2012/9/6 Joshua Zhu : > Hi David, > > On Thu, Sep 6, 2012 at 1:19 PM, David Yu wrote: >> > > [snip] > >> >> Very nice! If you have a benchmark comparing performance with compiled >> modules vs DSO, please do share. >> I'm expecting the speed difference to be too small to notice. >> > > Yeah we have compared the performance though I have no formal report > on hand. The performance difference was too trivial to notice. > > Regards, > > -- > Joshua Zhu > Senior Software Engineer > Server Platforms Team at Taobao > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From nbubingo at gmail.com Thu Sep 6 07:03:25 2012 From: nbubingo at gmail.com (=?GB2312?B?0qbOsLHz?=) Date: Thu, 6 Sep 2012 15:03:25 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> References: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> Message-ID: Hi, Friend, But it's useful of us, we are serving more than 500 applications in our company and we use redhat RPM package system to manager our servers. Different applications need different nginx modules. We have more than dozens of different nginx rpm packages for the applications. If one module appears a bug, we have to upgrade all the packages and production servers. It's not easy task every time for us. 2012/9/6 Reinis Rozitis : >> I would love to see and even pledge a bounty (if Igor, Maxim and team even >> need any money anymore! :p) to get DSO into nginx mainline... > > > Sorry to hijack Tengine release thread but whats the gain/advantages of > having dynamic modules (potentially having a performance loss) in nginx > versus a single executable? > On a moderate system it takes like 3-5 seconds to recompile full source and > seamlessly rotate to the new version. > > rr > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From mike503 at gmail.com Thu Sep 6 07:10:46 2012 From: mike503 at gmail.com (Michael Shadle) Date: Thu, 6 Sep 2012 00:10:46 -0700 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> References: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> Message-ID: the basic concept of "modules" are pluggable instruments to extend something else. having to compile it in makes it less modular. DSO support would make package management in distributions seamless. minor differences in any one single module means you need to recompile the entire binary for that small change instead of a single .so for example being changed and the server gracefully reloading. On Wed, Sep 5, 2012 at 11:48 PM, Reinis Rozitis wrote: >> I would love to see and even pledge a bounty (if Igor, Maxim and team even >> need any money anymore! :p) to get DSO into nginx mainline... > > > Sorry to hijack Tengine release thread but whats the gain/advantages of > having dynamic modules (potentially having a performance loss) in nginx > versus a single executable? > On a moderate system it takes like 3-5 seconds to recompile full source and > seamlessly rotate to the new version. > > rr > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From mdounin at mdounin.ru Thu Sep 6 10:34:24 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 6 Sep 2012 14:34:24 +0400 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> Message-ID: <20120906103424.GC40452@mdounin.ru> Hello! On Thu, Sep 06, 2012 at 12:10:46AM -0700, Michael Shadle wrote: > the basic concept of "modules" are pluggable instruments to extend > something else. > > having to compile it in makes it less modular. DSO support would make > package management in distributions seamless. > > minor differences in any one single module means you need to recompile > the entire binary for that small change instead of a single .so for > example being changed and the server gracefully reloading. The main problem with dynamically loaded modules is ABI, and that's why we don't support it now. With even minor difference in nginx core you'll need to recompile all modules - else you'll see unexpected behaviour here and there due to ABI changes. Moreover, right now we don't maintain ABI even within single source code base - various structure layout may change depending on various configure options and test results. That is, if one needs to compile loadable modules - the only valid option now is to compile them with nginx itself, else expect problems. With this in mind it doesn't really make sense to support dynamic modules. Especially if you also consider resulting performance loss (and nginx's seamless upgrade process as mentioned by Reinis). So the question isn't really about dynamic modules by itself. Question is about (at least tracking of) ABI provided for modules. For now it's something mostly nonexistent. Not even talking about resulting problems due to use of other libraries n loaded modules. I've seen Apache segfaulting due to incompatible libraries used in modules more than once, and I don't really want to see the same with nginx. Maxim Dounin From mike503 at gmail.com Thu Sep 6 16:27:18 2012 From: mike503 at gmail.com (Michael Shadle) Date: Thu, 6 Sep 2012 09:27:18 -0700 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: <20120906103424.GC40452@mdounin.ru> References: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> <20120906103424.GC40452@mdounin.ru> Message-ID: <25A69F32-62DE-4BBF-9BB0-9E14DE049BDF@gmail.com> Maxim, I knew the ABI reasoning was behind it as this has came up at least once before. Just wanted to express it again. Curious how tengine does it with very small performance loss still based off the nginx code base. Perhaps something to look at? :) that's all. From tuxtoti at gmail.com Thu Sep 6 18:21:56 2012 From: tuxtoti at gmail.com (Harish Sundararaj) Date: Thu, 6 Sep 2012 23:51:56 +0530 Subject: backup servers/ proxy_next_upstream questions Message-ID: Hello All, I have a few questions on backup servers and proxy_next_upstream in general: For the backup server the doc says: "only uses this server if the non-backup servers are all down or busy" 1) So what exactly constitutes down or busy? Is it just response codes - 502,503 and 504 or anything else? 2) Will the same request which received such an error be sent to a backup server or is it only subsequent requests? 3) Can I say 504s happen when proxy_connect_timeout/proxy_read_timeout is reached? Is there a way to find out which among these is happening? 4) Also, In proxy_next_upstream : error ? an error has occurred while connecting to the server, sending a request to it, or reading its response; timeout ? occurred timeout during the connection with the server, transfer the request or while reading response from the server; I'm not able to clearly distinguish between both of these. What kind of scenarios explain these? 5) In a case when proxy_next_upstream is off and when a backup server is provided, will nginx still try all non-backup servers before sending it to backup servers? Thanks Harish From ianevans at digitalhit.com Thu Sep 6 18:22:07 2012 From: ianevans at digitalhit.com (Ian Evans) Date: Thu, 06 Sep 2012 14:22:07 -0400 Subject: rewrite to www EXCEPT for one directory Message-ID: <5048E9CF.2000003@digitalhit.com> I have the following in my nginx.conf to redirect to www. to deal with Google duplicate issues. server { server_name example.com listen 80; location / { rewrite ^(.*) http://www.example.com$1 permanent; } } However, WordPress, which I'm installing in /blogs, is strongly suggesting that we drop the www, at least for WordPress. Is there a way to change the above config so it will do the "add www" redirect EXCEPT for when the location is /blogs or below? (it's a multisite install so there'll be /blogs/blog1, /blogs/blog2, etc) From ne at vbart.ru Thu Sep 6 18:38:10 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Thu, 6 Sep 2012 22:38:10 +0400 Subject: rewrite to www EXCEPT for one directory In-Reply-To: <5048E9CF.2000003@digitalhit.com> References: <5048E9CF.2000003@digitalhit.com> Message-ID: <201209062238.11127.ne@vbart.ru> On Thursday 06 September 2012 22:22:07 Ian Evans wrote: > I have the following in my nginx.conf to redirect to www. to deal with > Google duplicate issues. > > server { > server_name example.com > listen 80; > location / { > rewrite ^(.*) http://www.example.com$1 permanent; > } > } > > However, WordPress, which I'm installing in /blogs, is strongly > suggesting that we drop the www, at least for WordPress. > > Is there a way to change the above config so it will do the "add www" > redirect EXCEPT for when the location is /blogs or below? (it's a > multisite install so there'll be /blogs/blog1, /blogs/blog2, etc) > server { listen 80; server_name example.com; location / { return 301 http://www.example.com$request_uri; } location /blogs { # configuration for WordPress } } wbr, Valentin V. Bartenev -- http://nginx.org/donate http://nginx.com/support.html From eddy at SDF.ORG Thu Sep 6 20:32:48 2012 From: eddy at SDF.ORG (eddy at SDF.ORG) Date: Thu, 6 Sep 2012 20:32:48 -0000 Subject: rewrite to www EXCEPT for one directory Message-ID: <6035eeecc9a1dc872017e3bd911ead23.squirrel@wm.sdf.org> > On Thursday 06 September 2012 22:22:07 Ian Evans wrote: > server { > listen 80; > server_name example.com; > location / { > return 301 http://www.example.com$request_uri; > } > location /blogs { > # configuration for WordPress > } > } > wbr, Valentin V. Bartenev I suggest to use $scheme like in: rewrite ^(.*) $scheme://www.example.org/$1 permanent; to keep the https connection (if a client wants to use it). otherwise your server drops the https connection and the client will connect over http. i.e.: if you want to use /wp-admin only over https with "define('FORCE_SSL_ADMIN', true);" in /wp-config.php, it will safe you a lot of annoying behavior... ~ed From ne at vbart.ru Thu Sep 6 21:34:33 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Fri, 7 Sep 2012 01:34:33 +0400 Subject: rewrite to www EXCEPT for one directory In-Reply-To: <6035eeecc9a1dc872017e3bd911ead23.squirrel@wm.sdf.org> References: <6035eeecc9a1dc872017e3bd911ead23.squirrel@wm.sdf.org> Message-ID: <201209070134.33235.ne@vbart.ru> On Friday 07 September 2012 00:32:48 eddy at sdf.org wrote: [...] > I suggest to use $scheme like in: > > rewrite ^(.*) $scheme://www.example.org/$1 permanent; > > to keep the https connection (if a client wants to use it). otherwise your > server drops the https connection and the client will connect over http. > i.e.: if you want to use /wp-admin only over https with > "define('FORCE_SSL_ADMIN', true);" in /wp-config.php, it will safe you a > lot of annoying behavior... > "listen 80;" means that this server section doesn't handle https connections. And please do not use ugly rewrites instead of simple "return", where it's possible. wbr, Valentin V. Bartenev -- http://nginx.org/en/donation.html http://nginx.com/support.html From eddy at sdf.org Thu Sep 6 22:51:35 2012 From: eddy at sdf.org (eddy at sdf.org) Date: Thu, 6 Sep 2012 22:51:35 -0000 Subject: rewrite to www EXCEPT for one directory In-Reply-To: <201209070134.33235.ne@vbart.ru> References: <6035eeecc9a1dc872017e3bd911ead23.squirrel@wm.sdf.org> <201209070134.33235.ne@vbart.ru> Message-ID: > On Friday 07 September 2012 00:32:48 eddy at sdf.org wrote: > And please do not use ugly rewrites instead of simple "return", where it's > possible. > > wbr, Valentin V. Bartenev maybe it's a stupid question, but: if 'permanent - returns permanent redirect with code 301' (http://wiki.nginx.org/HttpRewriteModule), then why one should use 'return 301 URL' instat? or its more about to avoid rewriting rules generaly? if yes, why is this so? a few weeks ago, i followed a discussion about to avoid if-rules because of performance with large rule sets. but i can't see this argument with one rewriting rule, which only takes action at first connect from client to server. it's just a little bit confusing for me 'cause of so many poorly writen config examples around the web, and it's the first time i see this way with 'return 301 URL' for redirecting example.org to www.example.org. ~ed From edho at myconan.net Fri Sep 7 00:13:04 2012 From: edho at myconan.net (Edho Arief) Date: Fri, 7 Sep 2012 07:13:04 +0700 Subject: rewrite to www EXCEPT for one directory In-Reply-To: References: <6035eeecc9a1dc872017e3bd911ead23.squirrel@wm.sdf.org> <201209070134.33235.ne@vbart.ru> Message-ID: On Fri, Sep 7, 2012 at 5:51 AM, wrote: > maybe it's a stupid question, but: if 'permanent - returns permanent > redirect with code 301' (http://wiki.nginx.org/HttpRewriteModule), then > why one should use 'return 301 URL' instat? > I believe a "return 301 URL" doesn't do regexp processing compared to rewrite. From ne at vbart.ru Fri Sep 7 00:14:20 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Fri, 7 Sep 2012 04:14:20 +0400 Subject: rewrite to www EXCEPT for one directory In-Reply-To: References: <6035eeecc9a1dc872017e3bd911ead23.squirrel@wm.sdf.org> <201209070134.33235.ne@vbart.ru> Message-ID: <201209070414.20654.ne@vbart.ru> On Friday 07 September 2012 02:51:35 eddy at sdf.org wrote: > > On Friday 07 September 2012 00:32:48 eddy at sdf.org wrote: > > > > And please do not use ugly rewrites instead of simple "return", where > > it's possible. > > maybe it's a stupid question, but: if 'permanent - returns permanent > redirect with code 301' (http://wiki.nginx.org/HttpRewriteModule), then > why one should use 'return 301 URL' instat? Because the "return" directive is a simple construction that doesn't involve execution of regular expressions, and looks more declarative. Moreover, you do not need to capture full URI, when you have variables like $uri and $request_uri. Therefore, something like ^(.*)$ is just a waste of resources. > or its more about to avoid rewriting rules generaly? if yes, why is this > so? a few weeks ago, i followed a discussion about to avoid if-rules > because of performance with large rule sets. but i can't see this argument > with one rewriting rule, which only takes action at first connect from > client to server. This is less about performance, but rather it's more about keeping config clean and simple. > it's just a little bit confusing for me 'cause of so many poorly writen > config examples around the web, and it's the first time i see this way > with 'return 301 URL' for redirecting example.org to www.example.org. > So many examples and tutorials around the web have written by guys who have little understanding of the subject. And often they just copy-paste configuration from each other. But in this particular case, it is worth to bear in mind, that early versions of nginx doesn't support 'return 30x URL'. See the official documentation for details: http://nginx.org/r/return wbr, Valentin V. Bartenev -- http://nginx.org/en/donation.html http://nginx.com/support.html From zhuzhaoyuan at gmail.com Fri Sep 7 02:07:08 2012 From: zhuzhaoyuan at gmail.com (Joshua Zhu) Date: Fri, 7 Sep 2012 10:07:08 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: <25A69F32-62DE-4BBF-9BB0-9E14DE049BDF@gmail.com> References: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> <20120906103424.GC40452@mdounin.ru> <25A69F32-62DE-4BBF-9BB0-9E14DE049BDF@gmail.com> Message-ID: Hi Michael, On Fri, Sep 7, 2012 at 12:27 AM, Michael Shadle wrote: > Maxim, > > I knew the ABI reasoning was behind it as this has came up at least once before. Just wanted to express it again. Curious how tengine does it with very small performance loss still based off the nginx code base. Perhaps something to look at? :) that's all. > We already know the limitations pointed out by Maxim and thank Maxim for making it clear several times. Definitely it's difficult to solve them, especially the ABI problem. The approach we'll take is keeping the ABI of the stable versions as conservative as we can, i.e. we'll not change the ABI of a stable branch. And the ABI changes will just happen in a development branch. In such a way it may reduce the value of dynamically loaded modules, but it's better than nothing. Regards, -- Joshua Zhu Senior Software Engineer Server Platforms Team at Taobao From mdounin at mdounin.ru Fri Sep 7 08:47:41 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Fri, 7 Sep 2012 12:47:41 +0400 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> <20120906103424.GC40452@mdounin.ru> <25A69F32-62DE-4BBF-9BB0-9E14DE049BDF@gmail.com> Message-ID: <20120907084741.GI40452@mdounin.ru> Hello! On Fri, Sep 07, 2012 at 10:07:08AM +0800, Joshua Zhu wrote: > Hi Michael, > > On Fri, Sep 7, 2012 at 12:27 AM, Michael Shadle wrote: > > Maxim, > > > > I knew the ABI reasoning was behind it as this has came up at least once before. Just wanted to express it again. Curious how tengine does it with very small performance loss still based off the nginx code base. Perhaps something to look at? :) that's all. > > > > We already know the limitations pointed out by Maxim and thank Maxim > for making it clear several times. Definitely it's difficult to solve > them, especially the ABI problem. The approach we'll take is keeping > the ABI of the stable versions as conservative as we can, i.e. we'll > not change the ABI of a stable branch. And the ABI changes will just > happen in a development branch. > > In such a way it may reduce the value of dynamically loaded modules, > but it's better than nothing. The question isn't really about "keeping ABI in the stable branch", checking version signature is more or less enough here (unless you apply patches which change the ABI within the same version). It's more about what happens once you'll try to load a module compiled with --with-ipv6 into nginx compiled without this flag (or vice versa). Layout of the ngx_connection_t structure will be different in nginx itself and the module, and the resulting code will happily do various unexpected thing. And the same thing may even happen without any changes in configure arguments - e.g. if OS was upgraded and nginx now detects some new feature it want to use. Maxim Dounin From appa at perusio.net Fri Sep 7 12:19:57 2012 From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida) Date: Fri, 07 Sep 2012 14:19:57 +0200 Subject: rewrite to www EXCEPT for one directory In-Reply-To: References: <6035eeecc9a1dc872017e3bd911ead23.squirrel@wm.sdf.org> <201209070134.33235.ne@vbart.ru> Message-ID: <87d31yqb2q.wl%appa@perusio.net> On 7 Set 2012 02h13 CEST, edho at myconan.net wrote: > On Fri, Sep 7, 2012 at 5:51 AM, wrote: >> maybe it's a stupid question, but: if 'permanent - returns >> permanent redirect with code 301' >> (http://wiki.nginx.org/HttpRewriteModule), then why one should use >> 'return 301 URL' instat? >> > > I believe a "return 301 URL" doesn't do regexp processing compared > to rewrite. You generate the variable/group on the location and then you can use it on the return statement. Very rarely is there a need to use a rewrite IMHO. I think it has more to do with the (bad) habits that mod_rewrite promotes. That's where we came from. YMMV, --- appa From lists at ruby-forum.com Sat Sep 8 18:16:44 2012 From: lists at ruby-forum.com (Larry P.) Date: Sat, 08 Sep 2012 20:16:44 +0200 Subject: Nginx Frontend with Apache2 and Drupal6 Message-ID: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> Hi, I have a dedicated server running Nginx as a front end and apache2 on port:8080. An online game is installed as an application in drupal6. The site works fine without any issues. The problem is that when someone wants to visit the site; it is necessary to enter 'example.com/drupal6'. I wish to change it so that a visitor only needs to enter 'example.com' to access the drupal site. I have tried many modifications of the Nginx and apache2 configuration files without success. I usually end up breaking something. I would appreciate if some could offer some advice in this area. here is how my server is configured. ***NGINX 0.7.67*** ********sites-available/default******** server { listen 80; server_name mywebsit.com; access_log /var/log/nginx/localhost.access.log; location /POLL { proxy_pass http://127.0.0.1:8081; } location /RADIOEDIT_REST { proxy_pass http://127.0.0.1:19384/RADIOEDIT_REST; } location / { proxy_pass http://127.0.0.1:8080; } location /doc { root /usr/share; autoindex on; allow 127.0.0.1; deny all; } location /images { root /usr/share; autoindex on; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /var/www/nginx-default; } } ********nginx/nginx.conf******** user www-data; worker_processes 4; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; access_log /var/log/nginx/access.log; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; tcp_nodelay on; gzip on; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } ********nginx/conf.d/proxy.conf******* proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffering off; proxy_read_timeout 300; proxy_buffers 64 8k; proxy_buffer_size 128k; ***APACHE2*** ********apache2/sites-available/default******** proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffering off; proxy_read_timeout 300; proxy_buffers 64 8k; proxy_buffer_size 128k; ********apache2/ports.conf******** # If you just change the port or add more ports here, you will likely also # have to change the VirtualHost statement in # /etc/apache2/sites-enabled/000-default # This is also true if you have upgraded from before 2.2.9-3 (i.e. from # Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and # README.Debian.gz NameVirtualHost *:8080 Listen 8080 # If you add NameVirtualHost *:443 here, you will also have to change # the VirtualHost statement in /etc/apache2/sites-available/default-ssl # to # Server Name Indication for SSL named virtual hosts is currently not # supported by MSIE on Windows XP. Listen 443 Listen 443 ********apache2/conf.d/drupal6******** Alias /drupal6 /usr/share/drupal6 Options +FollowSymLinks AllowOverride All order allow,deny allow from all Thanks in advance! -- Posted via http://www.ruby-forum.com/. From mike503 at gmail.com Sat Sep 8 18:28:40 2012 From: mike503 at gmail.com (Michael Shadle) Date: Sat, 8 Sep 2012 11:28:40 -0700 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> Message-ID: <7377DC65-B525-4663-9456-18646FBEC84B@gmail.com> I believe all you need is the trailing slash location /POLL { proxy_pass http://127.0.0.1:8081/; } location /RADIOEDIT_REST { proxy_passhttp://127.0.0.1:19384/RADIOEDIT_REST/; } location / { proxy_pass http://127.0.0.1:8080/; } On Sep 8, 2012, at 11:16 AM, "Larry P." wrote: > location /POLL { > proxy_pass http://127.0.0.1:8081; > } > > location /RADIOEDIT_REST { > proxy_pass http://127.0.0.1:19384/RADIOEDIT_REST; > } > > location / { > proxy_pass http://127.0.0.1:8080; > } -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at ruby-forum.com Sat Sep 8 21:32:15 2012 From: lists at ruby-forum.com (Larry P.) Date: Sat, 08 Sep 2012 23:32:15 +0200 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> Message-ID: <25dd4337505c55690193bed5538054b0@ruby-forum.com> Tried adding the trailing slashes but didn't work. Caused website url to change to mywebsite.com:8080/drupal6 content was visible but game application didn't work. Also broke the original link whereas mywebsite.com/drupal6 worked. Anything else? Thanks for the input. -- Posted via http://www.ruby-forum.com/. From francis at daoine.org Sat Sep 8 22:40:51 2012 From: francis at daoine.org (Francis Daly) Date: Sat, 8 Sep 2012 23:40:51 +0100 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> Message-ID: <20120908224051.GL18253@craic.sysops.org> On Sat, Sep 08, 2012 at 08:16:44PM +0200, Larry P. wrote: Hi there, > The site works fine without any issues. The problem is that when > someone wants to visit the site; it is necessary to enter > 'example.com/drupal6'. I wish to change it so that a visitor only needs > to enter 'example.com' to access the drupal site. So, leave everything as-is, except if the user goes to the root of the site, they end up at the drupal url? Add location = / { return 301 http://example.com/drupal6; } and it should Just Work. >From your config file, you probably want to use "mywebsit.com" up there; and if the first thing a request to /drupal6 does is redirect you to /drupal6/, then you should probably use that instead too. f -- Francis Daly francis at daoine.org From lists at ruby-forum.com Sat Sep 8 23:34:13 2012 From: lists at ruby-forum.com (Larry P.) Date: Sun, 09 Sep 2012 01:34:13 +0200 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> Message-ID: Thanks Francis, I tried your suggestion but I get this error after restarting nginx: Restarting nginx: [emerg]: invalid number of arguments in "return" directive in /etc/nginx/sites-enabled/default:22. For clarification, the default behavior has been when a user goes to mywebsite.com, the address bar in the browser shows mywebsite.com:8080/drupal6/, the content shows but the game doesn't work. If a user goes to mywebsite.com/drupal6/, it Just Works. -- Posted via http://www.ruby-forum.com/. From francis at daoine.org Sat Sep 8 23:45:04 2012 From: francis at daoine.org (Francis Daly) Date: Sun, 9 Sep 2012 00:45:04 +0100 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> Message-ID: <20120908234504.GM18253@craic.sysops.org> On Sun, Sep 09, 2012 at 01:34:13AM +0200, Larry P. wrote: Hi there, > I tried your suggestion but I get this error after restarting nginx: > Restarting nginx: [emerg]: invalid number of arguments in "return" > directive in /etc/nginx/sites-enabled/default:22. Ah, my mistake. The nginx version you use doesn't have the same "return" directive syntax. rewrite ^ http://mywebsite.com/drupal6/; instead of the "return" line should probably work. (It still goes inside the "location = /" block.) > For clarification, the default behavior has been when a user goes to > mywebsite.com, the address bar in the browser shows > mywebsite.com:8080/drupal6/, the content shows but the game doesn't > work. If a user goes to mywebsite.com/drupal6/, it Just Works. The addition above should *only* affect a request for http://mywebsite.com/, and should cause the browser to ask for the working url. f -- Francis Daly francis at daoine.org From lists at ruby-forum.com Sun Sep 9 00:34:43 2012 From: lists at ruby-forum.com (Larry P.) Date: Sun, 09 Sep 2012 02:34:43 +0200 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> Message-ID: <825731c17dcc4fe6fde8c3ef3324f850@ruby-forum.com> OK, I added the following: location = / { rewrite ^ http://mywebsite.com/drupal6/; } and at first it seemed as if nothing had changed from the default behavior. However, when I go to mywebsite.com//, thats with 2 trailing slashes, I get redirected to mywebsite.com/drupal6/, strange but it works! I'm at a loss as to why. Can you think of how to remedy this? -- Posted via http://www.ruby-forum.com/. From francis at daoine.org Sun Sep 9 09:18:08 2012 From: francis at daoine.org (Francis Daly) Date: Sun, 9 Sep 2012 10:18:08 +0100 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: <825731c17dcc4fe6fde8c3ef3324f850@ruby-forum.com> References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> <825731c17dcc4fe6fde8c3ef3324f850@ruby-forum.com> Message-ID: <20120909091808.GN18253@craic.sysops.org> On Sun, Sep 09, 2012 at 02:34:43AM +0200, Larry P. wrote: Hi there, > However, when I go to mywebsite.com//, thats with 2 trailing slashes, I > get redirected to mywebsite.com/drupal6/, strange but it works! I'm at a > loss as to why. Can you think of how to remedy this? "Two slashes" works because (probably) nginx merges them into one. "One slash" probably doesn't seem to work because of browser caching, I guess. What is the output of curl -i http://mywebsite.com (which I presume is the request you want to have work)? If it is a http redirect to Location: http://mywebsite.com/drupal6/ then things are working. Clear your browser cache and try again. f -- Francis Daly francis at daoine.org From lists at ruby-forum.com Sun Sep 9 12:59:47 2012 From: lists at ruby-forum.com (Larry P.) Date: Sun, 09 Sep 2012 14:59:47 +0200 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> Message-ID: <60eac6716b967a72587400a752e6f9ac@ruby-forum.com> Hi Francis, Curl -i showed the correct url and clearing the cache solved the problem! Thank you for lending me your expert and methodical advice. Your assistance has also helped me understand more how NGINX works. Dealing with it in the future will be that much easier! Larry -- Posted via http://www.ruby-forum.com/. From valeriano.cossu at gmail.com Sun Sep 9 13:16:53 2012 From: valeriano.cossu at gmail.com (Valeriano Cossu) Date: Sun, 9 Sep 2012 15:16:53 +0200 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: <20120909091808.GN18253@craic.sysops.org> References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> <825731c17dcc4fe6fde8c3ef3324f850@ruby-forum.com> <20120909091808.GN18253@craic.sysops.org> Message-ID: Hi there, 2 slashes are different than 1 slash in nginx, there is a config param for that somewhre to set for that, read the doc to find that on the wiki saluti On Sun, Sep 9, 2012 at 11:18 AM, Francis Daly wrote: > On Sun, Sep 09, 2012 at 02:34:43AM +0200, Larry P. wrote: > > Hi there, > > > However, when I go to mywebsite.com//, thats with 2 trailing slashes, I > > get redirected to mywebsite.com/drupal6/, strange but it works! I'm at a > > loss as to why. Can you think of how to remedy this? > > "Two slashes" works because (probably) nginx merges them into one. > > "One slash" probably doesn't seem to work because of browser caching, > I guess. > > What is the output of > > curl -i http://mywebsite.com > > (which I presume is the request you want to have work)? > > If it is a http redirect to Location: http://mywebsite.com/drupal6/ > then things are working. Clear your browser cache and try again. > > f > -- > Francis Daly francis at daoine.org > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -- Cordiali saluti, Valeriano Cossu Regards, Valeriano Cossu cell: (+39) 3462187419 skype: valerianocossu -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Sun Sep 9 13:54:56 2012 From: nginx-forum at nginx.us (kfawcett) Date: Sun, 09 Sep 2012 09:54:56 -0400 Subject: Help with redirect from old to new URL Message-ID: Hi, We are switching vendors for our property searches and each one formats the URLs a little bit differently. We already have 40,000+ URLs indexed and want users to be 301 redirected to the new URL. The only difference in the URLs is a switch from underscores to hyphens, and from /idx/ to /property/. Here is the old URL: http://www.mysite.com/idx/mls-5028725-10425_virginia_pine_lane_alpharetta_ga_30022 Here's the new URL: http://www.mysite.com/property/mls-5028725-10425-virginia-pine-lane-alpharetta-ga-30022 Any ideas how to redirect all of these URLs without knowing what every one of the 40,000+ URLs are? Thanks, Keith Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230584,230584#msg-230584 From francis at daoine.org Sun Sep 9 13:55:19 2012 From: francis at daoine.org (Francis Daly) Date: Sun, 9 Sep 2012 14:55:19 +0100 Subject: Nginx Frontend with Apache2 and Drupal6 In-Reply-To: <60eac6716b967a72587400a752e6f9ac@ruby-forum.com> References: <2dd76e69248448e591b8a49a5e0662d4@ruby-forum.com> <60eac6716b967a72587400a752e6f9ac@ruby-forum.com> Message-ID: <20120909135519.GO18253@craic.sysops.org> On Sun, Sep 09, 2012 at 02:59:47PM +0200, Larry P. wrote: Hi there, > Curl -i showed the correct url and clearing the cache solved the > problem! Thank you for lending me your expert and methodical advice. > Your assistance has also helped me understand more how NGINX works. > Dealing with it in the future will be that much easier! You're welcome; and good that you've found a working solution. One side issue, which might be worth investigating more fully later, is that the fact that port 8080 sometimes "leaks" to the client indicates that there is still something wrong with some part of the configuration -- nginx on port 80 is the initial entry point, but it is not a pure "frontend" if the client is directly accessing apache. If if matters, you may want to check which requests lead to the client seeing a link to, or a redirect to, port 8080. If it doesn't matter, then there's nothing to worry about. All the best, f -- Francis Daly francis at daoine.org From francis at daoine.org Sun Sep 9 14:36:24 2012 From: francis at daoine.org (Francis Daly) Date: Sun, 9 Sep 2012 15:36:24 +0100 Subject: Help with redirect from old to new URL In-Reply-To: References: Message-ID: <20120909143624.GP18253@craic.sysops.org> On Sun, Sep 09, 2012 at 09:54:56AM -0400, kfawcett wrote: Hi there, > The only difference in the URLs is a switch from underscores to hyphens, and > from /idx/ to /property/. > > Here is the old URL: > http://www.mysite.com/idx/mls-5028725-10425_virginia_pine_lane_alpharetta_ga_30022 > > Here's the new URL: > http://www.mysite.com/property/mls-5028725-10425-virginia-pine-lane-alpharetta-ga-30022 > > Any ideas how to redirect all of these URLs without knowing what every one > of the 40,000+ URLs are? Within "location /idx/", dynamically generate the new url, and issue a redirect to that. "dynamically" means "use one of the embedded languages, or else talk to an external server". An incomplete example using fastcgi and php is: file /tmp/idx-fixup: """ """ fragment of nginx.conf: """ location /idx/ { include fastcgi.conf; fastcgi_pass unix:php.sock; fastcgi_param SCRIPT_FILENAME /tmp/idx-fixup; } """ Good luck with it, f -- Francis Daly francis at daoine.org From nginx-forum at nginx.us Sun Sep 9 17:50:46 2012 From: nginx-forum at nginx.us (kfawcett) Date: Sun, 09 Sep 2012 13:50:46 -0400 Subject: Help with redirect from old to new URL In-Reply-To: <20120909143624.GP18253@craic.sysops.org> References: <20120909143624.GP18253@craic.sysops.org> Message-ID: Thanks Francis! It's almost working, but once it runs I end up with this: http://www.mysite.com/property, instead of http://www.mysite.com/property/mls-5028725-10425-virginia-pine-lane-alpharetta-ga-30022 -Keith Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230584,230588#msg-230588 From appa at perusio.net Sun Sep 9 17:17:49 2012 From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida) Date: Sun, 09 Sep 2012 19:17:49 +0200 Subject: Help with redirect from old to new URL In-Reply-To: References: Message-ID: <878vcjqfnm.wl%appa@perusio.net> On 9 Set 2012 15h54 CEST, nginx-forum at nginx.us wrote: > Hi, > > We are switching vendors for our property searches and each one > formats the URLs a little bit differently. We already have 40,000+ > URLs indexed and want users to be 301 redirected to the new URL. > > The only difference in the URLs is a switch from underscores to > hyphens, and from /idx/ to /property/. > > Here is the old URL: > http://www.mysite.com/idx/mls-5028725-10425_virginia_pine_lane_alpharetta_ga_30022 > > Here's the new URL: > http://www.mysite.com/property/mls-5028725-10425-virginia-pine-lane-alpharetta-ga-30022 > > Any ideas how to redirect all of these URLs without knowing what > every one of the 40,000+ URLs are? > > Thanks, > Keith Use Lua: http://wiki.nginx.org/HttpLuaModule#ngx.re.gsub Try: location /idx { set_by_lua $new_uri 'local newstr, n = ngx.re.gsub(ngx.var.uri, "_", "-") newstr, n = ngx.re.sub(newstr, "/idx/", "/property/") return newstr'; return 301 $scheme://$host$new_uri; } Assuming you want to do a 301 redirect. --- appa From nginx-forum at nginx.us Sun Sep 9 21:35:21 2012 From: nginx-forum at nginx.us (iLinux85) Date: Sun, 09 Sep 2012 17:35:21 -0400 Subject: 500 nginx bad gateway when Update vbulletin template Message-ID: <988eb53d6a159346cd7ac282741f7048.NginxMailingListEnglish@forum.nginx.org> hello when i update template in vbulletin php forum i got this error in vhost-error_log 2012/09/09 23:13:16 [error] 10313#0: *3877 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.1, server: site.net, request: "POST /vb/admincp/template.php?do=updatetemplate HTTP/1.1", upstream: "http://66.212.18.72:8081/vb/admincp/template.php?do=updatetemplate", host: "www.site.net", referrer: "http://www.site.net/vb/login.php?do=login" 2012/09/09 23:14:17 [error] 10313#0: *5145 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.1, server: site.net, request: "POST /vb/admincp/template.php?do=updatetemplate HTTP/1.1", upstream: "http://66.212.18.72:8081/vb/admincp/template.php?do=updatetemplate", host: "www.site.net", referrer: "http://www.site.net/vb/admincp/template.php?s=&do=edit&templateid=2206&group=ad_&searchstring=&expandset=32" 2012/09/09 23:16:02 [error] 10313#0: *6896 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.1, server: site.net, request: "POST /vb/admincp/template.php?do=updatetemplate HTTP/1.1", upstream: "http://66.212.18.72:8081/vb/admincp/template.php?do=updatetemplate", host: "www.site.net", referrer: "http://www.site.net/vb/admincp/template.php?s=&do=edit&templateid=2206&group=ad_&searchstring=&expandset=32" so what's the problem thanks Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230591,230591#msg-230591 From nginx-forum at nginx.us Sun Sep 9 21:49:10 2012 From: nginx-forum at nginx.us (iLinux85) Date: Sun, 09 Sep 2012 17:49:10 -0400 Subject: 500 nginx bad gateway when Update vbulletin template In-Reply-To: <988eb53d6a159346cd7ac282741f7048.NginxMailingListEnglish@forum.nginx.org> References: <988eb53d6a159346cd7ac282741f7048.NginxMailingListEnglish@forum.nginx.org> Message-ID: and here is the nginx configurations for the site server { error_log /var/log/nginx/vhost-error_log warn; listen 192.168.1.1:80; server_name site.com www.site.com; access_log /usr/local/apache/domlogs/site.com-bytes_log bytes_log; access_log /usr/local/apache/domlogs/site.com combined; root /home/deltacom/public_html; location / { location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso)$ { expires 7d; try_files $uri @backend; } error_page 405 = @backend; add_header X-Cache "HIT from Backend"; proxy_pass http://192.168.1.1:8081; include proxy.inc; } location @backend { internal; proxy_pass http://192.168.1.1:8081; include proxy.inc; } location ~ .*\.(php|jsp|cgi|pl|py)?$ { proxy_pass http://192.168.1.1:8081; include proxy.inc; } location ~ /\.ht { deny all; } } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230591,230592#msg-230592 From nginx-forum at nginx.us Sun Sep 9 22:02:40 2012 From: nginx-forum at nginx.us (iLinux85) Date: Sun, 09 Sep 2012 18:02:40 -0400 Subject: 500 nginx bad gateway when Update vbulletin template In-Reply-To: References: <988eb53d6a159346cd7ac282741f7048.NginxMailingListEnglish@forum.nginx.org> Message-ID: <89193181022a7e74f893fc1afde3ed75.NginxMailingListEnglish@forum.nginx.org> sorry error is 502 not 500 502 Bad Gateway nginx Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230591,230593#msg-230593 From francis at daoine.org Mon Sep 10 00:57:38 2012 From: francis at daoine.org (Francis Daly) Date: Mon, 10 Sep 2012 01:57:38 +0100 Subject: Help with redirect from old to new URL In-Reply-To: References: <20120909143624.GP18253@craic.sysops.org> Message-ID: <20120910005738.GQ18253@craic.sysops.org> On Sun, Sep 09, 2012 at 01:50:46PM -0400, kfawcett wrote: Hi there, > It's almost working, but once it runs I end up with this: > http://www.mysite.com/property, instead of > http://www.mysite.com/property/mls-5028725-10425-virginia-pine-lane-alpharetta-ga-30022 What's the output of curl -i on the starting url? If it doesn't have the correct /property/ url, then add the two lines phpinfo(INFO_VARIABLES); print("\nold=$old\nnew=$new\n"); immediately after the header() lines, and test again using curl. See is the problem in "old" or in "new", and debug accordingly. (Maybe your fastcgi server doesn't provide variables in the $_SERVER array.) Note that the example was described as "incomplete", partly because the Location: header should have the full http://host/url. You can pick appropriate variables and include them in the header() line. f -- Francis Daly francis at daoine.org From nginx-forum at nginx.us Mon Sep 10 02:29:55 2012 From: nginx-forum at nginx.us (kfawcett) Date: Sun, 09 Sep 2012 22:29:55 -0400 Subject: Help with redirect from old to new URL In-Reply-To: <20120910005738.GQ18253@craic.sysops.org> References: <20120910005738.GQ18253@craic.sysops.org> Message-ID: <536efa4d3436fa147207d42f3cc69171.NginxMailingListEnglish@forum.nginx.org> Thank you Francis! I had to put "fastcgi_param REQUEST_URI $request_uri;" in the location, even though it was already specified for the server. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230584,230596#msg-230596 From soracchi at netbuilder.it Mon Sep 10 11:24:05 2012 From: soracchi at netbuilder.it (Andrea Soracchi) Date: Mon, 10 Sep 2012 13:24:05 +0200 (CEST) Subject: Upload progess bar module In-Reply-To: <32561072.83.1347268907253.JavaMail.sorry@sorry> Message-ID: <13781094.102.1347276714717.JavaMail.sorry@sorry> Hi, the HttpUploadProgressModule works with the latest versions of nginx? It's possible use it with multiple files? Thanks, Andrea -- Andrea Soracchi - Netbuilder S.r.l. Multidialogo : La storia e' fatta da chi sa comunicare System Engineer // t. +39 0521 247791 // f. +39 0521 7431140 // www.netbuilder.it From francis at daoine.org Mon Sep 10 11:38:50 2012 From: francis at daoine.org (Francis Daly) Date: Mon, 10 Sep 2012 12:38:50 +0100 Subject: Help with redirect from old to new URL In-Reply-To: <536efa4d3436fa147207d42f3cc69171.NginxMailingListEnglish@forum.nginx.org> References: <20120910005738.GQ18253@craic.sysops.org> <536efa4d3436fa147207d42f3cc69171.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120910113850.GR18253@craic.sysops.org> On Sun, Sep 09, 2012 at 10:29:55PM -0400, kfawcett wrote: Hi there, > I had to put "fastcgi_param REQUEST_URI $request_uri;" in the location, even > though it was already specified for the server. Because the location uses fastcgi_param, no server-level fastcgi_param values are inherited. That's why I had the "include" there. But once you have a working system, that's good enough. Cheers, f -- Francis Daly francis at daoine.org From bwellsnc at gmail.com Mon Sep 10 12:16:47 2012 From: bwellsnc at gmail.com (bwellsnc) Date: Mon, 10 Sep 2012 08:16:47 -0400 Subject: Nginx and Zencart Message-ID: I am wanting to utilize nginx with zencart. The issue I am having isn't getting Zencart to work, but to recreate the .htaccess files that are located underneath Zencart's sub directories. Below is the .htaccess file located in the images directory. I can block with no problem, it's allowing that I am having a problem with: # # @copyright Copyright 2003-2010 Zen Cart Development Team # @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 # @version $Id: .htaccess 16111 2010-04-29 22:39:02Z drbyte $ # # This is used with Apache WebServers # # The following blocks direct HTTP requests to all filetypes in this directory recursively, except certain approved exceptions # It also prevents the ability of any scripts to run. No type of script, be it PHP, PERL or whatever, can normally be executed if ExecCGI is disabled. # Will also prevent people from seeing what is in the dir. and any sub-directories # # For this to work, you must include either 'All' or at least: 'Limit' and 'Indexes' parameters to the AllowOverride configuration in your apache/conf/httpd.conf file. # Additionally, if you want the added protection offered by the OPTIONS directive below, you'll need to add 'Options' to the AllowOverride list, if 'All' is not specified. # Example: # # AllowOverride Limit Options Indexes # ############################### # deny *everything* Order Allow,Deny Deny from all # but now allow just *certain* necessary files: Order Allow,Deny Allow from all IndexIgnore */* Thanks for any help you can give! Brent From nginx-forum at nginx.us Mon Sep 10 13:17:48 2012 From: nginx-forum at nginx.us (kfawcett) Date: Mon, 10 Sep 2012 09:17:48 -0400 Subject: Help with redirect from old to new URL In-Reply-To: <20120910113850.GR18253@craic.sysops.org> References: <20120910113850.GR18253@craic.sysops.org> Message-ID: Thanks for the explanation. I didn't have a fastcgi.conf and saw the params in the server level, so I figured I was ok. Now I know better. :) Do you accept Paypal donations? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230584,230618#msg-230618 From rdocter at gmail.com Mon Sep 10 13:22:49 2012 From: rdocter at gmail.com (Ruben Docter) Date: Mon, 10 Sep 2012 15:22:49 +0200 Subject: Upgrade problem to nginx 1.2.3 Message-ID: Hi, I wnat to upgrade to nginx 1.2.3 but it gives me the following error: objs/src/core/ngx_regex.o: In function `ngx_pcre_free_studies': /usr/local/src/nginx-1.2.3/src/core/ngx_regex.c:307: undefined reference to `pcre_free_study' collect2: ld returned 1 exit status make[1]: *** [objs/nginx] Error 1 make[1]: Leaving directory `/usr/local/src/nginx-1.2.3' make: *** [build] Error 2 No I searched some, but I can't find a solution. It has to do something with the location of pcre.h. But when I do: locate /pcre.h It gives me: /usr/include/pcre.h /usr/local/include/pcre.h As you can see I have two versions of pcre.h running. I just wanted to remove one by doing a yum remove pcre, but then it wants to remove a lot of other packages. Please help me, I am a newbee and don't know what to do. -- Best regards, Ruben From soracchi at netbuilder.it Mon Sep 10 14:04:09 2012 From: soracchi at netbuilder.it (Andrea Soracchi) Date: Mon, 10 Sep 2012 16:04:09 +0200 (CEST) Subject: Error log In-Reply-To: <10735422.33.1347285877419.JavaMail.sorry@sorry> Message-ID: <13720620.54.1347286317212.JavaMail.sorry@sorry> Hi, when I upload a file (big or small) I get this error line in error.log: a client request body is buffered to a temporary file /usr/local/nginx/client_body_temp/0000000075 The error log marks it as warning. During the upload of a big file I expect to find the above mentioned file in the directory, but it's empty. Any idea? Thnaks, Andrea -- Andrea Soracchi - Netbuilder S.r.l. Multidialogo : La storia e' fatta da chi sa comunicare System Engineer // t. +39 0521 247791 // f. +39 0521 7431140 // www.netbuilder.it From mdounin at mdounin.ru Mon Sep 10 14:10:54 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 10 Sep 2012 18:10:54 +0400 Subject: Error log In-Reply-To: <13720620.54.1347286317212.JavaMail.sorry@sorry> References: <10735422.33.1347285877419.JavaMail.sorry@sorry> <13720620.54.1347286317212.JavaMail.sorry@sorry> Message-ID: <20120910141054.GR40452@mdounin.ru> Hello! On Mon, Sep 10, 2012 at 04:04:09PM +0200, Andrea Soracchi wrote: > Hi, > > when I upload a file (big or small) I get this error line in error.log: > > a client request body is buffered to a temporary file /usr/local/nginx/client_body_temp/0000000075 > > The error log marks it as warning. > > During the upload of a big file I expect to find the above mentioned file in the directory, but it's empty. > > Any idea? It should be empty, as nginx unlink()s temporary files as soon as they are created (unless you've set client_body_in_file_only in your config, see http://nginx.org/r/client_body_in_file_only). Maxim Dounin From soracchi at netbuilder.it Mon Sep 10 14:27:14 2012 From: soracchi at netbuilder.it (Andrea Soracchi) Date: Mon, 10 Sep 2012 16:27:14 +0200 (CEST) Subject: Error log In-Reply-To: <20120910141054.GR40452@mdounin.ru> Message-ID: <6535361.75.1347287703749.JavaMail.sorry@sorry> Hi, but nginx should remove the file only after the upload has been completed. Or no? ----- Messaggio originale ----- Da: "Maxim Dounin" A: nginx at nginx.org Inviato: Luned?, 10 settembre 2012 16:10:54 Oggetto: Re: Error log Hello! On Mon, Sep 10, 2012 at 04:04:09PM +0200, Andrea Soracchi wrote: > Hi, > > when I upload a file (big or small) I get this error line in error.log: > > a client request body is buffered to a temporary file /usr/local/nginx/client_body_temp/0000000075 > > The error log marks it as warning. > > During the upload of a big file I expect to find the above mentioned file in the directory, but it's empty. > > Any idea? It should be empty, as nginx unlink()s temporary files as soon as they are created (unless you've set client_body_in_file_only in your config, see http://nginx.org/r/client_body_in_file_only). Maxim Dounin _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx From mdounin at mdounin.ru Mon Sep 10 14:44:11 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 10 Sep 2012 18:44:11 +0400 Subject: Error log In-Reply-To: <6535361.75.1347287703749.JavaMail.sorry@sorry> References: <20120910141054.GR40452@mdounin.ru> <6535361.75.1347287703749.JavaMail.sorry@sorry> Message-ID: <20120910144411.GS40452@mdounin.ru> Hello! On Mon, Sep 10, 2012 at 04:27:14PM +0200, Andrea Soracchi wrote: > Hi, > > but nginx should remove the file only after the upload has been completed. > > Or no? No. File is unlink()ed once it's created, and nginx will work with it via an already opened file descriptor. This way temporary file is automatically deleted once corresponding file descriptor is closed, even if something goes completely wrong (e.g. nginx is killed with signal 9). Maxim Dounin > > > > > > ----- Messaggio originale ----- > Da: "Maxim Dounin" > A: nginx at nginx.org > Inviato: Luned?, 10 settembre 2012 16:10:54 > Oggetto: Re: Error log > > Hello! > > On Mon, Sep 10, 2012 at 04:04:09PM +0200, Andrea Soracchi wrote: > > > Hi, > > > > when I upload a file (big or small) I get this error line in error.log: > > > > a client request body is buffered to a temporary file /usr/local/nginx/client_body_temp/0000000075 > > > > The error log marks it as warning. > > > > During the upload of a big file I expect to find the above mentioned file in the directory, but it's empty. > > > > Any idea? > > It should be empty, as nginx unlink()s temporary files as soon as > they are created (unless you've set client_body_in_file_only in > your config, see http://nginx.org/r/client_body_in_file_only). > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From soracchi at netbuilder.it Mon Sep 10 15:24:44 2012 From: soracchi at netbuilder.it (Andrea Soracchi) Date: Mon, 10 Sep 2012 17:24:44 +0200 (CEST) Subject: Error log In-Reply-To: <20120910144411.GS40452@mdounin.ru> Message-ID: <32834038.118.1347291154531.JavaMail.sorry@sorry> Hi, ok, thanks! Have a nice day! ----- Messaggio originale ----- Da: "Maxim Dounin" A: nginx at nginx.org Inviato: Luned?, 10 settembre 2012 16:44:11 Oggetto: Re: Error log Hello! On Mon, Sep 10, 2012 at 04:27:14PM +0200, Andrea Soracchi wrote: > Hi, > > but nginx should remove the file only after the upload has been completed. > > Or no? No. File is unlink()ed once it's created, and nginx will work with it via an already opened file descriptor. This way temporary file is automatically deleted once corresponding file descriptor is closed, even if something goes completely wrong (e.g. nginx is killed with signal 9). Maxim Dounin > > > > > > ----- Messaggio originale ----- > Da: "Maxim Dounin" > A: nginx at nginx.org > Inviato: Luned?, 10 settembre 2012 16:10:54 > Oggetto: Re: Error log > > Hello! > > On Mon, Sep 10, 2012 at 04:04:09PM +0200, Andrea Soracchi wrote: > > > Hi, > > > > when I upload a file (big or small) I get this error line in error.log: > > > > a client request body is buffered to a temporary file /usr/local/nginx/client_body_temp/0000000075 > > > > The error log marks it as warning. > > > > During the upload of a big file I expect to find the above mentioned file in the directory, but it's empty. > > > > Any idea? > > It should be empty, as nginx unlink()s temporary files as soon as > they are created (unless you've set client_body_in_file_only in > your config, see http://nginx.org/r/client_body_in_file_only). > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx From ne at vbart.ru Mon Sep 10 18:40:53 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Mon, 10 Sep 2012 22:40:53 +0400 Subject: 500 nginx bad gateway when Update vbulletin template In-Reply-To: <988eb53d6a159346cd7ac282741f7048.NginxMailingListEnglish@forum.nginx.org> References: <988eb53d6a159346cd7ac282741f7048.NginxMailingListEnglish@forum.nginx.org> Message-ID: <201209102240.53416.ne@vbart.ru> On Monday 10 September 2012 01:35:21 iLinux85 wrote: > hello > > when i update template in vbulletin php forum i got this error in > vhost-error_log [...] > so what's the problem > It looks like the problem is on php side. wbr, Valentin V. Bartenev From nginx-forum at nginx.us Mon Sep 10 19:14:54 2012 From: nginx-forum at nginx.us (iLinux85) Date: Mon, 10 Sep 2012 15:14:54 -0400 Subject: 500 nginx bad gateway when Update vbulletin template In-Reply-To: <201209102240.53416.ne@vbart.ru> References: <201209102240.53416.ne@vbart.ru> Message-ID: <963028a4157290fab5ca7266eb90ae44.NginxMailingListEnglish@forum.nginx.org> hello what exactly i should check regard this issue ? thanks Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230591,230633#msg-230633 From christian.boenning at gmail.com Mon Sep 10 19:18:01 2012 From: christian.boenning at gmail.com (Christian Boenning) Date: Mon, 10 Sep 2012 21:18:01 +0200 Subject: 500 nginx bad gateway when Update vbulletin template In-Reply-To: <963028a4157290fab5ca7266eb90ae44.NginxMailingListEnglish@forum.nginx.org> References: <201209102240.53416.ne@vbart.ru> <963028a4157290fab5ca7266eb90ae44.NginxMailingListEnglish@forum.nginx.org> Message-ID: hi, i've seen similar issues with apc enabled on php side. on my installation nginx returned an error 5xx as well when upgrading typo3 core. may be restarting your php (or at least clearing byte-code-cache) helps. regards, chris Am 10.09.2012 um 21:14 schrieb iLinux85 : > hello > > what exactly i should check regard this issue ? > > thanks > > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230591,230633#msg-230633 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From ne at vbart.ru Mon Sep 10 19:25:36 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Mon, 10 Sep 2012 23:25:36 +0400 Subject: 500 nginx bad gateway when Update vbulletin template In-Reply-To: <963028a4157290fab5ca7266eb90ae44.NginxMailingListEnglish@forum.nginx.org> References: <201209102240.53416.ne@vbart.ru> <963028a4157290fab5ca7266eb90ae44.NginxMailingListEnglish@forum.nginx.org> Message-ID: <201209102325.36712.ne@vbart.ru> On Monday 10 September 2012 23:14:54 iLinux85 wrote: > hello > > what exactly i should check regard this issue ? > You should check the error log of your application server (php-fpm, apache, or whatever you use). wbr, Valentin V. Bartenev From francis at daoine.org Mon Sep 10 22:57:15 2012 From: francis at daoine.org (Francis Daly) Date: Mon, 10 Sep 2012 23:57:15 +0100 Subject: Help with redirect from old to new URL In-Reply-To: References: <20120910113850.GR18253@craic.sysops.org> Message-ID: <20120910225715.GV18253@craic.sysops.org> On Mon, Sep 10, 2012 at 09:17:48AM -0400, kfawcett wrote: Hi there, > Thanks for the explanation. I didn't have a fastcgi.conf and saw the params > in the server level, so I figured I was ok. Now I know better. :) "include fastcgi_params;" might have done mostly the same thing -- I guess that versions and distributions differ in the default files provided. > Do you accept Paypal donations? Thanks, but not for mailing list conversations :-) All the best, f -- Francis Daly francis at daoine.org From cickumqt at gmail.com Mon Sep 10 23:29:14 2012 From: cickumqt at gmail.com (Christopher Meng) Date: Tue, 11 Sep 2012 07:29:14 +0800 Subject: Upgrade problem to nginx 1.2.3 In-Reply-To: References: Message-ID: How do you install nginx? -- *Yours sincerely,* *Christopher Meng* Ambassador/Contributor of Fedora Project and many others. http://cicku.me -------------- next part -------------- An HTML attachment was scrubbed... URL: From zhuzhaoyuan at gmail.com Tue Sep 11 04:16:55 2012 From: zhuzhaoyuan at gmail.com (Joshua Zhu) Date: Tue, 11 Sep 2012 12:16:55 +0800 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: <20120907084741.GI40452@mdounin.ru> References: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> <20120906103424.GC40452@mdounin.ru> <25A69F32-62DE-4BBF-9BB0-9E14DE049BDF@gmail.com> <20120907084741.GI40452@mdounin.ru> Message-ID: Hi Maxim, On Fri, Sep 7, 2012 at 4:47 PM, Maxim Dounin wrote: > Hello! > > On Fri, Sep 07, 2012 at 10:07:08AM +0800, Joshua Zhu wrote: > >> Hi Michael, >> >> On Fri, Sep 7, 2012 at 12:27 AM, Michael Shadle wrote: >> > Maxim, >> > >> > I knew the ABI reasoning was behind it as this has came up at least once before. Just wanted to express it again. Curious how tengine does it with very small performance loss still based off the nginx code base. Perhaps something to look at? :) that's all. >> > >> >> We already know the limitations pointed out by Maxim and thank Maxim >> for making it clear several times. Definitely it's difficult to solve >> them, especially the ABI problem. The approach we'll take is keeping >> the ABI of the stable versions as conservative as we can, i.e. we'll >> not change the ABI of a stable branch. And the ABI changes will just >> happen in a development branch. >> >> In such a way it may reduce the value of dynamically loaded modules, >> but it's better than nothing. > > The question isn't really about "keeping ABI in the stable > branch", checking version signature is more or less enough here > (unless you apply patches which change the ABI within the same > version). > > It's more about what happens once you'll try to load a module > compiled with --with-ipv6 into nginx compiled without this flag > (or vice versa). Layout of the ngx_connection_t structure will be > different in nginx itself and the module, and the resulting code > will happily do various unexpected thing. Thank you very much for your valuable comments :) I think there should be solutions, though it's difficult to fix the conditional compilation problem. For example, we can use the same configure options (--with-ipv6, and etc) when compiling a dynamically loaded module. And nginx must be recompiled once such a configure option is changed. For a module which introduces conditional compilations, we can make it compiled in forcibly if the DSO feature is enabled. Plus, IMHO, some conditional compilations are not necessary hence could be removed. > And the same thing may even happen without any changes in > configure arguments - e.g. if OS was upgraded and nginx > now detects some new feature it want to use. It's not a problem caused by dynamically loaded modules. It exists even in statically compiled nginx. The accept4() problem (yeah it has been fixed) is an example :) Regards, -- Joshua Zhu Senior Software Engineer Server Platforms Team at Taobao From nginx-forum at nginx.us Tue Sep 11 05:16:24 2012 From: nginx-forum at nginx.us (n1xman) Date: Tue, 11 Sep 2012 01:16:24 -0400 Subject: nginx_cross_origin_module on nginx-1.2.1 Message-ID: <62df1a890b0ce86528e8679fae2f2312.NginxMailingListEnglish@forum.nginx.org> Hi, We are trying to implement cross origin resource sharing protocol on our system. I just want to try nginx_cross_origin_module and see how it work instead of add_header approach. The issue is I can't see the CORS headers on the response headers. Here is my config. user nginx; worker_processes 1; error_log /usr/local/nginx/logs/error.log info; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; cors on; cors_max_age 3600; cors_origin_list unbounded; cors_method_list GET HEAD PUT POST OPTIONS; cors_header_list unbounded; server { listen 80; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; } } Response Headers Accept-Ranges bytes Content-Length 162 Content-Type text/html Date Tue, 11 Sep 2012 05:04:44 GMT Last-Modified Tue, 11 Sep 2012 04:08:30 GMT Server nginx/1.2.1-5 Request Headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding gzip, deflate Accept-Language en-us,en;q=0.5 Connection keep-alive Host x.x.x.x User-Agent Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20100101 Firefox/15.0 [root at abmx-test nginx]# nginx -V nginx version: nginx/1.2.1-5 built by gcc 4.1.2 20080704 (Red Hat 4.1.2-48) TLS SNI support disabled configure arguments: --prefix=/etc/nginx/ --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-mail_ssl_module --with-file-aio --with-debug --with-cc-opt='-O2 -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables' --without-http_uwsgi_module --without-http_scgi_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/yaoweibin-nginx_upstream_check_module-2c5a2c8 --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/yaoweibin-nginx_tcp_proxy_module-a40c99a --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/simpl-ngx_devel_kit-24202b4 --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-echo-nginx-module-080c0a1 --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-set-misc-nginx-module-87d0ab2 --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/mikewest-nginx-static-etags-25bfaf9 --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/nginx-sticky-module-1.0 --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-memc-nginx-module-8befc56 --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-srcache-nginx-module-8df221e --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/yaoweibin-nginx_cross_origin_module-7319ab1 Do you need to build the module for the nginx-1.2.1 version or I'm missing something here...? Thanks in advance Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230641,230641#msg-230641 From nbubingo at gmail.com Tue Sep 11 06:34:16 2012 From: nbubingo at gmail.com (=?GB2312?B?0qbOsLHz?=) Date: Tue, 11 Sep 2012 14:34:16 +0800 Subject: nginx_cross_origin_module on nginx-1.2.1 In-Reply-To: <62df1a890b0ce86528e8679fae2f2312.NginxMailingListEnglish@forum.nginx.org> References: <62df1a890b0ce86528e8679fae2f2312.NginxMailingListEnglish@forum.nginx.org> Message-ID: HI, Your request should contain an "Origin: xxx.com" head. If there is no such header, It's not a valid cors request. 2012/9/11 n1xman : > Hi, > > We are trying to implement cross origin resource sharing protocol on our > system. I just want to try nginx_cross_origin_module and see how it work > instead of add_header approach. > > The issue is I can't see the CORS headers on the response headers. Here is > my config. > > user nginx; > worker_processes 1; > > error_log /usr/local/nginx/logs/error.log info; > pid /var/run/nginx.pid; > > > events { > worker_connections 1024; > } > > > http { > include /etc/nginx/mime.types; > default_type application/octet-stream; > > log_format main '$remote_addr - $remote_user [$time_local] "$request" > ' > '$status $body_bytes_sent "$http_referer" ' > '"$http_user_agent" "$http_x_forwarded_for"'; > > access_log /var/log/nginx/access.log main; > > sendfile on; > > cors on; > cors_max_age 3600; > cors_origin_list unbounded; > cors_method_list GET HEAD PUT POST OPTIONS; > cors_header_list unbounded; > > server { > listen 80; > server_name localhost; > > location / { > root /usr/share/nginx/html; > index index.html index.htm; > } > } > > > Response Headers > Accept-Ranges bytes > Content-Length 162 > Content-Type text/html > Date Tue, 11 Sep 2012 05:04:44 GMT > Last-Modified Tue, 11 Sep 2012 04:08:30 GMT > Server nginx/1.2.1-5 > > Request Headers > Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > Accept-Encoding gzip, deflate > Accept-Language en-us,en;q=0.5 > Connection keep-alive > Host x.x.x.x > User-Agent Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20100101 > Firefox/15.0 > > [root at abmx-test nginx]# nginx -V > nginx version: nginx/1.2.1-5 > built by gcc 4.1.2 20080704 (Red Hat 4.1.2-48) > TLS SNI support disabled > configure arguments: --prefix=/etc/nginx/ --sbin-path=/usr/sbin/nginx > --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log > --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid > --lock-path=/var/run/nginx.lock > --http-client-body-temp-path=/var/cache/nginx/client_temp > --http-proxy-temp-path=/var/cache/nginx/proxy_temp > --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp > --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp > --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx > --with-http_ssl_module --with-http_realip_module --with-http_addition_module > --with-http_sub_module --with-http_dav_module --with-http_flv_module > --with-http_mp4_module --with-http_gzip_static_module > --with-http_random_index_module --with-http_secure_link_module > --with-http_stub_status_module --with-mail_ssl_module --with-file-aio > --with-debug --with-cc-opt='-O2 -g -m32 -march=i386 -mtune=generic > -fasynchronous-unwind-tables' --without-http_uwsgi_module > --without-http_scgi_module --without-mail_pop3_module > --without-mail_imap_module --without-mail_smtp_module > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/yaoweibin-nginx_upstream_check_module-2c5a2c8 > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/yaoweibin-nginx_tcp_proxy_module-a40c99a > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/simpl-ngx_devel_kit-24202b4 > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-echo-nginx-module-080c0a1 > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-set-misc-nginx-module-87d0ab2 > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/mikewest-nginx-static-etags-25bfaf9 > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/nginx-sticky-module-1.0 > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-memc-nginx-module-8befc56 > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-srcache-nginx-module-8df221e > --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/yaoweibin-nginx_cross_origin_module-7319ab1 > > Do you need to build the module for the nginx-1.2.1 version or I'm missing > something here...? > > Thanks in advance > > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230641,230641#msg-230641 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From mdounin at mdounin.ru Tue Sep 11 10:32:58 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 11 Sep 2012 14:32:58 +0400 Subject: [ANNOUNCE] Tengine-1.4.0 In-Reply-To: References: <0BB3CFCCAB014E8FA0A52FEBD792EF37@NeiRoze> <20120906103424.GC40452@mdounin.ru> <25A69F32-62DE-4BBF-9BB0-9E14DE049BDF@gmail.com> <20120907084741.GI40452@mdounin.ru> Message-ID: <20120911103257.GZ40452@mdounin.ru> Hello! On Tue, Sep 11, 2012 at 12:16:55PM +0800, Joshua Zhu wrote: [...] > > And the same thing may even happen without any changes in > > configure arguments - e.g. if OS was upgraded and nginx > > now detects some new feature it want to use. > > It's not a problem caused by dynamically loaded modules. It exists > even in statically compiled nginx. The accept4() problem (yeah it has > been fixed) is an example :) Problems with nonexistent syscalls is completely different thing: 1) By upgrading hosts in correct order (i.e. build host last) you just don't see any problems. 2) If there is no syscall at all on the host you are running, you'll see ENOSYS returned and it's up to your code to handle it (either just fail or fallback to something else). This is because ABI is actually provided by OS here. And it's completely different from "no ABI" case where you'll just get random unexpected behaviour and segfaults if you are lucky or just corrupted data if you aren't. Maxim Dounin From mdounin at mdounin.ru Wed Sep 12 11:06:24 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Wed, 12 Sep 2012 15:06:24 +0400 Subject: nginx-1.3.6 Message-ID: <20120912110624.GE40452@mdounin.ru> Changes with nginx 1.3.6 12 Sep 2012 *) Feature: the ngx_http_gunzip_filter_module. *) Feature: the "memcached_gzip_flag" directive. *) Feature: the "always" parameter of the "gzip_static" directive. *) Bugfix: in the "limit_req" directive; the bug had appeared in 1.1.14. Thanks to Charles Chen. *) Bugfix: nginx could not be built by gcc 4.7 with -O2 optimization if the --with-ipv6 option was used. Maxim Dounin From aweber at comcast.net Wed Sep 12 13:28:27 2012 From: aweber at comcast.net (AJ Weber) Date: Wed, 12 Sep 2012 09:28:27 -0400 Subject: NEWBIE: cache swf content? Message-ID: <50508DFB.50103@comcast.net> I am running a few webapps on Tomcat, and placing nginx in front for SSL, content caching and to remove some of the load from Tomcat where possible (currently testing v1.2.3 on CentOS 6.x). I have most of the configuration working well (nginx is very slick, and pretty easy to configure). However, I have some static content like swf (flash) files that are served to the client browser with parameters, and I think this is why nginx is not caching them. For example, ".../testflash.swf?dt=0123456789" (dt is typically a timestamp, but is a unique identifier, nonetheless). Since this swf file does not actually change (incredibly rarely, in a major "upgrade", and I would purge the cache at that point), is there a way to tell nginx to cache it regardless of the url-parameters appended? These files, and most of the other content, have ETag's and Last-Modified-Date (both). In this case there is no explicit Cache-Control in the header. Related question: If content has an ETag from the source server (the content that nginx fetches already has an ETag), is there a way to force nginx to cache the content based on that ETag? I _think_ this is different to the ETag support that is coming in the > 1.3.3 versions, as that seems to say that it will actually add tags for content. In this case, I would've expected nginx to cache any content with an ETag and especially with a Last-Modified-Date when no explicit Cache-Control header was provided. Thanks for dealing with my newbie questions, I appreciate your time. -AJ From markus.jelsma at openindex.io Wed Sep 12 15:02:45 2012 From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=) Date: Wed, 12 Sep 2012 15:02:45 +0000 Subject: Lua, memc and image_filter, image not resized via lua Message-ID: Hello, We attempt to make a simple image resizer and cacher using Nginx en storing in Memcache and the image_filter. First we attempted to do it via eval but we quickly ran into an old issue [1] i had, i can either store a not-existing image in the cache or return it, never both. Instead we tried using Lua scripting and now we can retrieve items from the cache and store remote images in the cache and return them at the same time! But we have one problem left, the images are not passed through the image filter at all when we do it via Lua. I'll share the config. The location below is called from outside and is the only location externally called. If it's in the cache, return it and it it's not in the cache, try to fetch it, store it in the cache and return it. location /img/cache { set $memc_key $args; set $memc_cmd 'get'; error_page 404 = /img/populate?$args; memc_pass 127.0.0.1:11211; } The following location populates the cache and returns the (hopefully resized) image. It uses a location to fetch the image (and resize it) and another location to write the fetched and resized image to the cache. It finally prints it. location /img/populate { content_by_lua ' local args = ngx.req.get_uri_args(5) local image = ngx.location.capture("/img/crop?u=" .. args["u"] .. "&w=" .. args["w"] .."&h=" .. args["h"]) -- Use anoter location to store the image in the cache (cannot use memc_pass in this location it seems) local res = ngx.location.capture("/img/put?u=" .. args["u"] .. "&w=" .. args["w"] .."&h=" .. args["h"] .. "&m=" .. args["m"], { body = image["body"] } ) ngx.print(image["body"]) '; } The following 2 simple locations resp. fetch and resize the image and store it in memcache. location /img/crop { image_filter crop $arg_w $arg_h; proxy_pass $arg_u; } location /img/put { set $memc_key $args; set $memc_cmd 'set'; memc_pass 127.0.0.1:11211; } The problem is, the image is not resized! If we set the error_page in the first location to /img/crop the image is properly resized so it doesn't work if called from Lua. I would be very grateful for any tips and hints. I am curious to what i'm doing wrong. [1]: http://nginx.2469901.n2.nabble.com/Issue-with-3rd-party-memc-and-eval-modules-td4579623.html Many thanks, Markus From nginx-forum at nginx.us Wed Sep 12 18:49:43 2012 From: nginx-forum at nginx.us (etrader) Date: Wed, 12 Sep 2012 14:49:43 -0400 Subject: Wildcard subdomains (any change in nginx?) Message-ID: <6c3a12145e1e17b673f218eae7614d9c.NginxMailingListEnglish@forum.nginx.org> I was using wildcard for including all subdomains for a server_name as server_name domain.com; I just installed nginx 1.2.3, but this configuration no longer works and subdomains lead to nginx 404 page. Since I followed a standard procedure of installation via apt-get, I suspect something has been changed in new versions of nginx. Now, I can only use wildcard for subdomains with server_name domain.com *.domain.com; Did I miss something or it is the nginx policy in new versions and forthcoming ones to discard subdomains without *.domain.com ? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230675,230675#msg-230675 From ne at vbart.ru Wed Sep 12 19:32:49 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Wed, 12 Sep 2012 23:32:49 +0400 Subject: Wildcard subdomains (any change in nginx?) In-Reply-To: <6c3a12145e1e17b673f218eae7614d9c.NginxMailingListEnglish@forum.nginx.org> References: <6c3a12145e1e17b673f218eae7614d9c.NginxMailingListEnglish@forum.nginx.org> Message-ID: <201209122332.49562.ne@vbart.ru> On Wednesday 12 September 2012 22:49:43 etrader wrote: > I was using wildcard for including all subdomains for a server_name as > > server_name domain.com; > [...] This has never included subdomains. Probably it worked for you just because it was the default server block. But after the update something has been changed in your configuration. http://nginx.org/en/docs/http/server_names.html http://nginx.org/r/server_name wbr, Valentin V. Bartenev From kworthington at gmail.com Wed Sep 12 20:07:50 2012 From: kworthington at gmail.com (Kevin Worthington) Date: Wed, 12 Sep 2012 16:07:50 -0400 Subject: nginx-1.3.6 In-Reply-To: <20120912110624.GE40452@mdounin.ru> References: <20120912110624.GE40452@mdounin.ru> Message-ID: Hello Nginx Users, Now available: Nginx 1.3.5 For Windows http://goo.gl/fa6P9 (32-bit and 64-bit versions) These versions are to support legacy users who are already using Cygwin based builds of Nginx. Officially supported native Windows binaries are at nginx.org. Announcements are also available via my Twitter stream (http://twitter.com/kworthington), if you prefer to receive updates that way. Thank you, Kevin -- Kevin Worthington kworthington *@* (gmail} [dot\ /com] http://kevinworthington.com/ http://twitter.com/kworthington On Wed, Sep 12, 2012 at 7:06 AM, Maxim Dounin wrote: > Changes with nginx 1.3.6 12 Sep 2012 > > *) Feature: the ngx_http_gunzip_filter_module. > > *) Feature: the "memcached_gzip_flag" directive. > > *) Feature: the "always" parameter of the "gzip_static" directive. > > *) Bugfix: in the "limit_req" directive; the bug had appeared in 1.1.14. > Thanks to Charles Chen. > > *) Bugfix: nginx could not be built by gcc 4.7 with -O2 optimization if > the --with-ipv6 option was used. > > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From nginx-forum at nginx.us Wed Sep 12 20:31:48 2012 From: nginx-forum at nginx.us (thigomes) Date: Wed, 12 Sep 2012 16:31:48 -0400 Subject: Condition in upstream Message-ID: <0f4541e531fdcd3daa6fe51e6bc36679.NginxMailingListEnglish@forum.nginx.org> Hi guys, I'm studying about in the use of upstream in the nginx. And I have a question about the condition of use it. Now, I have the following environment in production: Internet -- > Nginx --> Varnish --> Apache I would like of set in upstream a backup's server, for example: upstream backend { ip_hash; server 192.168.1.5:6081; # varnish server server 192.168.1.7:80 backup; # apache server } But in the case the configuration of the "location /" will change according with the server. Is there some parameter of condition that I can used? Best regards, Thiago Gomes Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230678,230678#msg-230678 From nginx-forum at nginx.us Wed Sep 12 21:04:39 2012 From: nginx-forum at nginx.us (thigomes) Date: Wed, 12 Sep 2012 17:04:39 -0400 Subject: Condition in upstream In-Reply-To: <0f4541e531fdcd3daa6fe51e6bc36679.NginxMailingListEnglish@forum.nginx.org> References: <0f4541e531fdcd3daa6fe51e6bc36679.NginxMailingListEnglish@forum.nginx.org> Message-ID: <9662d09f74844bb9be810b152a72d2c5.NginxMailingListEnglish@forum.nginx.org> Just to complete the information, in my case I have two configuration according with the web server, so: # TO VARNISH location / { proxy_redirect off; # Do not redirect this proxy - It needs to be pass-through proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Server-Address $server_addr; proxy_connect_timeout 5s; proxy_read_timeout 300s; proxy_pass_header Set-Cookie; proxy_pass http://localhost:6081; # Pass all traffic through to Varnish } TO APACHE location / { client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 32k; proxy_buffers 8 16k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_connect_timeout 30s; proxy_redirect http://domain.com:8081 http://domain.com; proxy_redirect http://www.domain.com:8081 http://www.domain.com; proxy_pass http://192.168.1.7:8081/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } In the case varnish server not response, the request will forward to apache server. Att, Thiago Gomes Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230678,230680#msg-230680 From nginx-forum at nginx.us Thu Sep 13 03:48:20 2012 From: nginx-forum at nginx.us (iLinux85) Date: Wed, 12 Sep 2012 23:48:20 -0400 Subject: 500 nginx bad gateway when Update vbulletin template In-Reply-To: References: <201209102325.36712.ne@vbart.ru> Message-ID: <6cdc8572c726897b8a4f0ffe3d8c5d65.NginxMailingListEnglish@forum.nginx.org> here is my main nginx.conf user nobody; # no need for more workers in the proxy mode worker_processes 2; error_log /var/log/nginx/error.log info; worker_rlimit_nofile 20480; events { worker_connections 5120; # increase for busier servers use epoll; # you should use epoll here for Linux kernels 2.6.x } http { server_name_in_redirect off; server_names_hash_max_size 10240; server_names_hash_bucket_size 1024; include mime.types; default_type application/octet-stream; server_tokens off; #disable_symlinks if_not_owner; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 5; gzip on; gzip_vary on; gzip_disable "MSIE [1-6]\."; gzip_proxied any; gzip_http_version 1.1; gzip_min_length 1000; gzip_comp_level 6; gzip_buffers 16 8k; # You can remove image/png image/x-icon image/gif image/jpeg if you have slow CPU gzip_types text/plain text/xml text/css application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg application/xml+rss text/javascript application/atom+xml; ignore_invalid_headers on; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; reset_timedout_connection on; connection_pool_size 256; client_header_buffer_size 256k; large_client_header_buffers 4 256k; client_max_body_size 200M; client_body_buffer_size 128k; request_pool_size 32k; output_buffers 4 32k; postpone_output 1460; proxy_temp_path /tmp/nginx_proxy/; client_body_in_file_only on; log_format bytes_log "$msec $bytes_sent ."; include "/etc/nginx/vhosts/*"; } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230591,230682#msg-230682 From igor at sysoev.ru Thu Sep 13 07:30:30 2012 From: igor at sysoev.ru (Igor Sysoev) Date: Thu, 13 Sep 2012 11:30:30 +0400 Subject: Condition in upstream In-Reply-To: <9662d09f74844bb9be810b152a72d2c5.NginxMailingListEnglish@forum.nginx.org> References: <0f4541e531fdcd3daa6fe51e6bc36679.NginxMailingListEnglish@forum.nginx.org> <9662d09f74844bb9be810b152a72d2c5.NginxMailingListEnglish@forum.nginx.org> Message-ID: <1C991D43-C635-4AA1-9530-5E3EE874EB71@sysoev.ru> On Sep 13, 2012, at 1:04 , thigomes wrote: > Just to complete the information, in my case I have two configuration > according with the web server, so: > > # TO VARNISH > location / { > proxy_redirect off; # Do not redirect this proxy - It needs to be > pass-through > proxy_set_header Host $host; > proxy_set_header X-Real-IP $remote_addr; > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > proxy_set_header X-Server-Address $server_addr; > proxy_connect_timeout 5s; > proxy_read_timeout 300s; > proxy_pass_header Set-Cookie; > proxy_pass http://localhost:6081; # Pass all traffic through to Varnish > } > > TO APACHE > location / { > client_max_body_size 10m; > client_body_buffer_size 128k; > proxy_send_timeout 90; > proxy_read_timeout 90; > proxy_buffer_size 32k; > proxy_buffers 8 16k; > proxy_busy_buffers_size 64k; > proxy_temp_file_write_size 64k; > proxy_connect_timeout 30s; > proxy_redirect http://domain.com:8081 http://domain.com; > proxy_redirect http://www.domain.com:8081 http://www.domain.com; > > proxy_pass http://192.168.1.7:8081/; > proxy_set_header Host $host; > proxy_set_header X-Real-IP $remote_addr; > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > } > > In the case varnish server not response, the request will forward to apache > server. Backup servers are not supported with ip_hash upstream. You should use something like this: upstream backend { server 192.168.1.5:6081; # varnish server server 192.168.1.7:80 backup; # apache server } server { location / { proxy_pass http://backend; ... } } However, you can omit varnish at all and use nginx built-in cache: proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=CACHE:10m; server { location / { proxy_pass http://192.168.1.7; proxy_cache CACHE; ... } } -- Igor Sysoev http://nginx.com/support.html From nginx-forum at nginx.us Thu Sep 13 11:07:09 2012 From: nginx-forum at nginx.us (karlseguin) Date: Thu, 13 Sep 2012 07:07:09 -0400 Subject: md5 collision Message-ID: Hi, Looking for help with a high number of md5 collisions with proxy caching. It's my understanding that we shouldn't be getting any, but we seem to be getting quite a few. -V nginx version: nginx/1.2.3 built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) configure arguments: --prefix=/opt/nginx --with-http_stub_status_module --with-pcre=../pcre-8.31 --without-http_access_module --without-http_auth_basic_module --without-http_autoindex_module --without-http_browser_module --without-http_charset_module --without-http_fastcgi_module --without-http_geo_module --without-http_memcached_module --without-http_referer_module --without-http_scgi_module --without-http_split_clients_module --without-http_ssi_module --without-http_upstream_ip_hash_module --without-http_userid_module --without-http_uwsgi_module --add-module=../agentzh-headers-more-nginx-module-278ba7d --conf-path=nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --with-debug I believe this might be relevant as well: checking for system md library ... not found checking for system md5 library ... not found checking for OpenSSL md5 crypto library ... found checking for zlib library ... found creating objs/Makefile Configuration summary + using PCRE library: ../pcre-8.31 + OpenSSL library is not used + md5: using system crypto library + sha1 library is not used + using system zlib library We are using the default cace key, though I've tried a few variations. We are doing one "weird" thing...The upstream server might re-request a slightly modified version from Nginx in the hopes that this modified version is in the cache. If it isn't, this modified request goes back to the upstream, which then returns a file (which then goes back to the upstream to fulfill the original request). At most, this is 2 loops... NGINX --> Upstream --> NGINX --> Upstream but the URLs wil be different between the first set and the second one. Not sure that this is a problem, but since it's the only odd thing, I figured I'd mention it. Cheers, Karl Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230686,230686#msg-230686 From mdounin at mdounin.ru Thu Sep 13 12:48:15 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 13 Sep 2012 16:48:15 +0400 Subject: md5 collision In-Reply-To: References: Message-ID: <20120913124815.GP40452@mdounin.ru> Hello! On Thu, Sep 13, 2012 at 07:07:09AM -0400, karlseguin wrote: > Hi, > Looking for help with a high number of md5 collisions with proxy caching. > It's my understanding that we shouldn't be getting any, but we seem to be > getting quite a few. What makes you think that there are md5 collisions? Do you see nginx complaining in error log? > -V > nginx version: nginx/1.2.3 > built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) Uhm, am I right assuming it's on ARM? > configure arguments: --prefix=/opt/nginx --with-http_stub_status_module > --with-pcre=../pcre-8.31 --without-http_access_module > --without-http_auth_basic_module --without-http_autoindex_module > --without-http_browser_module --without-http_charset_module > --without-http_fastcgi_module --without-http_geo_module > --without-http_memcached_module --without-http_referer_module > --without-http_scgi_module --without-http_split_clients_module > --without-http_ssi_module --without-http_upstream_ip_hash_module > --without-http_userid_module --without-http_uwsgi_module > --add-module=../agentzh-headers-more-nginx-module-278ba7d > --conf-path=nginx.conf --error-log-path=/var/log/nginx/error.log > --http-log-path=/var/log/nginx/access.log --with-debug > > I believe this might be relevant as well: > > > checking for system md library ... not found > checking for system md5 library ... not found > checking for OpenSSL md5 crypto library ... found > checking for zlib library ... found > creating objs/Makefile > > Configuration summary > + using PCRE library: ../pcre-8.31 > + OpenSSL library is not used > + md5: using system crypto library > + sha1 library is not used > + using system zlib library So nginx is using system crypto library (aka OpenSSL's crypto library) and it seems to do wrong thing. Could you please try to force nginx's own md5 implementation with ./configure --with-cc-opt="-DNGX_HAVE_MD5=0" ... to see if it helps? You may also want to produce debug log, see http://wiki.nginx.org/Debugging for details. Maxim Dounin From nginx-forum at nginx.us Thu Sep 13 13:09:24 2012 From: nginx-forum at nginx.us (a.mion@megasp.it) Date: Thu, 13 Sep 2012 09:09:24 -0400 Subject: Nginx proxy_pass file upload 500 "Internal Server Error" Message-ID: <0d62d050ee860cd904c2ab7078e70a8d.NginxMailingListEnglish@forum.nginx.org> I've a problem using nginx as reverse proxy. I sent a POST request to nginx for file upload. My backend is an apache2 web server. My backend receive correctly request and save correctly uploaded file. My frontend, nginx, give back a 500, Internal server error response. This is my nginx.conf user www-data; worker_processes 1; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 1024; # multi_accept on; } http { include /etc/nginx/mime.types; access_log /var/log/nginx/access.log; sendfile on; tcp_nopush on; #keepalive_timeout 0; tcp_nodelay on; client_max_body_size 50m; #client_body_buffer_size 2m; gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } This is my /etc/nginx/sites-enabled/default config: server { listen 80; ## listen for ipv4 listen [::]:80 default ipv6only=on; ## listen for ipv6 server_name megasp.sigmagroup.it; access_log /var/log/nginx/localhost.access.log; error_log /var/log/nginx/localhost.error.log debug; location ~ \.*$ { proxy_pass http://megasp.sigmagroup.it; proxy_read_timeout 3600; } } This is nginx error log with debug info: 2012/09/13 14:46:52 [debug] 9004#0: accept on 0.0.0.0:80, ready: 0 2012/09/13 14:46:52 [debug] 9004#0: malloc: 09778E58:256 2012/09/13 14:46:52 [debug] 9004#0: *7 accept: 192.168.0.37 fd:3 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 3: 60000:3215709281 2012/09/13 14:46:52 [debug] 9004#0: *7 epoll add event: fd:3 op:1 ev:80000001 2012/09/13 14:46:52 [debug] 9004#0: *7 malloc: 09781310:676 2012/09/13 14:46:52 [debug] 9004#0: *7 malloc: 097815B8:1024 2012/09/13 14:46:52 [debug] 9004#0: *7 malloc: 0977AB08:4096 2012/09/13 14:46:52 [debug] 9004#0: *7 http process request line 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1024 of 1024 2012/09/13 14:46:52 [debug] 9004#0: *7 http request line: "POST /Scansioni/ImmagineAcquiredUpload HTTP/1.1" 2012/09/13 14:46:52 [debug] 9004#0: *7 http uri: "/Scansioni/ImmagineAcquiredUpload" 2012/09/13 14:46:52 [debug] 9004#0: *7 http args: "" 2012/09/13 14:46:52 [debug] 9004#0: *7 http exten: "" 2012/09/13 14:46:52 [debug] 9004#0: *7 http process request header line 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "Content-Length: 56242" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "Content-Type: multipart/form-data; boundary=xQyrNf60g_tOu8mL4dEi4TmTg7VhAO" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "Host: 192.168.0.204" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "Connection: Keep-Alive" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "User-Agent: Apache-HttpClient/4.2.1 (java 1.5)" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header done 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer del: 3: 3215709281 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 0 2012/09/13 14:46:52 [debug] 9004#0: *7 add cleanup: 0977B010 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 1 2012/09/13 14:46:52 [debug] 9004#0: *7 test location: ~ "\.*$" 2012/09/13 14:46:52 [debug] 9004#0: *7 using configuration "\.*$" 2012/09/13 14:46:52 [debug] 9004#0: *7 http cl:56242 max:52428800 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 3 2012/09/13 14:46:52 [debug] 9004#0: *7 post rewrite phase: 4 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 5 2012/09/13 14:46:52 [debug] 9004#0: *7 add cleanup: 0977B02C 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 6 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 7 2012/09/13 14:46:52 [debug] 9004#0: *7 access phase: 8 2012/09/13 14:46:52 [debug] 9004#0: *7 access phase: 9 2012/09/13 14:46:52 [debug] 9004#0: *7 post access phase: 10 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body preread 781 2012/09/13 14:46:52 [debug] 9004#0: *7 malloc: 09784088:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 5249 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 5249 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 50212 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 2943 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 50212 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 3: 60000:3215709283 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 2943 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 48752 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 1483 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 48752 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709284 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 1483 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 47292 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 23 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 47292 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709284 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 23 of 23 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 23 2012/09/13 14:46:52 [debug] 9004#0: *7 add cleanup: 0977B414 2012/09/13 14:46:52 [debug] 9004#0: *7 hashed path: /var/lib/nginx/body/0000000004 2012/09/13 14:46:52 [debug] 9004#0: *7 temp fd:4 2012/09/13 14:46:52 [warn] 9004#0: *7 a client request body is buffered to a temporary file /var/lib/nginx/body/0000000004, client: 192.168.0.37, server: megasp.sigmagroup.it, request: "POST /Scansioni/ImmagineAcquiredUpload HTTP/1.1", host: "192.168.0.204" 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 0 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 2897 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 2897 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 44372 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5295 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 44372 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709284 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 5295 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 42912 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3835 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 42912 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3835 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 41452 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 2375 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 41452 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 2375 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 39992 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 915 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 39992 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 915 of 915 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 915 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 545 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 545 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 38532 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 7647 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 37072 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 6187 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 37072 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1500 of 6187 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1500 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 35572 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 34112 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 34112 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 32652 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 31476 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 31476 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709286 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 591 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 591 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 16384 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 869 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 869 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 30016 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 28556 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 28556 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709286 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 27380 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 27380 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709286 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 25920 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 25920 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 24460 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 24460 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 23284 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 23284 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 591 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 591 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 24576 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 869 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 869 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 21824 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 21824 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 20364 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 20364 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 19188 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 19188 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 17728 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 17728 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 16268 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 16268 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 15092 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 15092 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 591 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 591 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 32768 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 869 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 869 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 13632 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 13632 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 12172 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 12172 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 10996 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 10996 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 9536 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 9536 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 8076 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 8076 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 6900 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 6900 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 591 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 591 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 40960 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 869 of 6309 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 869 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 5440 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5440 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 5440 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 5440 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 3980 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3980 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 3980 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 3980 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 2804 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 2804 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 2804 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 2035 of 2804 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 2035 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 769 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 769 of 769 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 769 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 0 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer del: 3: 3215709283 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 6309, 49152 2012/09/13 14:46:52 [debug] 9004#0: *7 http init upstream, client timer: 0 2012/09/13 14:46:52 [debug] 9004#0: *7 epoll add event: fd:3 op:3 ev:80000005 2012/09/13 14:46:52 [debug] 9004#0: *7 http script copy: "Host: " 2012/09/13 14:46:52 [debug] 9004#0: *7 http script var: "megasp.sigmagroup.it" 2012/09/13 14:46:52 [debug] 9004#0: *7 http script copy: " " 2012/09/13 14:46:52 [debug] 9004#0: *7 http script copy: "Connection: close " 2012/09/13 14:46:52 [debug] 9004#0: *7 http proxy header: "Content-Length: 56242" 2012/09/13 14:46:52 [debug] 9004#0: *7 http proxy header: "Content-Type: multipart/form-data; boundary=xQyrNf60g_tOu8mL4dEi4TmTg7VhAO" 2012/09/13 14:46:52 [debug] 9004#0: *7 http proxy header: "User-Agent: Apache-HttpClient/4.2.1 (java 1.5)" 2012/09/13 14:46:52 [debug] 9004#0: *7 http proxy header: "POST /Scansioni/ImmagineAcquiredUpload HTTP/1.0 Host: megasp.sigmagroup.it Connection: close Content-Length: 56242 Content-Type: multipart/form-data; boundary=xQyrNf60g_tOu8mL4dEi4TmTg7VhAO User-Agent: Apache-HttpClient/4.2.1 (java 1.5) " 2012/09/13 14:46:52 [debug] 9004#0: *7 http cleanup add: 0977B640 2012/09/13 14:46:52 [debug] 9004#0: *7 get rr peer, try: 1 2012/09/13 14:46:52 [debug] 9004#0: *7 socket 7 2012/09/13 14:46:52 [debug] 9004#0: *7 epoll add connection: fd:7 ev:80000005 2012/09/13 14:46:52 [debug] 9004#0: *7 connect to 192.168.0.206:80, fd:7 #8 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream connect: -2 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 7: 60000:3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream check client, write event:1, "/Scansioni/ImmagineAcquiredUpload" 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream recv(): -1 (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream send request handler 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream send request 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 0 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:245 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:781 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B67C 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 9218 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B694 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 6710 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 0977B694 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer del: 7: 3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 7: 60000:3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream send request handler 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream send request 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B694 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 1482 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 16384 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B69C 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 24576 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B6A4 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 32768 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B6AC 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 40960 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B6B4 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 6309, 49152 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:1 s:6309 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B6BC 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 6309 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer del: 7: 3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 7: 3600000:3219249290 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream process header 2012/09/13 14:46:53 [debug] 9004#0: *7 malloc: 0977BB10:4096 2012/09/13 14:46:53 [debug] 9004#0: *7 recv: fd:7 386 of 4096 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy status 500 "500 Internal Server Error" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Date: Thu, 13 Sep 2012 12:49:09 GMT" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Server: Apache/2.2.16 (Debian)" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "X-AspNetMvc-Version: 3.0" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "X-AspNet-Version: 4.0.30319" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Content-Length: 48" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Cache-Control: private" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Set-Cookie: ASP.NET_SessionId=0DC6CD8C829815B288180C94; path=/" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Vary: Accept-Encoding" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Connection: close" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Content-Type: plain/text" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header done 2012/09/13 14:46:53 [debug] 9004#0: *7 malloc: 09786090:4096 2012/09/13 14:46:53 [debug] 9004#0: *7 HTTP/1.1 500 Internal Server Error Server: nginx/0.7.67 Date: Thu, 13 Sep 2012 12:46:53 GMT Content-Type: plain/text Connection: keep-alive X-AspNetMvc-Version: 3.0 X-AspNet-Version: 4.0.30319 Content-Length: 48 Cache-Control: private Set-Cookie: ASP.NET_SessionId=0DC6CD8C829815B288180C94; path=/ Vary: Accept-Encoding 2012/09/13 14:46:53 [debug] 9004#0: *7 write new buf t:1 f:0 097860A0, pos 097860A0, size: 333 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter: l:0 f:0 s:333 2012/09/13 14:46:53 [debug] 9004#0: *7 file cleanup: fd:4 2012/09/13 14:46:53 [debug] 9004#0: *7 http cacheable: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream process upstream 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe read upstream: 1 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe preread: 48 2012/09/13 14:46:53 [debug] 9004#0: *7 readv: 1:3710 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe recv chain: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe buf free s:0 t:1 f:0 0977BB10, pos 0977BC62, size: 48 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 input buf #0 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe write downstream: 1 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe write downstream flush in 2012/09/13 14:46:53 [debug] 9004#0: *7 http output filter "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 copy filter: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 http postpone filter "/Scansioni/ImmagineAcquiredUpload?" 0977BAF0 2012/09/13 14:46:53 [debug] 9004#0: *7 write old buf t:1 f:0 097860A0, pos 097860A0, size: 333 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 write new buf t:1 f:0 0977BB10, pos 0977BC62, size: 48 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter: l:0 f:0 s:381 2012/09/13 14:46:53 [debug] 9004#0: *7 copy filter: 0 "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe write downstream done 2012/09/13 14:46:53 [debug] 9004#0: *7 event timer: 7, old: 3219249290, new: 3219249382 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream exit: 00000000 2012/09/13 14:46:53 [debug] 9004#0: *7 finalize http upstream request: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 finalize http proxy request 2012/09/13 14:46:53 [debug] 9004#0: *7 free rr peer 1 0 2012/09/13 14:46:53 [debug] 9004#0: *7 close http upstream connection: 7 2012/09/13 14:46:53 [debug] 9004#0: *7 event timer del: 7: 3219249290 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream temp fd: -1 2012/09/13 14:46:53 [debug] 9004#0: *7 http output filter "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 copy filter: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 http postpone filter "/Scansioni/ImmagineAcquiredUpload?" BF9E7438 2012/09/13 14:46:53 [debug] 9004#0: *7 write old buf t:1 f:0 097860A0, pos 097860A0, size: 333 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 write old buf t:1 f:0 0977BB10, pos 0977BC62, size: 48 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 write new buf t:0 f:0 00000000, pos 00000000, size: 0 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter: l:1 f:0 s:381 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter limit 0 2012/09/13 14:46:53 [debug] 9004#0: *7 writev: 381 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter 00000000 2012/09/13 14:46:53 [debug] 9004#0: *7 copy filter: 0 "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 http finalize request: 0, "/Scansioni/ImmagineAcquiredUpload?" 1 2012/09/13 14:46:53 [debug] 9004#0: *7 set http keepalive handler 2012/09/13 14:46:53 [debug] 9004#0: *7 http close request 2012/09/13 14:46:53 [debug] 9004#0: *7 http log handler 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 0977BB10 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09784088 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 0977AB08, unused: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09786090, unused: 3430 2012/09/13 14:46:53 [debug] 9004#0: *7 event timer add: 3: 75000:3215724382 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09781310 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 097815B8 2012/09/13 14:46:53 [debug] 9004#0: *7 hc free: 00000000 0 2012/09/13 14:46:53 [debug] 9004#0: *7 hc busy: 00000000 0 2012/09/13 14:46:53 [debug] 9004#0: *7 tcp_nodelay 2012/09/13 14:46:53 [debug] 9004#0: *7 post event 097B0A9C 2012/09/13 14:46:53 [debug] 9004#0: *7 delete posted event 097B0A9C 2012/09/13 14:46:53 [debug] 9004#0: *7 http keepalive handler 2012/09/13 14:46:53 [debug] 9004#0: *7 malloc: 09781310:1024 2012/09/13 14:46:53 [debug] 9004#0: *7 recv: fd:3 -1 of 1024 2012/09/13 14:46:53 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:53 [debug] 9004#0: *7 http keepalive handler 2012/09/13 14:46:53 [debug] 9004#0: *7 recv: fd:3 0 of 1024 2012/09/13 14:46:53 [info] 9004#0: *7 client 192.168.0.37 closed keepalive connection 2012/09/13 14:46:53 [debug] 9004#0: *7 close http connection: 3 2012/09/13 14:46:53 [debug] 9004#0: *7 event timer del: 3: 3215724382 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09781310 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 00000000 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09778E58, unused: 56 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230692,230692#msg-230692 From ne at vbart.ru Thu Sep 13 14:04:58 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Thu, 13 Sep 2012 18:04:58 +0400 Subject: Nginx proxy_pass file upload 500 "Internal Server Error" In-Reply-To: <0d62d050ee860cd904c2ab7078e70a8d.NginxMailingListEnglish@forum.nginx.org> References: <0d62d050ee860cd904c2ab7078e70a8d.NginxMailingListEnglish@forum.nginx.org> Message-ID: <201209131804.58874.ne@vbart.ru> On Thursday 13 September 2012 17:09:24 a.mion at megasp.it wrote: > I've a problem using nginx as reverse proxy. > I sent a POST request to nginx for file upload. > My backend is an apache2 web server. > My backend receive correctly request and save correctly uploaded file. And then it returns a 500 error. You can see this yourself in the debug log that you have posted here: > 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy status 500 "500 Internal > Server Error" > 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Date: Thu, 13 > Sep 2012 12:49:09 GMT" > 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Server: > Apache/2.2.16 (Debian)" > My frontend, nginx, give back a 500, Internal server error response. [...] Nginx just gives back exactly what your backend returns. Did you look at apache logs? wbr, Valentin V. Bartenev From nginx-forum at nginx.us Thu Sep 13 15:21:27 2012 From: nginx-forum at nginx.us (karlseguin) Date: Thu, 13 Sep 2012 11:21:27 -0400 Subject: md5 collision In-Reply-To: <20120913124815.GP40452@mdounin.ru> References: <20120913124815.GP40452@mdounin.ru> Message-ID: <99be396c2827cb519cb168ee439d34a1.NginxMailingListEnglish@forum.nginx.org> Getting OpenSSL to handle md5 didn't change anything (wasn't able to get it to compile with your specific flag, but I figured this was what you had intended?) Here's a sample from the debug log: 2012/09/13 15:15:16 [debug] 27367#0: *3441 http cache key: "http://origin_magick" 2012/09/13 15:15:16 [debug] 27367#0: *3441 http cache key: "/uploads/channel/thumbnail/5927/e74e97624ef652bc7a8419c02f8a7f92ae71d127.jpg" 2012/09/13 15:15:16 [debug] 27367#0: *3441 add cleanup: 000000000196CE68 2012/09/13 15:15:16 [debug] 27367#0: *3441 http file cache exists: 0 e:1 2012/09/13 15:15:16 [debug] 27367#0: *3441 cache file: "/mnt/tmp/nginx/cache/90/6d/2b/422c25423170bac1c4e655ed9c2b6d90" 2012/09/13 15:15:16 [debug] 27367#0: *3441 add cleanup: 000000000196CEC0 2012/09/13 15:15:16 [debug] 27367#0: *3441 http file cache fd: 24 2012/09/13 15:15:16 [debug] 27367#0: *3441 read: 24, 000000000196D198, 285, 0 2012/09/13 15:15:16 [crit] 27367#0: *3441 cache file "/mnt/tmp/nginx/cache/90/6d/2b/422c25423170bac1c4e655ed9c2b6d90" has md5 collision, client: 127.0.0.1, server: atlas-x.example.com, request: "GET /uploads/channel/thumbnail/5927/e74e97624ef652bc7a8419c02f8a7f92ae71d127.jpg HTTP/1.1", host: "127.0.0.1" 2012/09/13 15:15:16 [debug] 27367#0: *3441 http upstream cache: -5 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230686,230703#msg-230703 From aweber at comcast.net Thu Sep 13 15:29:13 2012 From: aweber at comcast.net (AJ Weber) Date: Thu, 13 Sep 2012 11:29:13 -0400 Subject: WAF Recommendations? Message-ID: <5051FBC9.7080203@comcast.net> Would like to integrate WAF functionality/capability with nginx. Has anyone tested the latest version of ModSecurity (2.7.0), which apparently has a module for nginx? Interested in any and all feedback and recommendations. Thanks, AJ From rainer at ultra-secure.de Thu Sep 13 15:38:09 2012 From: rainer at ultra-secure.de (Rainer Duffner) Date: Thu, 13 Sep 2012 17:38:09 +0200 Subject: WAF Recommendations? In-Reply-To: <5051FBC9.7080203@comcast.net> References: <5051FBC9.7080203@comcast.net> Message-ID: <20120913173809.4b0764f2@suse2.ip-tech.ch> Am Thu, 13 Sep 2012 11:29:13 -0400 schrieb AJ Weber : > Would like to integrate WAF functionality/capability with nginx. Has > anyone tested the latest version of ModSecurity (2.7.0), which > apparently has a module for nginx? > > Interested in any and all feedback and recommendations. Has anyone actually built that? I think it has only very recently been added to their repository on sf.net http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.7.x/nginx/ There's no "release" in the sense of a tarball - the announcement some time ago was a classic paper-launch IMO. I'd be more interested anyway to hear from users of naxi - and how it compares to mod_security... From aweber at comcast.net Thu Sep 13 15:49:05 2012 From: aweber at comcast.net (AJ Weber) Date: Thu, 13 Sep 2012 11:49:05 -0400 Subject: WAF Recommendations? In-Reply-To: <20120913173809.4b0764f2@suse2.ip-tech.ch> References: <5051FBC9.7080203@comcast.net> <20120913173809.4b0764f2@suse2.ip-tech.ch> Message-ID: <50520071.4030102@comcast.net> The tarball on their frontpage (modsecurity.org) apparently has it included now. From what I read it was originally in a separate sub-project or something. I'm all for hearing from naxi users too! Functionally, it appears that ModSecurity has many more options, but it's in RC, versus naxi that has been available for a while. On 9/13/2012 11:38 AM, Rainer Duffner wrote: > Am Thu, 13 Sep 2012 11:29:13 -0400 > schrieb AJ Weber: > >> Would like to integrate WAF functionality/capability with nginx. Has >> anyone tested the latest version of ModSecurity (2.7.0), which >> apparently has a module for nginx? >> >> Interested in any and all feedback and recommendations. > > Has anyone actually built that? > I think it has only very recently been added to their repository on > sf.net > http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.7.x/nginx/ > > There's no "release" in the sense of a tarball - the announcement some > time ago was a classic paper-launch IMO. > > I'd be more interested anyway to hear from users of naxi - and how it > compares to mod_security... > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From nginx-forum at nginx.us Thu Sep 13 19:11:58 2012 From: nginx-forum at nginx.us (nikitosiusis) Date: Thu, 13 Sep 2012 15:11:58 -0400 Subject: "zero size buf in output" In-Reply-To: <1c024be0fb2d53b9ddf8f7782cf3477f.NginxMailingListEnglish@forum.nginx.org> References: <201208240008.53003.ne@vbart.ru> <1c024be0fb2d53b9ddf8f7782cf3477f.NginxMailingListEnglish@forum.nginx.org> Message-ID: <84854ff6e27882c56b353b52c376a58e.NginxMailingListEnglish@forum.nginx.org> Same problem here # nginx -V nginx version: nginx/1.2.3 configure arguments: --prefix=/usr/local/etc/nginx --with-cc-opt='-I /usr/local/include' --with-ld-opt='-L /usr/local/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx-error.log --user=www --group=www --with-file-aio --with-ipv6 --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --http-log-path=/var/log/nginx-access.log --add-module=/usr/ports/www/nginx/work/ngx_http_gunzip_filter_module-0.4 --with-http_stub_status_module --add-module=/usr/ports/www/nginx/work/nginx_upstream_hash-0.3.1 --with-pcre # uname -a FreeBSD hostname 7.4-RELEASE-p9 FreeBSD 7.4-RELEASE-p9 #0: Mon Jun 11 19:47:58 UTC 2012 root at amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 2012/09/13 15:38:03 [alert] 59568#0: *4954010 zero size buf in output t:0 r:0 f:0 0000000814EE2000 0000000814EE2000-0000000814EE4000 0000000000000000 0-0 while sending to client, client: 90.133.66.18, server: hostname.ru, request: "GET /web/upload/forall/js/jquery-1.4.2_nyroModal-1.6.2_validate_capslock_jquery-ui-1.8.4.custom.min.js HTTP/1.1", upstream: "http://ip:80/web/upload/forall/js/jquery-1.4.2_nyroModal-1.6.2_validate_capslock_jquery-ui-1.8.4.custom.min.js", host: "delamour-ufa.ru" 2012/09/13 16:05:32 [alert] 59567#0: *5305581 zero size buf in output t:0 r:0 f:0 0000000800F3A000 0000000800F3A000-0000000800F3B000 0000000000000000 0-0 while sending to client, client: 92.243.167.145, server: hostname.ru, request: "GET /web/static/js/120907/jquery.admin.plugins.min.js HTTP/1.1", upstream: "http://ip2:80/web/static/js/120907/jquery.admin.plugins.min.js", host: "landlifes.hostname.ru", referrer: "http://landlifes.storeland.ru/admin/orders" Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230072,230696#msg-230696 From nginx-forum at nginx.us Thu Sep 13 19:13:33 2012 From: nginx-forum at nginx.us (a.mion@megasp.it) Date: Thu, 13 Sep 2012 15:13:33 -0400 Subject: Nginx proxy_pass file upload 500 "Internal Server Error" Message-ID: <0f9ee50d48234e017b2cde93b6973f53.NginxMailingListEnglish@forum.nginx.org> I've a problem using nginx as reverse proxy. I sent a POST request to nginx for file upload. My backend is an apache2 web server. My backend receive correctly request and save correctly uploaded file. My frontend, nginx, give back a 500, Internal server error response. This is my nginx.conf user www-data; worker_processes 1; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 1024; # multi_accept on; } http { include /etc/nginx/mime.types; access_log /var/log/nginx/access.log; sendfile on; tcp_nopush on; #keepalive_timeout 0; tcp_nodelay on; client_max_body_size 50m; #client_body_buffer_size 2m; gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } This is my /etc/nginx/sites-enabled/default config: server { listen 80; ## listen for ipv4 listen [::]:80 default ipv6only=on; ## listen for ipv6 server_name megasp.sigmagroup.it; access_log /var/log/nginx/localhost.access.log; error_log /var/log/nginx/localhost.error.log debug; location ~ \.*$ { proxy_pass http://megasp.sigmagroup.it; proxy_read_timeout 3600; } } This is nginx error log with debug info: 2012/09/13 14:46:52 [debug] 9004#0: accept on 0.0.0.0:80, ready: 0 2012/09/13 14:46:52 [debug] 9004#0: malloc: 09778E58:256 2012/09/13 14:46:52 [debug] 9004#0: *7 accept: 192.168.0.37 fd:3 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 3: 60000:3215709281 2012/09/13 14:46:52 [debug] 9004#0: *7 epoll add event: fd:3 op:1 ev:80000001 2012/09/13 14:46:52 [debug] 9004#0: *7 malloc: 09781310:676 2012/09/13 14:46:52 [debug] 9004#0: *7 malloc: 097815B8:1024 2012/09/13 14:46:52 [debug] 9004#0: *7 malloc: 0977AB08:4096 2012/09/13 14:46:52 [debug] 9004#0: *7 http process request line 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1024 of 1024 2012/09/13 14:46:52 [debug] 9004#0: *7 http request line: "POST /Scansioni/ImmagineAcquiredUpload HTTP/1.1" 2012/09/13 14:46:52 [debug] 9004#0: *7 http uri: "/Scansioni/ImmagineAcquiredUpload" 2012/09/13 14:46:52 [debug] 9004#0: *7 http args: "" 2012/09/13 14:46:52 [debug] 9004#0: *7 http exten: "" 2012/09/13 14:46:52 [debug] 9004#0: *7 http process request header line 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "Content-Length: 56242" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "Content-Type: multipart/form-data; boundary=xQyrNf60g_tOu8mL4dEi4TmTg7VhAO" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "Host: 192.168.0.204" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "Connection: Keep-Alive" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header: "User-Agent: Apache-HttpClient/4.2.1 (java 1.5)" 2012/09/13 14:46:52 [debug] 9004#0: *7 http header done 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer del: 3: 3215709281 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 0 2012/09/13 14:46:52 [debug] 9004#0: *7 add cleanup: 0977B010 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 1 2012/09/13 14:46:52 [debug] 9004#0: *7 test location: ~ "\.*$" 2012/09/13 14:46:52 [debug] 9004#0: *7 using configuration "\.*$" 2012/09/13 14:46:52 [debug] 9004#0: *7 http cl:56242 max:52428800 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 3 2012/09/13 14:46:52 [debug] 9004#0: *7 post rewrite phase: 4 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 5 2012/09/13 14:46:52 [debug] 9004#0: *7 add cleanup: 0977B02C 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 6 2012/09/13 14:46:52 [debug] 9004#0: *7 generic phase: 7 2012/09/13 14:46:52 [debug] 9004#0: *7 access phase: 8 2012/09/13 14:46:52 [debug] 9004#0: *7 access phase: 9 2012/09/13 14:46:52 [debug] 9004#0: *7 post access phase: 10 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body preread 781 2012/09/13 14:46:52 [debug] 9004#0: *7 malloc: 09784088:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 5249 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 5249 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 50212 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 2943 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 50212 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 3: 60000:3215709283 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 2943 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 48752 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 1483 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 48752 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709284 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 1483 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 47292 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 23 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 47292 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709284 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 23 of 23 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 23 2012/09/13 14:46:52 [debug] 9004#0: *7 add cleanup: 0977B414 2012/09/13 14:46:52 [debug] 9004#0: *7 hashed path: /var/lib/nginx/body/0000000004 2012/09/13 14:46:52 [debug] 9004#0: *7 temp fd:4 2012/09/13 14:46:52 [warn] 9004#0: *7 a client request body is buffered to a temporary file /var/lib/nginx/body/0000000004, client: 192.168.0.37, server: megasp.sigmagroup.it, request: "POST /Scansioni/ImmagineAcquiredUpload HTTP/1.1", host: "192.168.0.204" 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 0 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 2897 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 2897 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 44372 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5295 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 44372 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709284 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 5295 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 42912 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3835 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 42912 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3835 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 41452 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 2375 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 41452 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 2375 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 39992 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 915 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 39992 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 915 of 915 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 915 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 545 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 545 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 38532 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 7647 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 37072 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 6187 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 37072 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1500 of 6187 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1500 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 35572 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 34112 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 34112 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709285 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 32652 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 31476 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 31476 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709286 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 591 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 591 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 16384 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 869 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 869 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 30016 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 28556 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 28556 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709286 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 27380 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 27380 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709286 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 25920 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 25920 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 24460 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 24460 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 23284 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 23284 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 591 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 591 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 24576 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 869 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 869 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 21824 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 21824 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 20364 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 20364 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 19188 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 19188 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 17728 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 17728 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 16268 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 16268 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 15092 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 15092 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709287 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 591 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 591 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 32768 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 869 of 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 869 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 13632 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 13632 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 7323 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 12172 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 12172 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 5863 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 10996 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 10996 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 4687 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 9536 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 9536 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 3227 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 8076 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 8076 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 1767 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 6900 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 6900 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 591 of 591 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 591 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 8192, 40960 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 869 of 6309 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 869 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 5440 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 5440 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 5440 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709288 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1460 of 5440 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1460 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 3980 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 3980 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 3980 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 1176 of 3980 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 1176 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 2804 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 -1 of 2804 2012/09/13 14:46:52 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv -2 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 2804 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer: 3, old: 3215709283, new: 3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http read client request body 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 2035 of 2804 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 2035 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 769 2012/09/13 14:46:52 [debug] 9004#0: *7 recv: fd:3 769 of 769 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body recv 769 2012/09/13 14:46:52 [debug] 9004#0: *7 http client request body rest 0 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer del: 3: 3215709283 2012/09/13 14:46:52 [debug] 9004#0: *7 write: 4, 09784088, 6309, 49152 2012/09/13 14:46:52 [debug] 9004#0: *7 http init upstream, client timer: 0 2012/09/13 14:46:52 [debug] 9004#0: *7 epoll add event: fd:3 op:3 ev:80000005 2012/09/13 14:46:52 [debug] 9004#0: *7 http script copy: "Host: " 2012/09/13 14:46:52 [debug] 9004#0: *7 http script var: "megasp.sigmagroup.it" 2012/09/13 14:46:52 [debug] 9004#0: *7 http script copy: " " 2012/09/13 14:46:52 [debug] 9004#0: *7 http script copy: "Connection: close " 2012/09/13 14:46:52 [debug] 9004#0: *7 http proxy header: "Content-Length: 56242" 2012/09/13 14:46:52 [debug] 9004#0: *7 http proxy header: "Content-Type: multipart/form-data; boundary=xQyrNf60g_tOu8mL4dEi4TmTg7VhAO" 2012/09/13 14:46:52 [debug] 9004#0: *7 http proxy header: "User-Agent: Apache-HttpClient/4.2.1 (java 1.5)" 2012/09/13 14:46:52 [debug] 9004#0: *7 http proxy header: "POST /Scansioni/ImmagineAcquiredUpload HTTP/1.0 Host: megasp.sigmagroup.it Connection: close Content-Length: 56242 Content-Type: multipart/form-data; boundary=xQyrNf60g_tOu8mL4dEi4TmTg7VhAO User-Agent: Apache-HttpClient/4.2.1 (java 1.5) " 2012/09/13 14:46:52 [debug] 9004#0: *7 http cleanup add: 0977B640 2012/09/13 14:46:52 [debug] 9004#0: *7 get rr peer, try: 1 2012/09/13 14:46:52 [debug] 9004#0: *7 socket 7 2012/09/13 14:46:52 [debug] 9004#0: *7 epoll add connection: fd:7 ev:80000005 2012/09/13 14:46:52 [debug] 9004#0: *7 connect to 192.168.0.206:80, fd:7 #8 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream connect: -2 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 7: 60000:3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 http run request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream check client, write event:1, "/Scansioni/ImmagineAcquiredUpload" 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream recv(): -1 (11: Resource temporarily unavailable) 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream send request handler 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream send request 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 0 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:245 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:781 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B67C 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 9218 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B694 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 6710 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 0977B694 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer del: 7: 3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 7: 60000:3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream send request handler 2012/09/13 14:46:52 [debug] 9004#0: *7 http upstream send request 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B694 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 1482 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 16384 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B69C 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 24576 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B6A4 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 32768 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B6AC 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 8192, 40960 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:0 s:8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B6B4 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 8192 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 read: 4, 09784088, 6309, 49152 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer buf fl:1 s:6309 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer in: 0977B6BC 2012/09/13 14:46:52 [debug] 9004#0: *7 writev: 6309 2012/09/13 14:46:52 [debug] 9004#0: *7 chain writer out: 00000000 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer del: 7: 3215709289 2012/09/13 14:46:52 [debug] 9004#0: *7 event timer add: 7: 3600000:3219249290 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream request: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream process header 2012/09/13 14:46:53 [debug] 9004#0: *7 malloc: 0977BB10:4096 2012/09/13 14:46:53 [debug] 9004#0: *7 recv: fd:7 386 of 4096 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy status 500 "500 Internal Server Error" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Date: Thu, 13 Sep 2012 12:49:09 GMT" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Server: Apache/2.2.16 (Debian)" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "X-AspNetMvc-Version: 3.0" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "X-AspNet-Version: 4.0.30319" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Content-Length: 48" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Cache-Control: private" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Set-Cookie: ASP.NET_SessionId=0DC6CD8C829815B288180C94; path=/" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Vary: Accept-Encoding" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Connection: close" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header: "Content-Type: plain/text" 2012/09/13 14:46:53 [debug] 9004#0: *7 http proxy header done 2012/09/13 14:46:53 [debug] 9004#0: *7 malloc: 09786090:4096 2012/09/13 14:46:53 [debug] 9004#0: *7 HTTP/1.1 500 Internal Server Error Server: nginx/0.7.67 Date: Thu, 13 Sep 2012 12:46:53 GMT Content-Type: plain/text Connection: keep-alive X-AspNetMvc-Version: 3.0 X-AspNet-Version: 4.0.30319 Content-Length: 48 Cache-Control: private Set-Cookie: ASP.NET_SessionId=0DC6CD8C829815B288180C94; path=/ Vary: Accept-Encoding 2012/09/13 14:46:53 [debug] 9004#0: *7 write new buf t:1 f:0 097860A0, pos 097860A0, size: 333 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter: l:0 f:0 s:333 2012/09/13 14:46:53 [debug] 9004#0: *7 file cleanup: fd:4 2012/09/13 14:46:53 [debug] 9004#0: *7 http cacheable: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream process upstream 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe read upstream: 1 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe preread: 48 2012/09/13 14:46:53 [debug] 9004#0: *7 readv: 1:3710 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe recv chain: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe buf free s:0 t:1 f:0 0977BB10, pos 0977BC62, size: 48 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 input buf #0 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe write downstream: 1 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe write downstream flush in 2012/09/13 14:46:53 [debug] 9004#0: *7 http output filter "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 copy filter: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 http postpone filter "/Scansioni/ImmagineAcquiredUpload?" 0977BAF0 2012/09/13 14:46:53 [debug] 9004#0: *7 write old buf t:1 f:0 097860A0, pos 097860A0, size: 333 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 write new buf t:1 f:0 0977BB10, pos 0977BC62, size: 48 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter: l:0 f:0 s:381 2012/09/13 14:46:53 [debug] 9004#0: *7 copy filter: 0 "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 pipe write downstream done 2012/09/13 14:46:53 [debug] 9004#0: *7 event timer: 7, old: 3219249290, new: 3219249382 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream exit: 00000000 2012/09/13 14:46:53 [debug] 9004#0: *7 finalize http upstream request: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 finalize http proxy request 2012/09/13 14:46:53 [debug] 9004#0: *7 free rr peer 1 0 2012/09/13 14:46:53 [debug] 9004#0: *7 close http upstream connection: 7 2012/09/13 14:46:53 [debug] 9004#0: *7 event timer del: 7: 3219249290 2012/09/13 14:46:53 [debug] 9004#0: *7 http upstream temp fd: -1 2012/09/13 14:46:53 [debug] 9004#0: *7 http output filter "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 copy filter: "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 http postpone filter "/Scansioni/ImmagineAcquiredUpload?" BF9E7438 2012/09/13 14:46:53 [debug] 9004#0: *7 write old buf t:1 f:0 097860A0, pos 097860A0, size: 333 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 write old buf t:1 f:0 0977BB10, pos 0977BC62, size: 48 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 write new buf t:0 f:0 00000000, pos 00000000, size: 0 file: 0, size: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter: l:1 f:0 s:381 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter limit 0 2012/09/13 14:46:53 [debug] 9004#0: *7 writev: 381 2012/09/13 14:46:53 [debug] 9004#0: *7 http write filter 00000000 2012/09/13 14:46:53 [debug] 9004#0: *7 copy filter: 0 "/Scansioni/ImmagineAcquiredUpload?" 2012/09/13 14:46:53 [debug] 9004#0: *7 http finalize request: 0, "/Scansioni/ImmagineAcquiredUpload?" 1 2012/09/13 14:46:53 [debug] 9004#0: *7 set http keepalive handler 2012/09/13 14:46:53 [debug] 9004#0: *7 http close request 2012/09/13 14:46:53 [debug] 9004#0: *7 http log handler 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 0977BB10 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09784088 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 0977AB08, unused: 0 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09786090, unused: 3430 2012/09/13 14:46:53 [debug] 9004#0: *7 event timer add: 3: 75000:3215724382 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09781310 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 097815B8 2012/09/13 14:46:53 [debug] 9004#0: *7 hc free: 00000000 0 2012/09/13 14:46:53 [debug] 9004#0: *7 hc busy: 00000000 0 2012/09/13 14:46:53 [debug] 9004#0: *7 tcp_nodelay 2012/09/13 14:46:53 [debug] 9004#0: *7 post event 097B0A9C 2012/09/13 14:46:53 [debug] 9004#0: *7 delete posted event 097B0A9C 2012/09/13 14:46:53 [debug] 9004#0: *7 http keepalive handler 2012/09/13 14:46:53 [debug] 9004#0: *7 malloc: 09781310:1024 2012/09/13 14:46:53 [debug] 9004#0: *7 recv: fd:3 -1 of 1024 2012/09/13 14:46:53 [debug] 9004#0: *7 recv() not ready (11: Resource temporarily unavailable) 2012/09/13 14:46:53 [debug] 9004#0: *7 http keepalive handler 2012/09/13 14:46:53 [debug] 9004#0: *7 recv: fd:3 0 of 1024 2012/09/13 14:46:53 [info] 9004#0: *7 client 192.168.0.37 closed keepalive connection 2012/09/13 14:46:53 [debug] 9004#0: *7 close http connection: 3 2012/09/13 14:46:53 [debug] 9004#0: *7 event timer del: 3: 3215724382 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09781310 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 00000000 2012/09/13 14:46:53 [debug] 9004#0: *7 free: 09778E58, unused: 56 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230694,230694#msg-230694 From mdounin at mdounin.ru Thu Sep 13 20:14:45 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Fri, 14 Sep 2012 00:14:45 +0400 Subject: md5 collision In-Reply-To: <99be396c2827cb519cb168ee439d34a1.NginxMailingListEnglish@forum.nginx.org> References: <20120913124815.GP40452@mdounin.ru> <99be396c2827cb519cb168ee439d34a1.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120913201445.GR40452@mdounin.ru> Hello! On Thu, Sep 13, 2012 at 11:21:27AM -0400, karlseguin wrote: > Getting OpenSSL to handle md5 didn't change anything As copilation long as > (wasn't able to get it > to compile with your specific flag, but I figured this was what you had > intended?) With the flag in question (--with-cc-opt="-DNGX_HAVE_MD5=0") nginx should compile with internal md5 implementation. If it doesn't - you may want to provide more details. > Here's a sample from the debug log: > > 2012/09/13 15:15:16 [debug] 27367#0: *3441 http cache key: > "http://origin_magick" > 2012/09/13 15:15:16 [debug] 27367#0: *3441 http cache key: > "/uploads/channel/thumbnail/5927/e74e97624ef652bc7a8419c02f8a7f92ae71d127.jpg" > 2012/09/13 15:15:16 [debug] 27367#0: *3441 add cleanup: 000000000196CE68 > 2012/09/13 15:15:16 [debug] 27367#0: *3441 http file cache exists: 0 e:1 > 2012/09/13 15:15:16 [debug] 27367#0: *3441 cache file: > "/mnt/tmp/nginx/cache/90/6d/2b/422c25423170bac1c4e655ed9c2b6d90" > 2012/09/13 15:15:16 [debug] 27367#0: *3441 add cleanup: 000000000196CEC0 > 2012/09/13 15:15:16 [debug] 27367#0: *3441 http file cache fd: 24 > 2012/09/13 15:15:16 [debug] 27367#0: *3441 read: 24, 000000000196D198, 285, > 0 > 2012/09/13 15:15:16 [crit] 27367#0: *3441 cache file > "/mnt/tmp/nginx/cache/90/6d/2b/422c25423170bac1c4e655ed9c2b6d90" has md5 > collision, client: 127.0.0.1, server: atlas-x.example.com, request: "GET > /uploads/channel/thumbnail/5927/e74e97624ef652bc7a8419c02f8a7f92ae71d127.jpg > HTTP/1.1", host: "127.0.0.1" > 2012/09/13 15:15:16 [debug] 27367#0: *3441 http upstream cache: -5 Calculated md5 looks fine. Do you see the same problem if you re-request the resource in question? If yes - what's in the cache file? Intresting part is first bytes and the KEY string. Note that first bytes are binary, please use hd/xxd to show them. If no - how the cache was populated? Note that cache files aren't portable and you can't move the cache from one host to another. Maxim Dounin From agentzh at gmail.com Thu Sep 13 21:42:04 2012 From: agentzh at gmail.com (agentzh) Date: Thu, 13 Sep 2012 14:42:04 -0700 Subject: WAF Recommendations? In-Reply-To: <5051FBC9.7080203@comcast.net> References: <5051FBC9.7080203@comcast.net> Message-ID: Hello! On Thu, Sep 13, 2012 at 8:29 AM, AJ Weber wrote: > Would like to integrate WAF functionality/capability with nginx. Has anyone > tested the latest version of ModSecurity (2.7.0), which apparently has a > module for nginx? > My colleague John Graham-Cumming has been working on a compiler that can compile a good number of ModSecurity rule configurations into Lua code that can be run atop ngx_lua [1]. We (CloudFlare) may opensource it at some point. Some (big) users of mine have been using ngx_lua to implement custom WAF in production and sent back good results. Some reported better performance with ngx_lua than both ModSecurity and Naxi, but I've not confirmed the result myself yet :) Best regards, -agentzh [1] http://wiki.nginx.org/HttpLuaModule From nginx-forum at nginx.us Thu Sep 13 23:43:16 2012 From: nginx-forum at nginx.us (karlseguin) Date: Thu, 13 Sep 2012 19:43:16 -0400 Subject: md5 collision In-Reply-To: <20120913201445.GR40452@mdounin.ru> References: <20120913201445.GR40452@mdounin.ru> Message-ID: Yes, re-requesting the same image will cause the same error (can't say with 100% certainty that it'll always do it though). sudo hd /mnt/tmp/nginx/cache/5f/85/1b/56cc2e05fb85eb0a806444f1811b855f 00000000 ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 |......JFIF......| Naively, there doesn't seem to be any special header bytes? Relevant config is: upstream origin_magick { server 127.0.0.1:4000; keepalive 50; } proxy_cache_path /mnt/tmp/nginx/cache levels=2:2:2 keys_zone=main:200m max_size=100G; proxy_cache_use_stale updating; proxy_http_version 1.1; proxy_cache_valid any 1m; more_clear_headers 'X-amz-*' 'x-amz-*' 'X-Content-Digest' 'X-Rack-Cache; location / { proxy_cache_bypass $http_nocache; proxy_cache main; proxy_pass http://origin_magick; more_set_headers -s '404 403' 'Cache-Control: public, max-age=120'; } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230686,230714#msg-230714 From christian.boenning at gmail.com Fri Sep 14 08:56:00 2012 From: christian.boenning at gmail.com (=?ISO-8859-1?Q?Christian_B=F6nning?=) Date: Fri, 14 Sep 2012 10:56:00 +0200 Subject: more_set_headers with content-type "text/html" does not send header Message-ID: Hi, I'm using nginx (1.3.6 +spdy52) with agentzh/headers-more-nginx-module (current master branch from git). There's a Content-Type header sent which does contain the following: text/html; charset=utf-8 However when I add `more_set_headers -t "text/html" "X-UA-Compatible:IE=Edge,chrome=1"` to my `server` block this header isn't sent. In case I remove that `-t "text/html"` it's all fine (read: header is sent). Tried with `-t "text/html; charset=utf-8"` too without any effect. Any ideas what might be wrong here? Regards, Christian From nginx-forum at nginx.us Fri Sep 14 09:15:33 2012 From: nginx-forum at nginx.us (wayan) Date: Fri, 14 Sep 2012 05:15:33 -0400 Subject: try_files based on file mtime? In-Reply-To: <64a4c21dfec6ab2c51f275b77c277deb.NginxMailingListEnglish@forum.nginx.org> References: <64a4c21dfec6ab2c51f275b77c277deb.NginxMailingListEnglish@forum.nginx.org> Message-ID: <9c3d61e3f52bcae9fd25381a35d6b6a3.NginxMailingListEnglish@forum.nginx.org> Hello stdragon, I also need this function (try_files based on file mtime). To you have a solution already? Thank... Regards wayan Posted at Nginx Forum: http://forum.nginx.org/read.php?2,97433,230721#msg-230721 From F.Ruske at flyeralarm.de Fri Sep 14 09:21:06 2012 From: F.Ruske at flyeralarm.de (Frank Ruske) Date: Fri, 14 Sep 2012 11:21:06 +0200 Subject: Map using regular expresion limited to {2} chars In-Reply-To: References: Message-ID: Hello I have a map to match my clients but somehow i can not limit the chars within the regular expression. What i want to archive is the following map with a general regular expression: map $uri $myclient { default noclient; ~/de/? de; ~/es/? es; ~/nl/? nl; # 1..n (always 2 chars long) } But when i try it this way: map $uri $myclient { default noclient; ~/(?[a-z]{2})/ $suffix; } i get the following error: nginx: [emerg] invalid number of the map parameters www.vm:17 This one works but i get even hits if i have more then 2 chars what is not desired behaviour. map $uri $myclient { default noclient; ~/(?[a-z])/ $suffix; } Any ideas? Thank you! Regards Frank From markus.jelsma at openindex.io Fri Sep 14 10:46:15 2012 From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=) Date: Fri, 14 Sep 2012 10:46:15 +0000 Subject: Lua, memc and image_filter, image not resized via lua In-Reply-To: References: Message-ID: Hi, Any thoughts to share on this one? I'm very stuck now and really want to avoid using some backend ;) Thanks, Markus -----Original message----- > From:Markus Jelsma > Sent: Wed 12-Sep-2012 17:03 > To: nginx at nginx.org > Subject: Lua, memc and image_filter, image not resized via lua > > Hello, > > We attempt to make a simple image resizer and cacher using Nginx en storing in Memcache and the image_filter. First we attempted to do it via eval but we quickly ran into an old issue [1] i had, i can either store a not-existing image in the cache or return it, never both. Instead we tried using Lua scripting and now we can retrieve items from the cache and store remote images in the cache and return them at the same time! > > But we have one problem left, the images are not passed through the image filter at all when we do it via Lua. > > I'll share the config. The location below is called from outside and is the only location externally called. If it's in the cache, return it and it it's not in the cache, try to fetch it, store it in the cache and return it. > > location /img/cache { > set $memc_key $args; > set $memc_cmd 'get'; > error_page 404 = /img/populate?$args; > memc_pass 127.0.0.1:11211; > } > > The following location populates the cache and returns the (hopefully resized) image. It uses a location to fetch the image (and resize it) and another location to write the fetched and resized image to the cache. It finally prints it. > > location /img/populate { > content_by_lua ' > local args = ngx.req.get_uri_args(5) > local image = ngx.location.capture("/img/crop?u=" .. args["u"] .. "&w=" .. args["w"] .."&h=" .. args["h"]) > -- Use anoter location to store the image in the cache (cannot use memc_pass in this location it seems) > local res = ngx.location.capture("/img/put?u=" .. args["u"] .. "&w=" .. args["w"] .."&h=" .. args["h"] .. "&m=" .. args["m"], { body = image["body"] } ) > ngx.print(image["body"]) > '; > } > > The following 2 simple locations resp. fetch and resize the image and store it in memcache. > > location /img/crop { > image_filter crop $arg_w $arg_h; > proxy_pass $arg_u; > } > location /img/put { > set $memc_key $args; > set $memc_cmd 'set'; > memc_pass 127.0.0.1:11211; > } > > The problem is, the image is not resized! If we set the error_page in the first location to /img/crop the image is properly resized so it doesn't work if called from Lua. I would be very grateful for any tips and hints. I am curious to what i'm doing wrong. > > [1]: http://nginx.2469901.n2.nabble.com/Issue-with-3rd-party-memc-and-eval-modules-td4579623.html > > Many thanks, > Markus > > > > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > From ne at vbart.ru Fri Sep 14 10:58:25 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Fri, 14 Sep 2012 14:58:25 +0400 Subject: Map using regular expresion limited to {2} chars In-Reply-To: References: Message-ID: <201209141458.25787.ne@vbart.ru> On Friday 14 September 2012 13:21:06 Frank Ruske wrote: [...] > But when i try it this way: > > map $uri $myclient { > default noclient; > ~/(?[a-z]{2})/ $suffix; > } > > i get the following error: > nginx: [emerg] invalid number of the map parameters www.vm:17 > [...] > > Any ideas? Thank you! > If a regular expression includes the characters ?}? or ?;?, the whole expressions should be enclosed in single or double quotes. wbr, Valentin V. Bartenev -- http://nginx.org/en/donation.html http://nginx.com/support.html From mdounin at mdounin.ru Fri Sep 14 11:14:57 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Fri, 14 Sep 2012 15:14:57 +0400 Subject: md5 collision In-Reply-To: References: <20120913201445.GR40452@mdounin.ru> Message-ID: <20120914111457.GT40452@mdounin.ru> Hello! On Thu, Sep 13, 2012 at 07:43:16PM -0400, karlseguin wrote: > Yes, re-requesting the same image will cause the same error (can't say with > 100% certainty that it'll always do it though). > > > sudo hd /mnt/tmp/nginx/cache/5f/85/1b/56cc2e05fb85eb0a806444f1811b855f > 00000000 ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 > |......JFIF......| > > Naively, there doesn't seem to be any special header bytes? This looks like a completely corrupted cache file, without any headers at all. > Relevant config is: > > upstream origin_magick { > server 127.0.0.1:4000; > keepalive 50; > } > > proxy_cache_path /mnt/tmp/nginx/cache levels=2:2:2 keys_zone=main:200m > max_size=100G; > proxy_cache_use_stale updating; > proxy_http_version 1.1; > proxy_cache_valid any 1m; > more_clear_headers 'X-amz-*' 'x-amz-*' 'X-Content-Digest' 'X-Rack-Cache; > > location / { > proxy_cache_bypass $http_nocache; > proxy_cache main; > proxy_pass http://origin_magick; > more_set_headers -s '404 403' 'Cache-Control: public, max-age=120'; > } Please try removing the cache file in question (move it away or just delete) and re-request it twice (once to cache the response, and once to see the error) to see if problem persists. Please also make sure you are able to reproduce the problem without any 3rd party modules/patches (and preferably with latest nginx 1.3.6). If the problem persists, please follow http://wiki.nginx.org/Debugging and provide minimal full config you are able to reproduce the probem with, and full debug log (since file removal). Maxim Dounin From nginx-forum at nginx.us Fri Sep 14 16:55:52 2012 From: nginx-forum at nginx.us (zsero) Date: Fri, 14 Sep 2012 12:55:52 -0400 Subject: Is it possible to run a shared php-pool while keeping security? Message-ID: <1dd1859c3f3c92aa6407da59fb8f07d0.NginxMailingListEnglish@forum.nginx.org> I'm trying to configure my first VPS using nginx and php-fpm. I've set it up and everything is working well, but I've realized that for every user created there is a separate php-fpm pool what takes about 30 MB of memory even when idling. It wouldn't be a big problem on a huge machine, but I'm trying to do this in a 128 MB lowendbox, so it's not really nice. I've asked in a thread on lowendbox, and received a lot of help in this thread, but I'm still confused: http://www.lowendtalk.com/discussion/comment/123647#Comment_123647 Can you tell me some general guidelines how would it be possible to both have a secure setup and one that runs on low memory servers? Or it's not possible? What I'd like to do is very simple: 1. Have users separated, having separate accounts, scp acces, etc. 2. Only have a single php-pool for all of them, not for each one of them. Is it possible to do it in a secure way? I mean I figured out that I can run the shared pool with a group-user, but then 'alice' can write a php script to list 'bob's files. Are there any better solution? How is it done in proper shared hosting, do they physically reserve at 64 MB RAM for each user? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230730,230730#msg-230730 From nginx-forum at nginx.us Fri Sep 14 17:36:36 2012 From: nginx-forum at nginx.us (Sylvia) Date: Fri, 14 Sep 2012 13:36:36 -0400 Subject: Is it possible to run a shared php-pool while keeping security? In-Reply-To: <1dd1859c3f3c92aa6407da59fb8f07d0.NginxMailingListEnglish@forum.nginx.org> References: <1dd1859c3f3c92aa6407da59fb8f07d0.NginxMailingListEnglish@forum.nginx.org> Message-ID: <9182d4f3dfcc9cfb1129bbcf6c11be6c.NginxMailingListEnglish@forum.nginx.org> You shall try php-fpm with ondemand pools, PHP 5.4 support this directive, having a shared pool for different users is not secure. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230730,230731#msg-230731 From agentzh at gmail.com Fri Sep 14 18:09:54 2012 From: agentzh at gmail.com (agentzh) Date: Fri, 14 Sep 2012 11:09:54 -0700 Subject: Lua, memc and image_filter, image not resized via lua In-Reply-To: References: Message-ID: Hello! On Fri, Sep 14, 2012 at 3:46 AM, Markus Jelsma wrote: > Any thoughts to share on this one? I'm very stuck now and really want to avoid using some backend ;) > I'm going to look into your issue today :) Best regards, -agentzh From nginx-forum at nginx.us Fri Sep 14 18:47:09 2012 From: nginx-forum at nginx.us (thiagotognoli) Date: Fri, 14 Sep 2012 14:47:09 -0400 Subject: Error: Rewrite or internal redirection cycle after some time Message-ID: <1a6b33eef91d1b4790a3491c3cbd8b42.NginxMailingListEnglish@forum.nginx.org> My nginx configuration works fine, but suddenly after some time (mostly days) he begins to answer 3x and the error occurs in the log below for all requests: 2012/09/13 17:15:35 [error] 26027#0: *4923 rewrite or internal redirection cycle while processing "/index.php", client: 201.26.2.XXX, server: www.XXX.com.br, request: "GET /checkout/cart/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm-xxx.sock:", host: "www.XXX.com.br", referrer: "http://www.XXX.com.br/product-xxx.html" The error only after I reload nginx configuration with "/etc/init.d/nginx reload" What can it be? My host config: server { listen xxx.com.br:80 default; server_name www.xxx.com.br *.xxx.com.br; root /home/xxx/www/; location ~ ^/(admin|index\.php/admin) { rewrite / https://$host$request_uri permanent; break; } rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last; rewrite ^/skin/m/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last; location / { index index.php index.html; try_files $uri $uri/ @handler; expires 30d; } location ^~ /app/ { deny all; } location ^~ /includes/ { deny all; } location ^~ /lib/ { deny all; } location /lib/minify/ { allow all;} location ^~ /media/downloadable/ { deny all; } location ^~ /pkginfo/ { deny all; } location ^~ /report/config.xml { deny all; } location ^~ /var/ { deny all; } location ~/(cron\.sh|cron\.php|mage)$ { deny all; } location ^~ /app { deny all; } location ^~ /includes { deny all; } location ^~ /lib { deny all; } location ^~ /downloader { deny all; } location ^~ /errors/.*\.(xml|phtml)$ { deny all; } location ^~ /media/customer { deny all; } location ^~ /media/downloadable { deny all; } location ^~ /pkginfo { deny all; } location ^~ /shell { deny all; } location ^~ /report/.*\.(xml|phtml)$ { deny all; } location ^~ /var { deny all; } location /. { ## Disable .htaccess and other hidden files return 404; } location @handler { ## Magento uses a common front handler rewrite / /index.php; } location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler rewrite ^(.*.php)/ $1 last; } location ~ .php$ { ## Execute PHP scripts if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss include /etc/nginx/naxsi.rules; expires off; ## Do not cache dynamic content fastcgi_pass unix:/var/run/php5-fpm-xxx.sock; include fastcgi_params; ## See /etc/nginx/fastcgi_params fastcgi_param HTTPS $http_https; #fastcgi_param HTTPS off; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param MAGE_RUN_TYPE store; fastcgi_param MAGE_RUN_CODE $magesite_xxx; break; } } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230733,230733#msg-230733 From nginx-forum at nginx.us Fri Sep 14 20:18:45 2012 From: nginx-forum at nginx.us (zsero) Date: Fri, 14 Sep 2012 16:18:45 -0400 Subject: Is it possible to run a shared php-pool while keeping security? In-Reply-To: <9182d4f3dfcc9cfb1129bbcf6c11be6c.NginxMailingListEnglish@forum.nginx.org> References: <1dd1859c3f3c92aa6407da59fb8f07d0.NginxMailingListEnglish@forum.nginx.org> <9182d4f3dfcc9cfb1129bbcf6c11be6c.NginxMailingListEnglish@forum.nginx.org> Message-ID: <5251d1aaa49be09c882cf8e855a0a7b4.NginxMailingListEnglish@forum.nginx.org> Thank you for your reply. I've set ondemand and pm.start_servers = 0. Now it works perfectly, but there is a slight delay while the first process starts. I mean it could be an issue for rarely accessed sites, where the visitors always have to wait for the php process to start. Do I feel it right? Is ondemand really slower compared to dynamic for the first visitor? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230730,230734#msg-230734 From bwellsnc at gmail.com Fri Sep 14 21:23:28 2012 From: bwellsnc at gmail.com (bwellsnc) Date: Fri, 14 Sep 2012 17:23:28 -0400 Subject: Nginx and Zencart In-Reply-To: References: Message-ID: I have found the solution, even though it's a pretty dirty one. Had to utilize if statements. If someone has a better solution, I would welcome it. Here is what is working: server { listen 80; server_name example.com; access_log /home/exampleusr/logs/example.com.access.log; error_log /home/exampleusr/logs/example.com.error.log; root /home/exampleusr/public_html; index index.html index.php index.htm; location / { try_files $uri $uri/ index.php; } location /docs { if ($request_uri ~* (^\/|\.js|\.css|\.jpg|\.gif|\.png|\.html)$ ) { break; } return 403; } location /editors { if ($request_uri ~* (^\/|\.js|\.css|\.jpg|\.gif|\.png|\.html|\.xml)$ ) { break; } return 403; } location /email { if ($request_uri ~* (^\/|\.jpg|\.JPG|\.jpeg|\.JPEG|\.gif|\.GIF|\.png|\.PNG)$ ) { break; } return 403; } location /extras { if ($request_uri ~* (^\/|\.php|\.html)$ ) { break; } return 403; } location /images { if ($request_uri ~* (^\/|\.jpg|\.JPG|\.jpeg|\.JPEG|\.gif|\.GIF|\.png|\.PNG|\.swf|\.SWF|\.WMA)$ ) { break; } return 403; } location /(download|pub) { if ($request_uri ~* (^\/|\.zip|\.ZIP|\.gzip|\.pdf|\.PDF|\.mp3|\.MP3|\.swf|\.SWF|\.wma|\.WMA|\.wmv|\.WMV)$ ) { break; } return 403; } location /includes { if ($request_uri ~* (^\/|\.js|\.JS|\.css|\.CSS|\.jpg|\.JPG|\.gif|\.GIF|\.png|\.PNG|\.swf|\.SWF|\.xsl|\.XSL)$ ) { break; } return 403; } location /media { if ($request_uri ~* (^\/|\.mp3|\.mp4|\.swf|\.avi|\.mpg|\.wma|\.rm|\.ra|\.ram|\.wmv)$ ) { break; } return 403; } location /admin { if ($request_uri ~* (^\/|\.php|\.js|\.css|\.jpg|\.gif|\.png)$ ) { break; } return 403; } location = /robots.txt { access_log off; log_not_found off; } location = /favicon.ico { access_log off; error_log off; log_not_found off; } location ~ /\. { access_log off; log_not_found off; deny all; } location ~ ~$ { access_log off; log_not_found off; deny all; } location ~* \.php$ { fastcgi_param HTTPS on; fastcgi_pass 127.0.0.1:9001; fastcgi_index index.php; fastcgi_split_path_info ^(.+\.php)(.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } } On Mon, Sep 10, 2012 at 8:16 AM, bwellsnc wrote: > I am wanting to utilize nginx with zencart. The issue I am having > isn't getting Zencart to work, but to recreate the .htaccess files > that are located underneath Zencart's sub directories. Below is the > .htaccess file located in the images directory. I can block with no > problem, it's allowing that I am having a problem with: > > > # > # @copyright Copyright 2003-2010 Zen Cart Development Team > # @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 > # @version $Id: .htaccess 16111 2010-04-29 22:39:02Z drbyte $ > # > # This is used with Apache WebServers > # > # The following blocks direct HTTP requests to all filetypes in this > directory recursively, except certain approved exceptions > # It also prevents the ability of any scripts to run. No type of > script, be it PHP, PERL or whatever, can normally be executed if > ExecCGI is disabled. > # Will also prevent people from seeing what is in the dir. and any > sub-directories > # > # For this to work, you must include either 'All' or at least: 'Limit' > and 'Indexes' parameters to the AllowOverride configuration in your > apache/conf/httpd.conf file. > # Additionally, if you want the added protection offered by the > OPTIONS directive below, you'll need to add 'Options' to the > AllowOverride list, if 'All' is not specified. > # Example: > # > # AllowOverride Limit Options Indexes > # > ############################### > > # deny *everything* > > Order Allow,Deny > Deny from all > > > # but now allow just *certain* necessary files: > > Order Allow,Deny > Allow from all > > > IndexIgnore */* > > > > Thanks for any help you can give! > > Brent From agentzh at gmail.com Fri Sep 14 22:22:45 2012 From: agentzh at gmail.com (agentzh) Date: Fri, 14 Sep 2012 15:22:45 -0700 Subject: Lua, memc and image_filter, image not resized via lua In-Reply-To: References: Message-ID: Hello! On Wed, Sep 12, 2012 at 8:02 AM, Markus Jelsma wrote: > > But we have one problem left, the images are not passed through the image filter at all when we do it via Lua. > This is because the standard ngx_image_filter module's output filter always runs *after* ngx_lua's subrequest capturing filter and there's no easy way to change this order. The response body of your subrequest is captured by ngx_lua *before* the ngx_image_filter's filter gets a chance to run. The solution is to do the image processing completely in Lua via existing Lua libraries like lua-gd: http://ittner.github.com/lua-gd/ Or you can take advantage of LuaJIT 2.0's excellent FFI API to call the libgd C API directly from within Lua: http://luajit.org/ext_ffi_tutorial.html Best regards, -agentzh From nginx-forum at nginx.us Fri Sep 14 23:17:26 2012 From: nginx-forum at nginx.us (rahul286) Date: Fri, 14 Sep 2012 19:17:26 -0400 Subject: Does fastcgi_cache depends on open_file_cache? Message-ID: <541832d74334454c05342ad035686cf0.NginxMailingListEnglish@forum.nginx.org> Hi All, I use Nginx on many sites and recently I thought to make use of fastcgi_cache to capture response of PHP-FPM. I want to put it in RAM (We have 32GB RAM. More than 50% of it is free) I am confused as some article suggests - declaring "open_file_cache" before we can make use of fastcgi_cache. Can't I directly use fastcgi_cache on /run/cache ? Please suggest. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230739,230739#msg-230739 From nginx-forum at nginx.us Sat Sep 15 02:55:29 2012 From: nginx-forum at nginx.us (GreenGecko) Date: Fri, 14 Sep 2012 22:55:29 -0400 Subject: cloudfront and compression Message-ID: In order to get cloudfront to deliver gzipped content I've had to change from gzip_http_version 1.1 to 1.0, and manually add_header Vary Accept-Encoding to the relevant sites. What I'm wondering is how this will affect the sites involved - is gzip_http_version 1.1 faster / slower than 1.0, or are there any other hidden gotchas?? Cheers, Steve Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230741,230741#msg-230741 From agentzh at gmail.com Sat Sep 15 06:15:32 2012 From: agentzh at gmail.com (agentzh) Date: Fri, 14 Sep 2012 23:15:32 -0700 Subject: Lua, memc and image_filter, image not resized via lua In-Reply-To: References: Message-ID: Hello! On Fri, Sep 14, 2012 at 3:22 PM, agentzh wrote: > > This is because the standard ngx_image_filter module's output filter > always runs *after* ngx_lua's subrequest capturing filter and there's > no easy way to change this order. The response body of your subrequest > is captured by ngx_lua *before* the ngx_image_filter's filter gets a > chance to run. > BTW, I've also just written a command-line utility named ngx-body-filters that can dump out all the output body filters of any running Nginx worker processes (on Linux) in the order they actually run. This tool is part of my Nginx SystemTap Toolkit: https://github.com/agentzh/nginx-systemtap-toolkit#ngx-body-filters For example, on my side, the nginx configured with both the ngx_lua and ngx_image_filter modules will give me the following result: $ ./ngx-body-filters -p 30132 Tracing 30132 (.../nginx/sbin/nginx)... ngx_http_range_body_filter ngx_http_copy_filter ngx_output_chain ngx_http_lua_capture_body_filter ngx_http_image_body_filter ngx_http_charset_body_filter ngx_http_ssi_body_filter ngx_http_postpone_filter ngx_http_gzip_body_filter ngx_http_chunked_body_filter ngx_http_write_filter 113 microseconds elapsed in the probe handler. where my nginx worker process pid is 30132. >From this output, we can see clearly that ngx_http_lua_capture_body_filter indeed runs before ngx_http_image_body_filter. So this tool is really handy in determining if there is an issue with the nginx output filter running order, which is often not so obvious for many users. Best regards, -agentzh From razinkov at gmail.com Sat Sep 15 06:55:55 2012 From: razinkov at gmail.com (Ilja Razinkov) Date: Sat, 15 Sep 2012 10:55:55 +0400 Subject: Lua, memc and image_filter, image not resized via lua In-Reply-To: References: Message-ID: You may consider user lua-gd, http://ittner.github.com/lua-gd/, which works just fine with LuaNginx We making crop+resize+masking of user-uploaded images in lua handlers with no problems On Sat, Sep 15, 2012 at 10:15 AM, agentzh wrote: > Hello! > > On Fri, Sep 14, 2012 at 3:22 PM, agentzh wrote: >> >> This is because the standard ngx_image_filter module's output filter >> always runs *after* ngx_lua's subrequest capturing filter and there's >> no easy way to change this order. The response body of your subrequest >> is captured by ngx_lua *before* the ngx_image_filter's filter gets a >> chance to run. >> > > BTW, I've also just written a command-line utility named > ngx-body-filters that can dump out all the output body filters of any > running Nginx worker processes (on Linux) in the order they actually > run. > > This tool is part of my Nginx SystemTap Toolkit: > > https://github.com/agentzh/nginx-systemtap-toolkit#ngx-body-filters > > For example, on my side, the nginx configured with both the ngx_lua > and ngx_image_filter modules will give me the following result: > > $ ./ngx-body-filters -p 30132 > Tracing 30132 (.../nginx/sbin/nginx)... > > ngx_http_range_body_filter > ngx_http_copy_filter > ngx_output_chain > ngx_http_lua_capture_body_filter > ngx_http_image_body_filter > ngx_http_charset_body_filter > ngx_http_ssi_body_filter > ngx_http_postpone_filter > ngx_http_gzip_body_filter > ngx_http_chunked_body_filter > ngx_http_write_filter > > 113 microseconds elapsed in the probe handler. > > where my nginx worker process pid is 30132. > > From this output, we can see clearly that > ngx_http_lua_capture_body_filter indeed runs before > ngx_http_image_body_filter. > > So this tool is really handy in determining if there is an issue with > the nginx output filter running order, which is often not so obvious > for many users. > > Best regards, > -agentzh > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx -- ? ?????????, ???????? ???? From al-nginx at none.at Sat Sep 15 10:52:38 2012 From: al-nginx at none.at (Aleksandar Lazic) Date: Sat, 15 Sep 2012 12:52:38 +0200 Subject: Q about don't log 400 errors Message-ID: Hi, I have follow the instruction on http://wiki.nginx.org/HWLoadbalancerCheckErrors but I still get the 400 entries in the access log. Please can anybody help, thanks. Cheers Aleks /opt/nginx/installed/sbin/nginx -V nginx version: nginx/1.3.4 built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) TLS SNI support enabled configure arguments: --prefix=/opt/nginx/installed --conf-path=/opt/nginx/conf/nginx.conf --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_geoip_module --with-http_gzip_static_module --with-http_secure_link_module --with-http_stub_status_module --without-http_ssi_module --http-client-body-temp-path=/opt/global_dir/temp_paths/client-body --http-proxy-temp-path=/opt/global_dir/temp_paths/http-proxy --http-fastcgi-temp-path=/opt/nginx/global_dir/fastcgi --http-uwsgi-temp-path=/opt/global_dir/temp_paths/uwsgi --http-scgi-temp-path=/opt/global_dir/temp_paths/scgi --with-debug --pid-path=/opt/global_dir/logs --error-log-path=/opt/global_dir/logs/default_error.log --http-log-path=/opt/global_dir/logs/default_access.log --pid-path=/opt/nginx/logs/nginx.pid ### nginx.conf http { ... geo $remote_addr $is_lb_400 { default 0; 127.0.0.1/32 1; } ... server { ... error_page 400 /400; location = /400 { if ($is_lb_400) { access_log off; } return 400; } ... } ### ### 2012/09/15 12:46:22 [debug] 24085#0: *131110 accept: 127.0.0.1 fd:4 2012/09/15 12:46:22 [debug] 24085#0: *131110 event timer add: 4: 60000:1347706042790 2012/09/15 12:46:22 [debug] 24085#0: *131110 epoll add event: fd:4 op:1 ev:80000001 2012/09/15 12:46:22 [debug] 24085#0: *131110 malloc: 0000000000DDE9B0:1280 2012/09/15 12:46:22 [debug] 24085#0: *131110 posix_memalign: 0000000000E1DA80:256 @16 2012/09/15 12:46:22 [debug] 24085#0: *131110 malloc: 0000000000E1DB90:1024 2012/09/15 12:46:22 [debug] 24085#0: *131110 posix_memalign: 0000000000D56690:4096 @16 2012/09/15 12:46:22 [debug] 24085#0: *131110 http process request line 2012/09/15 12:46:22 [debug] 24085#0: *131110 recv: fd:4 0 of 1024 2012/09/15 12:46:22 [info] 24085#0: *131110 client prematurely closed connection while reading client request line, client: 127.0.0.1, server: domain.com 2012/09/15 12:46:22 [debug] 24085#0: *131110 http finalize request: 400, "?" a:1, c:1 2012/09/15 12:46:22 [debug] 24085#0: *131110 http terminate request count:1 2012/09/15 12:46:22 [debug] 24085#0: *131110 http terminate cleanup count:1 blk:0 2012/09/15 12:46:22 [debug] 24085#0: *131110 http request count:1 blk:0 2012/09/15 12:46:22 [debug] 24085#0: *131110 http close request 2012/09/15 12:46:22 [debug] 24085#0: *131110 http log handler 2012/09/15 12:46:22 [debug] 24085#0: *131110 free: 0000000000D56690, unused: 2031 2012/09/15 12:46:22 [debug] 24085#0: *131110 close http connection: 4 2012/09/15 12:46:22 [debug] 24085#0: *131110 event timer del: 4: 1347706042790 2012/09/15 12:46:22 [debug] 24085#0: *131110 reusable connection: 0 2012/09/15 12:46:22 [debug] 24085#0: *131110 free: 0000000000E1DB90 2012/09/15 12:46:22 [debug] 24085#0: *131110 free: 0000000000DDE9B0 2012/09/15 12:46:22 [debug] 24085#0: *131110 free: 0000000000D54AB0, unused: 8 2012/09/15 12:46:22 [debug] 24085#0: *131110 free: 0000000000E1DA80, unused: 128 ### From nginx-forum at nginx.us Sat Sep 15 11:52:30 2012 From: nginx-forum at nginx.us (mk.fg) Date: Sat, 15 Sep 2012 07:52:30 -0400 Subject: [PATCH] (re-post) Add "optional_no_ca" option to ssl_verify_client to enable app-only CA chain validation Message-ID: Re-post of patch from http://forum.nginx.org/read.php?2,228761,229586#msg-229586 Updated version of the patch in the original thread haven't received any new attention, it seems, and I've received several inquiries now about the status of this work, so this thread is basically an attempt to draw more attention to this patch. Use-case is the same as before - enable CA-chain validation in the application only - but with all non-CA-chain validation handled by nginx, so it won't be necessary to duplicate (and possibly mess-up) these details (handled by openssl) in application code. For more details on reasoning behind the use-case and the previous comments on how it should be implemented, please see the original '[PATCH] Add "pass_only" option to ssl_verify_client to enable app-only validation' thread (linked for the web interface above). Notes from original thread on the latest patch incarnation: > Option is now called "optional_no_ca", as suggested, and allows to check all > certificate parameters except for a trust chain. I've used > ssl_verify_error_is_optional macro (listing trust-chain related errors) directly > from apache 2.4.2 codebase. > Note that since ngx_ssl_get_client_verify now has to access configuration, which > is accessible from ngx_http_request_t, it wasn't enough to pass ngx_connection_t > to it, plus it was only used from ngx_http_ssl_module.c, so I've moved the > modified version of it into ngx_http_ssl_module.c, to avoid having to include > http-only stuff into ngx_event_openssl.c. If that was a bad idea, and there's a > need to keep that function generic (non-http-only), please suggest whether > generic copy should just be kept in ngx_event_openssl.c, it's signature should > be extended to have http-specific options or maybe there should be conditional > includes for http stuff. > URL for the patch: https://raw.github.com/gist/3319062/ (I'm not posting the patch inline here, because forum interface seem to break it anyway, but it can also be found inline in the original thread) Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230748,230748#msg-230748 From nginx-forum at nginx.us Sat Sep 15 12:07:26 2012 From: nginx-forum at nginx.us (elf-pavlik) Date: Sat, 15 Sep 2012 08:07:26 -0400 Subject: [PATCH] (re-post) Add "optional_no_ca" option to ssl_verify_client to enable app-only CA chain validation In-Reply-To: References: Message-ID: <387943c309d49668d7029ca84a1daedd.NginxMailingListEnglish@forum.nginx.org> bumping +1 required for http://webid.info/ developed in W3C Community Group: http://www.w3.org/community/webid/ Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230748,230749#msg-230749 From markus.jelsma at openindex.io Sat Sep 15 12:21:54 2012 From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=) Date: Sat, 15 Sep 2012 12:21:54 +0000 Subject: Lua, memc and image_filter, image not resized via lua In-Reply-To: References: Message-ID: Ilja, agentzh, Thanks for sharing your comments. I was afraid it would be a phase issue. I'll check the toolkit and LuaGD. -----Original message----- > From:Ilja Razinkov > Sent: Sat 15-Sep-2012 08:59 > To: nginx at nginx.org > Subject: Re: Lua, memc and image_filter, image not resized via lua > > You may consider user lua-gd, http://ittner.github.com/lua-gd/, which > works just fine with LuaNginx > We making crop+resize+masking of user-uploaded images in lua handlers > with no problems > > On Sat, Sep 15, 2012 at 10:15 AM, agentzh wrote: > > Hello! > > > > On Fri, Sep 14, 2012 at 3:22 PM, agentzh wrote: > >> > >> This is because the standard ngx_image_filter module's output filter > >> always runs *after* ngx_lua's subrequest capturing filter and there's > >> no easy way to change this order. The response body of your subrequest > >> is captured by ngx_lua *before* the ngx_image_filter's filter gets a > >> chance to run. > >> > > > > BTW, I've also just written a command-line utility named > > ngx-body-filters that can dump out all the output body filters of any > > running Nginx worker processes (on Linux) in the order they actually > > run. > > > > This tool is part of my Nginx SystemTap Toolkit: > > > > https://github.com/agentzh/nginx-systemtap-toolkit#ngx-body-filters > > > > For example, on my side, the nginx configured with both the ngx_lua > > and ngx_image_filter modules will give me the following result: > > > > $ ./ngx-body-filters -p 30132 > > Tracing 30132 (.../nginx/sbin/nginx)... > > > > ngx_http_range_body_filter > > ngx_http_copy_filter > > ngx_output_chain > > ngx_http_lua_capture_body_filter > > ngx_http_image_body_filter > > ngx_http_charset_body_filter > > ngx_http_ssi_body_filter > > ngx_http_postpone_filter > > ngx_http_gzip_body_filter > > ngx_http_chunked_body_filter > > ngx_http_write_filter > > > > 113 microseconds elapsed in the probe handler. > > > > where my nginx worker process pid is 30132. > > > > From this output, we can see clearly that > > ngx_http_lua_capture_body_filter indeed runs before > > ngx_http_image_body_filter. > > > > So this tool is really handy in determining if there is an issue with > > the nginx output filter running order, which is often not so obvious > > for many users. > > > > Best regards, > > -agentzh > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > > > -- > ? ?????????, ???????? ???? > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From nginx-forum at nginx.us Sat Sep 15 13:35:25 2012 From: nginx-forum at nginx.us (Sylvia) Date: Sat, 15 Sep 2012 09:35:25 -0400 Subject: Is it possible to run a shared php-pool while keeping security? In-Reply-To: <5251d1aaa49be09c882cf8e855a0a7b4.NginxMailingListEnglish@forum.nginx.org> References: <1dd1859c3f3c92aa6407da59fb8f07d0.NginxMailingListEnglish@forum.nginx.org> <9182d4f3dfcc9cfb1129bbcf6c11be6c.NginxMailingListEnglish@forum.nginx.org> <5251d1aaa49be09c882cf8e855a0a7b4.NginxMailingListEnglish@forum.nginx.org> Message-ID: It will need to spawn the pool, if you're on ultra-cheap-ultra-low-powered vps, this can be slow, because of slow cpu, low ram and very small disk cache portion which belongs to your vps, on a dedicated machine with 2 GB ram i dont notice any delays with spawning fpm pools on demand. Anyway i dont see much options for you with 128 Megs, even better configs can be slow, depending on the vps provider and hypervisor they use. Additional suggestion to you - remove PHP extensions which are not needed extension=hash.so extension=session.so extension=dom.so extension=xml.so extension=mysql.so extension=mbstring.so extension=zlib.so extension=gd.so extension=curl.so extension=json.so ;extension=bcmath.so extension=exif.so extension=mcrypt.so extension=simplexml.so ;extension=pdo_mysql.so extension=sysvmsg.so extension=tokenizer.so extension=ctype.so extension=mysqli.so extension=iconv.so extension=gmp.so extension=openssl.so extension=gettext.so extension=zip.so anything except that list is most likely just hogging your RAM ) Make sure to install a PHP opcode cache (not less than 32M), it will hog its own piece of RAM but will decrease RAM consumption for processing scripts, i.e. Wordpress 28 Mb to 4 Mb, eaccelerator still can swap to disk precompiled scripts, therefore (at my look) it will be the best choice (you will need master branch from GIT for PHP 5.4) Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230730,230745#msg-230745 From F.Ruske at flyeralarm.de Sat Sep 15 14:43:23 2012 From: F.Ruske at flyeralarm.de (Frank Ruske) Date: Sat, 15 Sep 2012 16:43:23 +0200 Subject: AW: Map using regular expresion limited to {2} chars In-Reply-To: <201209141458.25787.ne@vbart.ru> References: , <201209141458.25787.ne@vbart.ru> Message-ID: Thank you. Did not saw that in the docs. My fault Regards Frank ________________________________________ Von: nginx-bounces at nginx.org [nginx-bounces at nginx.org] im Auftrag von Valentin V. Bartenev [ne at vbart.ru] Gesendet: Freitag, 14. September 2012 12:58 An: nginx at nginx.org Betreff: Re: Map using regular expresion limited to {2} chars On Friday 14 September 2012 13:21:06 Frank Ruske wrote: [...] > But when i try it this way: > > map $uri $myclient { > default noclient; > ~/(?[a-z]{2})/ $suffix; > } > > i get the following error: > nginx: [emerg] invalid number of the map parameters www.vm:17 > [...] > > Any ideas? Thank you! > If a regular expression includes the characters ?}? or ?;?, the whole expressions should be enclosed in single or double quotes. wbr, Valentin V. Bartenev -- http://nginx.org/en/donation.html http://nginx.com/support.html _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx From nginx-forum at nginx.us Sat Sep 15 23:55:49 2012 From: nginx-forum at nginx.us (justin) Date: Sat, 15 Sep 2012 19:55:49 -0400 Subject: Auto detect the number of CPU's and set worker_processes Message-ID: <48a08208c9feec2333d8406bc591bea3.NginxMailingListEnglish@forum.nginx.org> I am trying to get fancy and have `nginx.conf` auto-detect the number of CPU's on the server and then set `worker_processes` to that number. Here is what I have: worker_processes $(cat /proc/cpuinfo | grep "processor" | sort -u | wc -l); Unfortunately, that is throwing an error on nginx start. Is it even possible to run shell commands from inside nginx configuration files? Thanks. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230757,230757#msg-230757 From zhuzhaoyuan at gmail.com Sun Sep 16 03:48:19 2012 From: zhuzhaoyuan at gmail.com (Joshua Zhu) Date: Sun, 16 Sep 2012 11:48:19 +0800 Subject: Auto detect the number of CPU's and set worker_processes In-Reply-To: <48a08208c9feec2333d8406bc591bea3.NginxMailingListEnglish@forum.nginx.org> References: <48a08208c9feec2333d8406bc591bea3.NginxMailingListEnglish@forum.nginx.org> Message-ID: Hi, On Sun, Sep 16, 2012 at 7:55 AM, justin wrote: > I am trying to get fancy and have `nginx.conf` auto-detect the number of > CPU's on the server and then set `worker_processes` to that number. Here is > what I have: > > worker_processes $(cat /proc/cpuinfo | grep "processor" | sort -u | wc > -l); > > Unfortunately, that is throwing an error on nginx start. Is it even > possible > to run shell commands from inside nginx configuration files? > It's not supported in current nginx. But you may try out tengine, which is a nginx distribution and has the exact feature you want: http://tengine.taobao.org/document/core.html More features can be found at: http://tengine.taobao.org/ Regards, -- Joshua Zhu Senior Software Engineer Server Platforms Team at Taobao -------------- next part -------------- An HTML attachment was scrubbed... URL: From zhuzhaoyuan at gmail.com Sun Sep 16 11:56:42 2012 From: zhuzhaoyuan at gmail.com (Joshua Zhu) Date: Sun, 16 Sep 2012 19:56:42 +0800 Subject: Does fastcgi_cache depends on open_file_cache? In-Reply-To: <541832d74334454c05342ad035686cf0.NginxMailingListEnglish@forum.nginx.org> References: <541832d74334454c05342ad035686cf0.NginxMailingListEnglish@forum.nginx.org> Message-ID: Hi, On Sat, Sep 15, 2012 at 7:17 AM, rahul286 wrote: > Hi All, > > I use Nginx on many sites and recently I thought to make use of > fastcgi_cache to capture response of PHP-FPM. > > I want to put it in RAM (We have 32GB RAM. More than 50% of it is free) > > I am confused as some article suggests - declaring "open_file_cache" before > we can make use of fastcgi_cache. > No. "open_file_cache" is related to open file descriptors: http://nginx.org/en/docs/http/ngx_http_core_module.html#open_file_cache and "fastcgi_cache" is only related to HTTP cache. They are two different things. > Can't I directly use fastcgi_cache on /run/cache ? > Yes, you can. Regards, -- Joshua Zhu Senior Software Engineer Server Platforms Team at Taobao -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Sun Sep 16 12:54:56 2012 From: nginx-forum at nginx.us (rahul286) Date: Sun, 16 Sep 2012 08:54:56 -0400 Subject: Does fastcgi_cache depends on open_file_cache? In-Reply-To: References: Message-ID: Thanks Joshua. :-) Got it working directly. It turned out to be easier than I thought. Only thing complicated was no support for something like fastcgi_cache_purge in core I need to remove official nginx & go through recompilation with https://github.com/FRiCKLE/ngx_cache_purge I hope someday, something like this will be part of Nginx core... Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230739,230762#msg-230762 From nginx-forum at nginx.us Mon Sep 17 07:05:12 2012 From: nginx-forum at nginx.us (nri.pl) Date: Mon, 17 Sep 2012 03:05:12 -0400 Subject: [PATH] support for UNIX socket in abstract namespace In-Reply-To: <20110523183726.GE39527@sysoev.ru> References: <20110523183726.GE39527@sysoev.ru> Message-ID: <2ac039d5c22fa068710fc16c39472fda.NginxMailingListEnglish@forum.nginx.org> In addition to this discussion, I found this: http://forum.nginx.org/read.php?29,230660,230660 I wonder if this patch is included in the main code? I could not use unix domain sockets in abstract namespace, like this: unix:@socket_name nor: unix:\0socket_name in nginx/1.3.6 What are the chances of include this patch, where is the problem? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,200086,230765#msg-230765 From mdounin at mdounin.ru Mon Sep 17 09:43:28 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 17 Sep 2012 13:43:28 +0400 Subject: Auto detect the number of CPU's and set worker_processes In-Reply-To: <48a08208c9feec2333d8406bc591bea3.NginxMailingListEnglish@forum.nginx.org> References: <48a08208c9feec2333d8406bc591bea3.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120917094328.GY40452@mdounin.ru> Hello! On Sat, Sep 15, 2012 at 07:55:49PM -0400, justin wrote: > I am trying to get fancy and have `nginx.conf` auto-detect the number of > CPU's on the server and then set `worker_processes` to that number. Here is > what I have: > > worker_processes $(cat /proc/cpuinfo | grep "processor" | sort -u | wc > -l); > > Unfortunately, that is throwing an error on nginx start. Is it even possible > to run shell commands from inside nginx configuration files? No, it's not currently supported. You may try e.g. make + sed (or any other templating system) to do this, as well as many other macro-expansion related things. Maxim Dounin From igor at sysoev.ru Mon Sep 17 09:55:52 2012 From: igor at sysoev.ru (Igor Sysoev) Date: Mon, 17 Sep 2012 13:55:52 +0400 Subject: Auto detect the number of CPU's and set worker_processes In-Reply-To: <48a08208c9feec2333d8406bc591bea3.NginxMailingListEnglish@forum.nginx.org> References: <48a08208c9feec2333d8406bc591bea3.NginxMailingListEnglish@forum.nginx.org> Message-ID: On Sep 16, 2012, at 3:55 , justin wrote: > I am trying to get fancy and have `nginx.conf` auto-detect the number of > CPU's on the server and then set `worker_processes` to that number. Here is > what I have: > > worker_processes $(cat /proc/cpuinfo | grep "processor" | sort -u | wc > -l); > > Unfortunately, that is throwing an error on nginx start. Is it even possible > to run shell commands from inside nginx configuration files? You can configure it via command line: nginx -g "worker_processes `cat /proc/cpuinfo | grep "processor" | sort -u | wc -l`;" -- Igor Sysoev http://nginx.com/support.html From varia at e-healthexpert.org Mon Sep 17 11:34:46 2012 From: varia at e-healthexpert.org (Mark Alan) Date: Mon, 17 Sep 2012 12:34:46 +0100 Subject: Auto detect the number of CPU's and set worker_processes In-Reply-To: <48a08208c9feec2333d8406bc591bea3.NginxMailingListEnglish@forum.nginx.org> References: <48a08208c9feec2333d8406bc591bea3.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120917123446.0f1a8fc0@e-healthexpert.org> On Sat, 15 Sep 2012 19:55:49 -0400, "justin" wrote: > I am trying to get fancy and have `nginx.conf` auto-detect Not knowing how to auto-detect it, I usually just excute this as ROOT: sed -i '/^worker_processes/s,[0-9]\+,'"$(sort -u /proc/cpuinfo | grep -c processor)"',' /etc/nginx/nginx.conf From nginx-forum at nginx.us Mon Sep 17 12:47:33 2012 From: nginx-forum at nginx.us (Kalazath) Date: Mon, 17 Sep 2012 08:47:33 -0400 Subject: r->connection->addr_text.data leak or ? Message-ID: <2cb82a83dde336e1e436b19b61a695c0.NginxMailingListEnglish@forum.nginx.org> I'm writing a new module for ip stuffs and i noticed something new. ngx_log_debug(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ip_checker: %s", r->connection->addr_text.data); 2012/09/17 15:31:56 [debug] 17038#0: *10 ip_checker: xxx.156.62.158 2012/09/17 15:31:57 [debug] 17038#0: *11 ip_checker: xxx.156.62.158 2012/09/17 15:32:02 [debug] 17038#0: *12 ip_checker: xxx.30.52.71 2012/09/17 15:32:03 [debug] 17038#0: *13 ip_checker: xxx.30.52.70 2012/09/17 15:32:08 [debug] 17038#0: *14 ip_checker: xxx.30.52.7158 << wtf? 2012/09/17 15:32:08 [debug] 17038#0: *15 ip_checker: xxx.30.52.7158 << wtf? 2012/09/17 15:32:09 [debug] 17038#0: *16 ip_checker: xxx.30.52.7358 << wtf? is this leak or something? full module code http://pastebin.com/kcuf0pVM Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230779,230779#msg-230779 From nginx-forum at nginx.us Mon Sep 17 12:49:55 2012 From: nginx-forum at nginx.us (Kalazath) Date: Mon, 17 Sep 2012 08:49:55 -0400 Subject: r->connection->addr_text.data leak or ? In-Reply-To: <2cb82a83dde336e1e436b19b61a695c0.NginxMailingListEnglish@forum.nginx.org> References: <2cb82a83dde336e1e436b19b61a695c0.NginxMailingListEnglish@forum.nginx.org> Message-ID: <32d1262ae3da4938494dc359216ce794.NginxMailingListEnglish@forum.nginx.org> version 1.2.3 platform linux x86_64 configure parameters ./configure --prefix=/usr --add-module=../ngx_ip_checker/ --with-debug Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230779,230781#msg-230781 From simohayha.bobo at gmail.com Mon Sep 17 12:59:14 2012 From: simohayha.bobo at gmail.com (Simon Liu) Date: Mon, 17 Sep 2012 20:59:14 +0800 Subject: r->connection->addr_text.data leak or ? In-Reply-To: <32d1262ae3da4938494dc359216ce794.NginxMailingListEnglish@forum.nginx.org> References: <2cb82a83dde336e1e436b19b61a695c0.NginxMailingListEnglish@forum.nginx.org> <32d1262ae3da4938494dc359216ce794.NginxMailingListEnglish@forum.nginx.org> Message-ID: Hello! On Mon, Sep 17, 2012 at 8:49 PM, Kalazath wrote: > version 1.2.3 > platform linux x86_64 > > configure parameters > ./configure --prefix=/usr --add-module=../ngx_ip_checker/ --with-debug > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,230779,230781#msg-230781 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > you should ues "%V" in format message. ngx_log_debug(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ip_checker: %V", &r->connection->addr_text); -- do not fear to be eccentric in opinion, for every opinion now accepted was once eccentric. -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Mon Sep 17 15:52:15 2012 From: nginx-forum at nginx.us (n1xman) Date: Mon, 17 Sep 2012 11:52:15 -0400 Subject: nginx_cross_origin_module on nginx-1.2.1 - solved In-Reply-To: References: Message-ID: <5cf60d59e61043c4578f11d809dec615.NginxMailingListEnglish@forum.nginx.org> OK, It my bad. I checked with Origin request header and its working. :) Thanks ??? for the nice module and it works with nginx-1.2.1 too :) Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230641,230788#msg-230788 From mdounin at mdounin.ru Mon Sep 17 19:20:47 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 17 Sep 2012 23:20:47 +0400 Subject: Error: Rewrite or internal redirection cycle after some time In-Reply-To: <1a6b33eef91d1b4790a3491c3cbd8b42.NginxMailingListEnglish@forum.nginx.org> References: <1a6b33eef91d1b4790a3491c3cbd8b42.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120917192047.GK40452@mdounin.ru> Hello! On Fri, Sep 14, 2012 at 02:47:09PM -0400, thiagotognoli wrote: > My nginx configuration works fine, but suddenly after some time (mostly > days) he begins to answer 3x and the error occurs in the log below for all > requests: > > 2012/09/13 17:15:35 [error] 26027#0: *4923 rewrite or internal redirection > cycle while processing "/index.php", client: 201.26.2.XXX, server: > www.XXX.com.br, request: "GET /checkout/cart/ HTTP/1.1", upstream: > "fastcgi://unix:/var/run/php5-fpm-xxx.sock:", host: "www.XXX.com.br", > referrer: "http://www.XXX.com.br/product-xxx.html" > > > The error only after I reload nginx configuration with "/etc/init.d/nginx > reload" > > What can it be? My best guest is that somebody removes /index.php (to replace it with a new one?) + open_file_cache (configured at global level?) + the fact that there is infinite loop in your config if there is no /index.php. [...] Maxim Dounin From nginx-forum at nginx.us Mon Sep 17 20:34:27 2012 From: nginx-forum at nginx.us (venkat) Date: Mon, 17 Sep 2012 16:34:27 -0400 Subject: nginx modifying the jsonp response message Message-ID: <99a4c3fd80c00278bdba87e7caeb81f6.NginxMailingListEnglish@forum.nginx.org> Hi, We are creating a web api application. In one of our API's if there are any validation errors, we are returning the error message in JSONP format. In the API Request URL user adds a query string parameter ?jsoncallback=xxxxxxxxxx. On validation failure we are throwing a 400 bad request JSONP with response message in the below format. xxxxxxxxxx({"error","error message"}) It is working good in all the environments, where there is no nginx. In our staging environment we have nginx configured. Here it is modifying the output as below. badrequest{"error","error message"}) Because of this our front end application is unable to read the response message. Could you please let me know, what configuration setting of nginx could cause this problem? Thanks in Advance Venkat. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230799,230799#msg-230799 From nginx-forum at nginx.us Mon Sep 17 23:38:49 2012 From: nginx-forum at nginx.us (eiji-gravion) Date: Mon, 17 Sep 2012 19:38:49 -0400 Subject: Some requests not getting logged Message-ID: <65dba811d8d90f9e99ce8d854babfa85.NginxMailingListEnglish@forum.nginx.org> Hello, I've noticed that some (seemingly random) requests get logged as 400 and 408 codes without 301 or 200 codes showing up in the logs. This seems to occur a lot when redirecting people from http > https via a 301 redirect, the 301 redirect will in many cases not appear at all in the logs but will instead show the following after some time has passed: - - 24.**.***.** - - [17/Sep/2012:19:19:07 -0400] "-" 400 0 "-" "-" "-" "-" I've also seen some https requests not show up in the logs at all as 200 codes, but will eventually display 408 codes: TLSv1 ECDHE-RSA-RC4-SHA 213.***.***.** - - [17/Sep/2012:18:30:31 -0400] "-" 408 0 "-" "-" "-" "-" I've also been able to confirm that all of these requests are successful, so is this something wrong with the logging, or is this normal behavior? To me it seems buggy how someone could make a 301 or 200 code request, and be completely hidden in the access logs other than the eventual 400/408s. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230801,230801#msg-230801 From cickumqt at gmail.com Tue Sep 18 01:03:04 2012 From: cickumqt at gmail.com (Christopher Meng) Date: Tue, 18 Sep 2012 09:03:04 +0800 Subject: Some requests not getting logged In-Reply-To: <65dba811d8d90f9e99ce8d854babfa85.NginxMailingListEnglish@forum.nginx.org> References: <65dba811d8d90f9e99ce8d854babfa85.NginxMailingListEnglish@forum.nginx.org> Message-ID: I also met this problem with 1gb+ log increasing everyday...... -- *Yours sincerely,* *Christopher Meng* Ambassador/Contributor of Fedora Project and many others. http://cicku.me http://mirrors.cicku.me -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Tue Sep 18 06:46:53 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 18 Sep 2012 10:46:53 +0400 Subject: Some requests not getting logged In-Reply-To: <65dba811d8d90f9e99ce8d854babfa85.NginxMailingListEnglish@forum.nginx.org> References: <65dba811d8d90f9e99ce8d854babfa85.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120918064653.GN40452@mdounin.ru> Hello! On Mon, Sep 17, 2012 at 07:38:49PM -0400, eiji-gravion wrote: > Hello, > > I've noticed that some (seemingly random) requests get logged as 400 and 408 > codes without 301 or 200 codes showing up in the logs. > > This seems to occur a lot when redirecting people from http > https via a > 301 redirect, the 301 redirect will in many cases not appear at all in the > logs but will instead show the following after some time has passed: > > - - 24.**.***.** - - [17/Sep/2012:19:19:07 -0400] "-" 400 0 "-" "-" "-" "-" > > I've also seen some https requests not show up in the logs at all as 200 > codes, but will eventually display 408 codes: > > TLSv1 ECDHE-RSA-RC4-SHA 213.***.***.** - - [17/Sep/2012:18:30:31 -0400] "-" > 408 0 "-" "-" "-" "-" > > I've also been able to confirm that all of these requests are successful, so > is this something wrong with the logging, or is this normal behavior? > > To me it seems buggy how someone could make a 301 or 200 code request, and > be completely hidden in the access logs other than the eventual 400/408s. Most likely this is a result of a cached response being used by a browser, while in logs you see only a connection which was open by the browser but no requests were sent in it. Maxim Dounin From mdounin at mdounin.ru Tue Sep 18 06:55:50 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 18 Sep 2012 10:55:50 +0400 Subject: nginx modifying the jsonp response message In-Reply-To: <99a4c3fd80c00278bdba87e7caeb81f6.NginxMailingListEnglish@forum.nginx.org> References: <99a4c3fd80c00278bdba87e7caeb81f6.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120918065550.GO40452@mdounin.ru> Hello! On Mon, Sep 17, 2012 at 04:34:27PM -0400, venkat wrote: > Hi, > > We are creating a web api application. In one of our API's if there are any > validation errors, we are returning the error message in JSONP format. In > the API Request URL user adds a query string parameter > ?jsoncallback=xxxxxxxxxx. > > On validation failure we are throwing a 400 bad request JSONP with response > message in the below format. > > xxxxxxxxxx({"error","error message"}) > > It is working good in all the environments, where there is no nginx. In our > staging environment we have nginx configured. > > Here it is modifying the output as below. > > badrequest{"error","error message"}) > > Because of this our front end application is unable to read the response > message. > > Could you please let me know, what configuration setting of nginx could > cause this problem? I would suggest that this is caused by error_page 400 + proxy_intercept_errors configured. Maxim Dounin From mdounin at mdounin.ru Tue Sep 18 07:35:18 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 18 Sep 2012 11:35:18 +0400 Subject: Q about don't log 400 errors In-Reply-To: References: Message-ID: <20120918073518.GP40452@mdounin.ru> Hello! On Sat, Sep 15, 2012 at 12:52:38PM +0200, Aleksandar Lazic wrote: > Hi, > > I have follow the instruction on > > http://wiki.nginx.org/HWLoadbalancerCheckErrors > > but I still get the 400 entries in the access log. > > Please can anybody help, thanks. [...] > server { > ... > error_page 400 /400; Is it the default server? Note that it will work only in default one, as there is no Host header available to find out name-based virtual host. Maxim Dounin From mdounin at mdounin.ru Tue Sep 18 07:43:55 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 18 Sep 2012 11:43:55 +0400 Subject: [PATCH] (re-post) Add "optional_no_ca" option to ssl_verify_client to enable app-only CA chain validation In-Reply-To: References: Message-ID: <20120918074355.GQ40452@mdounin.ru> Hello! On Sat, Sep 15, 2012 at 07:52:30AM -0400, mk.fg wrote: > Re-post of patch from > http://forum.nginx.org/read.php?2,228761,229586#msg-229586 > Updated version of the patch in the original thread haven't received any new > attention, it seems, and I've received several inquiries now about the > status of this work, so this thread is basically an attempt to draw more > attention to this patch. > > Use-case is the same as before - enable CA-chain validation in the > application only - but with all non-CA-chain validation handled by nginx, so > it won't be necessary to duplicate (and possibly mess-up) these details > (handled by openssl) in application code. You may want to join discussion here, about the similar patch submitted: http://mailman.nginx.org/pipermail/nginx-devel/2012-August/002643.html In particular, I would like someone to actually test if the error_page 495 aproach works instead as suggested here: http://mailman.nginx.org/pipermail/nginx-devel/2012-August/002650.html And a quick comment for your patch: I tend to think that introduction of ngx_http_ssl_variable_get_client_verify() is misleading. We shouldn't try to claim the certificate was verified unless it actually was. Maxim Dounin From nginx-forum at nginx.us Tue Sep 18 08:34:30 2012 From: nginx-forum at nginx.us (eiji-gravion) Date: Tue, 18 Sep 2012 04:34:30 -0400 Subject: proper setup for forward secrecy In-Reply-To: References: <20120810090706.GB40452@mdounin.ru> Message-ID: <110ae62f699e1f557ddc5a674b5124f6.NginxMailingListEnglish@forum.nginx.org> Hello, Still curious about this, it would be nice to have a way to rotate these keys without having to restart the server. Thanks Posted at Nginx Forum: http://forum.nginx.org/read.php?2,229538,230811#msg-230811 From t.hipp at raumobil.de Tue Sep 18 09:29:18 2012 From: t.hipp at raumobil.de (Tobias Hipp) Date: Tue, 18 Sep 2012 11:29:18 +0200 Subject: Name of upstream is returned to a client and not resolved to a server Message-ID: <50583EEE.6010008@raumobil.de> Hello everybody, I'd like to setup nginx as a softwareloadbalancer, balancing incoming requests to different tomcats. In order to achiev my goal, i defined some upstreams like this: upstream myupstream { server 192.168.x.y:8080 weight=1 max_fails=10 fail_timeout=60s; server 192.168.x.z:8080 weight=1 max_fails=10 fail_timeout=60s; } Surfing to mysubdomain.mysite.com is handled by this location block in a serverblock with the servername mysubdomain.mysite.com: location = / { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://myupstream/home/index?layoutTheme=mysubdomain_theme; } This still works fine. But when i click a link on that webpage, leading to the startpage of the website (the link is something like http://mysubdomain.mysite.com/home/index?layoutTheme=mysubdomain_theme) I get an error message. The request, produced by that link should be handled by this location block in the same server block: location / { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://myupstream; } A Chromium based browser shows "Error 105 (net::ERR_NAME_NOT_RESOLVED):" and Firefox tells me, that the server www.myupstream.com could not be found. Can anyone help me locate the mistake I made in my configuration? I'm using Ubuntu server 12.04.1 and nginx 1.2.3 out of the nginx repository. Have a nice Day T.Hipp From nginx-forum at nginx.us Tue Sep 18 19:03:12 2012 From: nginx-forum at nginx.us (venkat) Date: Tue, 18 Sep 2012 15:03:12 -0400 Subject: nginx modifying the jsonp response message In-Reply-To: <20120918065550.GO40452@mdounin.ru> References: <20120918065550.GO40452@mdounin.ru> Message-ID: <49cabab524d6646a8eacf3224d70fd7e.NginxMailingListEnglish@forum.nginx.org> Sorry for the above post. Actually the problem is not due to nginx. It is due to IIS 7.5 in our staging server which is causing the problem. Below configuration change in web.config has fixed it. Thanks, Venkat. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230799,230822#msg-230822 From francis at daoine.org Tue Sep 18 20:10:05 2012 From: francis at daoine.org (Francis Daly) Date: Tue, 18 Sep 2012 21:10:05 +0100 Subject: Name of upstream is returned to a client and not resolved to a server In-Reply-To: <50583EEE.6010008@raumobil.de> References: <50583EEE.6010008@raumobil.de> Message-ID: <20120918201005.GB17159@craic.sysops.org> On Tue, Sep 18, 2012 at 11:29:18AM +0200, Tobias Hipp wrote: Hi there, > location = / { > proxy_set_header X-Forwarded-Host $host; > proxy_set_header X-Forwarded-Server $host; > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > proxy_pass > http://myupstream/home/index?layoutTheme=mysubdomain_theme; > } > > This still works fine. But when i click a link on that webpage, leading > to the startpage of the website (the link is something like > http://mysubdomain.mysite.com/home/index?layoutTheme=mysubdomain_theme) > I get an error message. > A Chromium based browser shows "Error 105 (net::ERR_NAME_NOT_RESOLVED):" > and Firefox tells me, that the server www.myupstream.com could not be > found. That sounds like the links are referring to http://myupstream, and the two browsers have different error reporting/correcting behaviours. If you view the source returned from the original http://mysubdomain.mysite.com/ request, you may see that there. > Can anyone help me locate the mistake I made in my configuration? I guess that the tomcats are building "full" links instead of relative ones. Or else they are issuing http redirects, and are not using the server name you want them to. Possibly adding proxy_set_header Host $host; or any variation that uses the appropriate "mysubdomain.mysite.com" into the two location{}s will cause the tomcats to build full links using the public hostname. If you look at the output of "curl -i" or each request, you might see exactly what is going on. f -- Francis Daly francis at daoine.org From contact at jpluscplusm.com Tue Sep 18 20:55:40 2012 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Tue, 18 Sep 2012 21:55:40 +0100 Subject: Some requests not getting logged In-Reply-To: References: <65dba811d8d90f9e99ce8d854babfa85.NginxMailingListEnglish@forum.nginx.org> <20120918064653.GN40452@mdounin.ru> Message-ID: On 18 September 2012 07:46, Maxim Dounin wrote: > On Mon, Sep 17, 2012 at 07:38:49PM -0400, eiji-gravion wrote: >> I've noticed that some (seemingly random) requests get logged as 400 and 408 >> codes without 301 or 200 codes showing up in the logs. >> >> This seems to occur a lot when redirecting people from http > https via a >> 301 redirect, the 301 redirect will in many cases not appear at all in the >> logs but will instead show the following after some time has passed: >> >> - - 24.**.***.** - - [17/Sep/2012:19:19:07 -0400] "-" 400 0 "-" "-" "-" "-" >> >> I've also seen some https requests not show up in the logs at all as 200 >> codes, but will eventually display 408 codes: >> >> TLSv1 ECDHE-RSA-RC4-SHA 213.***.***.** - - [17/Sep/2012:18:30:31 -0400] "-" >> 408 0 "-" "-" "-" "-" >> > Most likely this is a result of a cached response being used by a > browser, while in logs you see only a connection which was open by > the browser but no requests were sent in it. I agree. I believe we already covered this here on the list a while ago, didn't we? I seem to recall it's caused by UAs optimistically opening (multiple?) connections to origin servers, and then closing them after they go unused. I.e. with no data transferred (i.e. 400/408 depending on protocol). I suspect you see these at HTTP->HTTPS redirection as that's the point at which the UA notices that it's no longer accessing the HTTP://site/ , and closes the unused/cached/fallow optimistic HTTP connections it had opened in /case/ the user continued browsing over HTTP. My 2 cents, Jonathan -- Jonathan Matthews Oxford, London, UK http://www.jpluscplusm.com/contact.html From ianevans at digitalhit.com Wed Sep 19 00:25:53 2012 From: ianevans at digitalhit.com (Ian M. Evans) Date: Tue, 18 Sep 2012 20:25:53 -0400 Subject: Subdirectory still redirecting to www. despite rule Message-ID: <2c4f3d1dc96a8008609923da94105724.squirrel@www.digitalhit.com> This issue is connected to the threads rewrite to www EXCEPT for one directory (http://www.ruby-forum.com/topic/4405551) and Nginx location rule for Wordpress Multisite in subdirectories (http://www.ruby-forum.com/topic/4405180) After making the changes to my nginx.conf. I reloaded the config. After going to example.com/blogs/wp-admin/install.php the browser still redirected to www.example.com/blogs/wp-admin/install.php Here are the applicable lines in the conf: server { server_name example.com; listen 80; location / { return 301 http://www.example.com$request_uri; } location ^~ /blogs { try_files $uri /blogs/index.php?q=$uri; location ~ \.php$ { fastcgi_pass 127.0.0.1:10004; } } if ($uri ~ (/blogs/[^/]*)) { set $blogname $1; } location ^~ /blogs/$blogname { try_files $uri $blogname/index.php?q=$uri; location ~ \.php$ { fastcgi_pass 127.0.0.1:10004; } } } I'm wondering if it's an error in combining the config advice for the two separate issues in the two threads. Thanks. From nginx-forum at nginx.us Wed Sep 19 00:36:45 2012 From: nginx-forum at nginx.us (Ensiferous) Date: Tue, 18 Sep 2012 20:36:45 -0400 Subject: Subdirectory still redirecting to www. despite rule In-Reply-To: <2c4f3d1dc96a8008609923da94105724.squirrel@www.digitalhit.com> References: <2c4f3d1dc96a8008609923da94105724.squirrel@www.digitalhit.com> Message-ID: <6a506080465d68e85f4b559572d97330.NginxMailingListEnglish@forum.nginx.org> Stop using a browser to test with and instead do curl -I Browsers cache, always. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230832,230833#msg-230833 From ianevans at digitalhit.com Wed Sep 19 01:05:08 2012 From: ianevans at digitalhit.com (Ian M. Evans) Date: Tue, 18 Sep 2012 21:05:08 -0400 Subject: Subdirectory still redirecting to www. despite rule In-Reply-To: <6a506080465d68e85f4b559572d97330.NginxMailingListEnglish@forum.nginx.org> References: <2c4f3d1dc96a8008609923da94105724.squirrel@www.digitalhit.com> <6a506080465d68e85f4b559572d97330.NginxMailingListEnglish@forum.nginx.org> Message-ID: <2295da7246665b92cc7e018fe79c0f1c.squirrel@www.digitalhit.com> On Tue, September 18, 2012 8:36 pm, Ensiferous wrote: > Stop using a browser to test with and instead do curl -I > Browsers cache, always. a) I had never been to the URL before and b) I had cleared the browser's cache before testing. running curl -I I get: HTTP/1.1 200 OK Server: nginx/1.2.2 Date: Wed, 19 Sep 2012 00:53:36 GMT Content-Type: text/html Connection: keep-alive In Firefox with cache cleared, I get the redirect to the WP install page on www.example.com instead of staying at example.com From leon at kingdest.com Wed Sep 19 06:00:00 2012 From: leon at kingdest.com (Leon) Date: Wed, 19 Sep 2012 14:00:00 +0800 Subject: [Nginx] How to create configure about https default Message-ID: <50595F60.7020206@kingdest.com> Hi, I want https://192.168.0.1 can return 500,but if there is a https://localhost sites,browsering to https://192.168.0.1 will go to https://localhost. How can i avoid this. -- Leon www.kingdest.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1739 bytes Desc: S/MIME Cryptographic Signature URL: From nginx-forum at nginx.us Wed Sep 19 06:15:25 2012 From: nginx-forum at nginx.us (ihamouda1) Date: Wed, 19 Sep 2012 02:15:25 -0400 Subject: load balancing random 503 Message-ID: Hi there I have an instance on ec2 acting as a load balancer for 4 apache2 servers. The instance is ubuntu precise with nginx 1.2.3 The instance has 4 computing units and 3.75 GB memory Everything is working ok, except I get random 503 for some images. I have a page that loads about 20 images, they never load all, randomly some of them don't load and not the same ones every time. Any help is appreciated. nginx.conf: user www-data; worker_processes 8; pid /var/run/nginx.pid; events { worker_connections 4096; # multi_accept on; } http { ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; server_names_hash_bucket_size 64; map_hash_bucket_size 128; # server_name_in_redirect off; ### override default ssl settings ### ssl_session_timeout 10m; proxy_ssl_session_reuse off; ssl_session_cache shared:SSL:16m; ssl_protocols SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!kEDH:!aNULL:!MD5:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; #ssl_ciphers HIGH:!aNULL:!MD5:!kEDH; #ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:RC4 RSA: HIGH; ssl_prefer_server_ciphers on; include /etc/nginx/mime.types; default_type application/octet-stream; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; gzip_disable "msie6"; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; ## # nginx-naxsi config ## # Uncomment it if you installed nginx-naxsi ## #include /etc/nginx/naxsi_core.rules; ## # nginx-passenger config ## # Uncomment it if you installed nginx-passenger ## #passenger_root /usr; #passenger_ruby /usr/bin/ruby; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; # include /etc/nginx/sites-enabled/*; include /etc/nginx/cw.conf; } cw.conf: upstream cwbackend { ip_hash; server cwweb1.domain.com:80; server cwweb2.domain.com:80; server cwweb3.domain.com:80; server cwweb4.domain.com:80; keepalive 16; } upstream cwsecure { ip_hash; server cwweb1.domain.com:443; server cwweb2.domain.com:443; server cwweb3.domain.com:443; server cwweb4.domain.com:443; keepalive 16; } server { listen 80; server_name cw1.domain.com; client_max_body_size 30M; location / { proxy_http_version 1.1; # needed to forward user's IP address to rails proxy_set_header X-Real-IP $remote_addr; proxy_set_header Connection ""; # needed for HTTPS proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_max_temp_file_size 0; proxy_next_upstream error timeout invalid_header http_500; proxy_connect_timeout 30; proxy_read_timeout 360; proxy_pass http://cwbackend; } #end location } #end server server { listen 443; ssl on; ssl_certificate /usr/local/src/certs-2011-2014/sslchain.crt; ssl_certificate_key /usr/local/src/certs-2011-2014/domain.com.key; server_name cw1.domain.com; client_max_body_size 30M; location / { proxy_http_version 1.1; # needed to forward user's IP address to rails proxy_set_header X-Real-IP $remote_addr; # needed for HTTPS proxy_set_header X-FORWARDED-PROTO https; proxy_set_header X-FORWARDED-SSL on; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header Connection ""; proxy_redirect off; proxy_max_temp_file_size 0; proxy_buffering off; proxy_connect_timeout 30; proxy_read_timeout 360; proxy_pass https://cwsecure; } #end location } #end server backend apache2.conf: LockFile ${APACHE_LOCK_DIR}/accept.lock PidFile ${APACHE_PID_FILE} Timeout 2 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 15 StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 256 MaxRequestsPerChild 100 StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 200 MaxRequestsPerChild 0 StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 150 MaxRequestsPerChild 0 User ${APACHE_RUN_USER} Group ${APACHE_RUN_GROUP} AccessFileName .htaccess Order allow,deny Deny from all Satisfy all DefaultType None HostnameLookups Off ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel warn Include mods-enabled/*.load Include mods-enabled/*.conf Include httpd.conf Include ports.conf LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %O" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent Include conf.d/ Include sites-enabled/ backend site config file: NameVirtualHost *:443 ServerAdmin webmaster at domain.com ServerName cwweb1.domain.com SSLEngine On SSLCertificateFile /usr/local/src/domain.com.crt SSLCertificateKeyFile /usr/local/src/domain.com.key SSLCertificateChainFile /usr/local/src/intermediate.crt DocumentRoot /data/www DirectoryIndex default.php index.php Options FollowSymLinks AllowOverride None Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined ServerSignature On Alias /doc/ "/usr/share/doc/" Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230847,230847#msg-230847 From ne at vbart.ru Wed Sep 19 07:21:04 2012 From: ne at vbart.ru (Valentin V. Bartenev) Date: Wed, 19 Sep 2012 11:21:04 +0400 Subject: Subdirectory still redirecting to www. despite rule In-Reply-To: <2c4f3d1dc96a8008609923da94105724.squirrel@www.digitalhit.com> References: <2c4f3d1dc96a8008609923da94105724.squirrel@www.digitalhit.com> Message-ID: <201209191121.04205.ne@vbart.ru> On Wednesday 19 September 2012 04:25:53 Ian M. Evans wrote: [...] > location ^~ /blogs { > try_files $uri /blogs/index.php?q=$uri; > location ~ \.php$ { > fastcgi_pass 127.0.0.1:10004; > } > } > if ($uri ~ (/blogs/[^/]*)) { > set $blogname $1; > } location /blogs { ... location ~ ^/blogs/([^/]+) { ... } } But your example config is completely broken. Probably you do not understand how "location" works. If so, you should read these articles: http://nginx.org/en/docs/http/request_processing.html http://nginx.org/r/location > location ^~ /blogs/$blogname { Variables are not allowed here. wbr, Valentin V. Bartenev From ianevans at digitalhit.com Wed Sep 19 08:01:09 2012 From: ianevans at digitalhit.com (Ian Evans) Date: Wed, 19 Sep 2012 04:01:09 -0400 Subject: Subdirectory still redirecting to www. despite rule In-Reply-To: <201209191121.04205.ne@vbart.ru> References: <2c4f3d1dc96a8008609923da94105724.squirrel@www.digitalhit.com> <201209191121.04205.ne@vbart.ru> Message-ID: <50597BC5.4050707@digitalhit.com> On 19/09/2012 3:21 AM, Valentin V. Bartenev wrote: > On Wednesday 19 September 2012 04:25:53 Ian M. Evans wrote: > [...] >> location ^~ /blogs { >> try_files $uri /blogs/index.php?q=$uri; >> location ~ \.php$ { >> fastcgi_pass 127.0.0.1:10004; >> } >> } >> if ($uri ~ (/blogs/[^/]*)) { >> set $blogname $1; >> } > > location /blogs { > > ... > > location ~ ^/blogs/([^/]+) { > ... > } > } > > But your example config is completely broken. Probably you do not understand how > "location" works. If so, you should read these articles: > > http://nginx.org/en/docs/http/request_processing.html > http://nginx.org/r/location > > >> location ^~ /blogs/$blogname { > > Variables are not allowed here. > As it turns out, the issue was a missing document root (since I previously only used that server section to redirect to www) Added the root and it worked fine. As for the variable in the location, I did not write that. It was suggested to me in the thread: http://www.ruby-forum.com/topic/4405180#1073498 From appa at perusio.net Wed Sep 19 09:02:00 2012 From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida) Date: Wed, 19 Sep 2012 11:02:00 +0200 Subject: Subdirectory still redirecting to www. despite rule In-Reply-To: <50597BC5.4050707@digitalhit.com> References: <2c4f3d1dc96a8008609923da94105724.squirrel@www.digitalhit.com> <201209191121.04205.ne@vbart.ru> <50597BC5.4050707@digitalhit.com> Message-ID: <87pq5io06v.wl%appa@perusio.net> On 19 Set 2012 10h01 CEST, ianevans at digitalhit.com wrote: On 19/09/2012 3:21 AM, Valentin V. Bartenev wrote: > On Wednesday 19 September 2012 04:25:53 Ian M. Evans wrote: > [...] >> location ^~ /blogs { >> try_files $uri /blogs/index.php?q=$uri; >> location ~ \.php$ { >> fastcgi_pass 127.0.0.1:10004; >> } >> } >> if ($uri ~ (/blogs/[^/]*)) { >> set $blogname $1; >> } > > location /blogs { > > ... > > location ~ ^/blogs/([^/]+) { > ... > } > } The suggested config of adding a variable is over complicated and very little Nginxy. That's seems like a throwback to Apache's style IMO. Valentin's suggestion with blogname being a capture in a regex based (nested) location is a much cleaner way. It's also informative in the way Nginx configuration language works. It's mostly declarative. Try it out. --- appa > But your example config is completely broken. Probably you do not understand how > "location" works. If so, you should read these articles: > > http://nginx.org/en/docs/http/request_processing.html > http://nginx.org/r/location > > >> location ^~ /blogs/$blogname { > > Variables are not allowed here. > As it turns out, the issue was a missing document root (since I previously only used that server section to redirect to www) Added the root and it worked fine. As for the variable in the location, I did not write that. It was suggested to me in the thread: http://www.ruby-forum.com/topic/4405180#1073498 _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx From sb at waeme.net Wed Sep 19 11:17:37 2012 From: sb at waeme.net (Sergey Budnevitch) Date: Wed, 19 Sep 2012 15:17:37 +0400 Subject: Administrivia: envelope sender address and the mailing list Message-ID: Until recently messages to the mailing list from unsubscribed addresses were forwarded directly to the maillist administrator, and sender had no knowledge why message was delayed or dropped. Since the number of messages automatically forwarded to maillist administrator grew with time mostly because of spam, we have added extra sender validation on mail server level. Unfortunately mail server checks envelope sender address and Mailman checks From: address. In most cases they match, but for example, google mail servers set envelope sender to google account address, while From: address may be any you like. In this case sender will receive non-delivery report, although address in From: is correct and subscribed to the mailing list. As a workaround it is possible to subscribe second (envelope sender) address to the mailing list and disable delivery through Mailman web interface. From nginx-forum at nginx.us Wed Sep 19 13:45:15 2012 From: nginx-forum at nginx.us (Fattie) Date: Wed, 19 Sep 2012 09:45:15 -0400 Subject: Load balancing & local files Message-ID: Hi, I have 2 servers running Nginx on them while one of them also acts as a load balancer. Each server accesses local unique image files that are generated in runtime. I tried the following configuration for the load balancer nginx: upstream servername { ip_hash; server 127.0.0.1:9000 fail_timeout=10s; server x.x.x.x fail_timeout=10s; } ... location /localimage { proxy_pass http://servername; root /path/to/localimage; expires 7d; access_log off; break; } Whenever the request is to server #2, I get the image, when it's to server #1 (local) I don't. If I remove the line "proxy_pass http://servername;" the problem goes other way around. What is the correct way to configure nginx to solve this? Thanks in advance! Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230871,230871#msg-230871 From mdounin at mdounin.ru Wed Sep 19 13:49:48 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Wed, 19 Sep 2012 17:49:48 +0400 Subject: proper setup for forward secrecy In-Reply-To: <110ae62f699e1f557ddc5a674b5124f6.NginxMailingListEnglish@forum.nginx.org> References: <20120810090706.GB40452@mdounin.ru> <110ae62f699e1f557ddc5a674b5124f6.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20120919134948.GG40452@mdounin.ru> Hello! On Tue, Sep 18, 2012 at 04:34:30AM -0400, eiji-gravion wrote: > Still curious about this, it would be nice to have a way to rotate these > keys without having to restart the server. Looking though OpenSSL code suggests keys are generated on SSL_CTX creation (at least as of OpenSSL 1.0.1c, see SSL_CTX_new() in ssl/ssl_lib.c), that is, they are rotated by nginx configuration reload. Maxim Dounin From nginx-forum at nginx.us Wed Sep 19 15:04:08 2012 From: nginx-forum at nginx.us (Muse) Date: Wed, 19 Sep 2012 11:04:08 -0400 Subject: fastcgi cache how-to cache for logged-in users and make it custom for each user Message-ID: Hello, Currently I'm doing cache using fastcgi_cache for non-logged-in users, and using ( if + fastcgi_no_cache + fastcgi_cache_bypass ) to pass logged-in users directly to backend which is PHP-FPM. this work good enough, but when PHP-FPM start hitting 500+ req/s the slow/load start. So what i'm thinking about is to create a cache for logged-in users and each user has it's own cached files, is that possible? if yes can you please provide me some tips about that. I've goggled a lot but nothing help with that. the site running custom php cms with mysql and memcached and apc Thanks. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230878,230878#msg-230878 From appa at perusio.net Wed Sep 19 15:30:30 2012 From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida) Date: Wed, 19 Sep 2012 17:30:30 +0200 Subject: fastcgi cache how-to cache for logged-in users and make it custom for each user In-Reply-To: References: Message-ID: <87k3vqni7d.wl%appa@perusio.net> On 19 Set 2012 17h04 CEST, nginx-forum at nginx.us wrote: > Hello, > > Currently I'm doing cache using fastcgi_cache for non-logged-in > users, and using ( if + fastcgi_no_cache + fastcgi_cache_bypass ) to > pass logged-in users directly to backend which is PHP-FPM. > > this work good enough, but when PHP-FPM start hitting 500+ req/s the > slow/load start. > > So what i'm thinking about is to create a cache for logged-in users > and each user has it's own cached files, is that possible? if yes > can you please provide me some tips about that. I've goggled a lot > but nothing help with that. Use the session ID as part of the cache key. I have a drupal config that uses that: https://github.com/perusio/drupal-with-nginx/blob/master/map_cache.conf HTH, --- appa From nginx-forum at nginx.us Wed Sep 19 16:07:58 2012 From: nginx-forum at nginx.us (Linux99) Date: Wed, 19 Sep 2012 12:07:58 -0400 Subject: fastcgi cache how-to cache for logged-in users and make it custom for each user In-Reply-To: <87k3vqni7d.wl%appa@perusio.net> References: <87k3vqni7d.wl%appa@perusio.net> Message-ID: Ant?nio P. P. Almeida Wrote: ------------------------------------------------------- > On 19 Set 2012 17h04 CEST, nginx-forum at nginx.us wrote: > > > Hello, > > > > Currently I'm doing cache using fastcgi_cache for non-logged-in > > users, and using ( if + fastcgi_no_cache + fastcgi_cache_bypass ) to > > pass logged-in users directly to backend which is PHP-FPM. > > > > this work good enough, but when PHP-FPM start hitting 500+ req/s the > > slow/load start. > > > > So what i'm thinking about is to create a cache for logged-in users > > and each user has it's own cached files, is that possible? if yes > > can you please provide me some tips about that. I've goggled a lot > > but nothing help with that. > > Use the session ID as part of the cache key. I have a drupal config > that uses that: > > https://github.com/perusio/drupal-with-nginx/blob/master/map_cache.con > f > > HTH, > --- appa > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx Woow, It's very useful tip, Could you illustrate this in details .? , Also Does it need to change the way php cms run his own cookies .? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230878,230881#msg-230881 From appa at perusio.net Wed Sep 19 16:55:16 2012 From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida) Date: Wed, 19 Sep 2012 18:55:16 +0200 Subject: fastcgi cache how-to cache for logged-in users and make it custom for each user In-Reply-To: References: <87k3vqni7d.wl%appa@perusio.net> Message-ID: <87ipbanea3.wl%appa@perusio.net> On 19 Set 2012 18h07 CEST, nginx-forum at nginx.us wrote: > Ant?nio P. P. Almeida Wrote: > ------------------------------------------------------- >> On 19 Set 2012 17h04 CEST, nginx-forum at nginx.us wrote: >> >>> Hello, >>> >>> Currently I'm doing cache using fastcgi_cache for non-logged-in >>> users, and using ( if + fastcgi_no_cache + fastcgi_cache_bypass ) >>> to pass logged-in users directly to backend which is PHP-FPM. >>> >>> this work good enough, but when PHP-FPM start hitting 500+ req/s >>> the slow/load start. >>> >>> So what i'm thinking about is to create a cache for logged-in >>> users and each user has it's own cached files, is that possible? >>> if yes can you please provide me some tips about that. I've >>> goggled a lot but nothing help with that. >> >> Use the session ID as part of the cache key. I have a drupal config >> that uses that: >> >> https://github.com/perusio/drupal-with-nginx/blob/master/map_cache.con >> f > Woow, It's very useful tip, > > Could you illustrate this in details .? , Also Does it need to > change the way php cms run his own cookies .? No I don't think so. What may have to change is the regex in the map directive that captures the session ID. It depends on how is generated. You just use something like that and then set the cache key: ## The cache key. fastcgi_cache_key $cache_uid@$host$request_uri; --- appa From nginx-forum at nginx.us Wed Sep 19 23:55:38 2012 From: nginx-forum at nginx.us (thiagotognoli) Date: Wed, 19 Sep 2012 19:55:38 -0400 Subject: Error: Rewrite or internal redirection cycle after some time In-Reply-To: <20120917192047.GK40452@mdounin.ru> References: <20120917192047.GK40452@mdounin.ru> Message-ID: Thanks for the reply, but do not know if this is the problem because the open_file_cache is not configured at global level, and index.php is not changed or replaced, this file was never changed because it is the default magento, have any other ideas of what might be? I appreciate the help ... Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230733,230889#msg-230889 From mdounin at mdounin.ru Thu Sep 20 07:48:27 2012 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 20 Sep 2012 11:48:27 +0400 Subject: Error: Rewrite or internal redirection cycle after some time In-Reply-To: References: <20120917192047.GK40452@mdounin.ru> Message-ID: <20120920074827.GL40452@mdounin.ru> Hello! On Wed, Sep 19, 2012 at 07:55:38PM -0400, thiagotognoli wrote: > Thanks for the reply, but do not know if this is the problem because the > open_file_cache is not configured at global level, and index.php is not > changed or replaced, this file was never changed because it is the default > magento, have any other ideas of what might be? May be a result of X-Accel-Redirect loop if your backend use it, or backend error + fastcgi_intercept_errors + error_page loop (again if configured). If in doubt, you may activate debug log (see http://nginx.org/en/docs/debugging_log.html). From debug log it would be clear what exactly goes on. Maxim Dounin From nfnlists at gmail.com Thu Sep 20 21:29:53 2012 From: nfnlists at gmail.com (Nuno Neves) Date: Thu, 20 Sep 2012 22:29:53 +0100 Subject: Different cache time for different locations In-Reply-To: <20120831170824.GV40452@mdounin.ru> References: <20120831170824.GV40452@mdounin.ru> Message-ID: Hello 2012/8/31 Maxim Dounin : > Hello! > > On Fri, Aug 31, 2012 at 05:46:02PM +0100, Nuno Neves wrote: > >> Hello, >> >> All my requests passes in the php location to fastcgi ( location ~ >> \.php$ ) and I would like to have different cache time for different >> requests. >> >> As an example : >> >> / -> cache time for 10 minutes >> /about -> cache time for 1 day >> /products -> cache time for 1h >> >> Right now I have the same cache for all requests: fastcgi_cache_valid >> 200 302 10m; >> >> How am I able to accomplish this setup? > > Configure different locations to handle different requests, for > example > > location = / { > fastcgi_pass ... > fastcgi_cache_valid 10m; > ... > } > > location = /about { > fastcgi_pass ... > fastcgi_cache_valid 1d; > ... > } > > location = /products { > fastcgi_pass ... > fastcgi_cache_valid 1h; > ... > } > > Maxim Dounin I've tested this configuration, but since all php requests pass in ( location ~ \.php$ ) and all requests are sent to /index.php with try_files, this doesn't work. For example, all requests to /products are handle with /index.php with try_files location / { try_files $uri $uri/ /index.php; } location ~ \.php$ { fastcgi_pass ... fastcgi_cache one; fastcgi_cache_valid 200 20m; .... } If I add: location = /products { fastcgi_pass ... fastcgi_cache_valid 1h; ... } A request to /products get the value from .php location ( fastcgi_cache_valid 200 10m; ) If I remove fastcgi_cache_valid from .php location, all requests I get are MISS. Any ideas to accomplished this? Thanks From appa at perusio.net Thu Sep 20 21:56:21 2012 From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida) Date: Thu, 20 Sep 2012 23:56:21 +0200 Subject: Different cache time for different locations In-Reply-To: References: <20120831170824.GV40452@mdounin.ru> Message-ID: <87haqsnyt6.wl%appa@perusio.net> On 20 Set 2012 23h29 CEST, nfnlists at gmail.com wrote: > Hello > > 2012/8/31 Maxim Dounin : >> Hello! >> >> On Fri, Aug 31, 2012 at 05:46:02PM +0100, Nuno Neves wrote: >> >>> Hello, >>> >>> All my requests passes in the php location to fastcgi ( location ~ >>> \.php$ ) and I would like to have different cache time for >>> different requests. >>> >>> As an example : >>> >>> / -> cache time for 10 minutes >>> /about -> cache time for 1 day >>> /products -> cache time for 1h >>> >>> Right now I have the same cache for all requests: >>> fastcgi_cache_valid 200 302 10m; >>> >>> How am I able to accomplish this setup? >> >> Configure different locations to handle different requests, for >> example >> >> location = / { >> fastcgi_pass ... >> fastcgi_cache_valid 10m; >> ... >> } >> >> location = /about { >> fastcgi_pass ... >> fastcgi_cache_valid 1d; >> ... >> } >> >> location = /products { >> fastcgi_pass ... >> fastcgi_cache_valid 1h; >> ... >> } >> >> Maxim Dounin > > I've tested this configuration, but since all php requests pass in ( > location ~ \.php$ ) and all requests are sent to /index.php with > try_files, this doesn't work. > > For example, all requests to /products are handle with /index.php > with try_files > > location / { > try_files $uri $uri/ /index.php; > } > > location ~ \.php$ { > fastcgi_pass ... > fastcgi_cache one; > fastcgi_cache_valid 200 20m; > .... > } Why do you use an insecure config? It's even referenced in the wiki: http://wiki.nginx.org/Pitfalls#Passing_Uncontrolled_Requests_to_PHP I'm aware that is quite common to "recommend" this as de rigueur for PHP but I fail to see why, It seems that is just easier to have a catch all php than enumerate all scripts that are allowed. Maxim suggestion doesn't work for you because you have this regex based location. I suggest you formulate your problem more clearly so that the list can help you. Start by trying an exact location for index.php location = /index.php { ... } location = /products { ... } You have to "enable" PHP FCGI handling in each location. --- appa > > If I add: > > location = /products { > fastcgi_pass ... > fastcgi_cache_valid 1h; > ... > } > > A request to /products get the value from .php location ( > fastcgi_cache_valid 200 10m; ) > If I remove fastcgi_cache_valid from .php location, all requests I > get are MISS. > > Any ideas to accomplished this? > > Thanks > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From nginx-forum at nginx.us Fri Sep 21 10:42:05 2012 From: nginx-forum at nginx.us (Loggy) Date: Fri, 21 Sep 2012 06:42:05 -0400 Subject: twentyeleven theme in WordPress - Nginx as reverse proxy to Apache2 Message-ID: <27b01c28cca6e8a8a286fa8bef5f6709.NginxMailingListEnglish@forum.nginx.org> There are many attractions of Nginx as a front-end to Apache for WordPress - not least the retention of permalink facilities. I have been trying this for some time now and, when it works, the performance is certainly excellent. However there is one problem with all the configurations I have been trying and that is the header image in the default WordPress twentyeleven theme when not logged in. This should load a random image on each refresh but, even though the image name should change, the same image is always reloaded. The platform is Ubuntu 10.04 LTS, nginx 1.2.3 stable, Apache/2.2.14 (Ubuntu), WordPress 3.4.2. Here is the essential bit from nginx.conf in my current tests: ============================================================================= proxy_cache_path /var/lib/nginx/cache levels=1:2 keys_zone=staticfilecache:180m max_size=100m; proxy_temp_path /var/lib/nginx/proxy; proxy_connect_timeout 30; proxy_read_timeout 120; proxy_send_timeout 120; #IMPORTANT - this sets the basic cache key that's used in the static file cache. proxy_cache_key "$scheme://$host$request_uri"; ============================================================================= ... and the essentail /etc/nginx/conf.d/wordpress.conf file which is included in every server {} definition: ============================================================================= # Set the real IP. proxy_set_header X-Real-IP $remote_addr; # Set the hostname proxy_set_header Host $host; #Set the forwarded-for header. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # Let the Set-Cookie header through. proxy_pass_header Set-Cookie; location / { # If logged in, don't cache. if ($http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) { set $do_not_cache 1; } proxy_cache_key "$scheme://$host$request_uri $do_not_cache"; proxy_cache staticfilecache; proxy_pass http://apache; } location ~* wp\-.*\.php|wp\-admin { # Don't static file cache admin-looking things. proxy_pass http://apache; } location ~* \.(jpg|png|gif|jpeg|css|js|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ { # Cache static-looking files for 120 minutes, setting a 10 day expiry time in the HTTP header, # whether logged in or not (may be too heavy-handed). proxy_cache_valid 200 120m; expires 864000; proxy_pass http://apache; proxy_cache staticfilecache; } location ~* \/[^\/]+\/(feed|\.xml)\/? { # Cache RSS looking feeds for 45 minutes unless logged in. if ($http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) { set $do_not_cache 1; } proxy_cache_key "$scheme://$host$request_uri $do_not_cache"; proxy_cache_valid 200 45m; proxy_cache staticfilecache; proxy_pass http://apache; } location = /50x.html { root /var/www/nginx-default; } # No access to .htaccess files. location ~ /\.ht { deny all; } ============================================================================= So clearly WordPress is not being asked to provide a new header. Clearly I can make it do so by setting expires 0 but that rather defeats the purpose of having nginx up front. Any ideas? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230916,230916#msg-230916 From nginx-forum at nginx.us Fri Sep 21 11:10:18 2012 From: nginx-forum at nginx.us (a.mion@megasp.it) Date: Fri, 21 Sep 2012 07:10:18 -0400 Subject: Nginx proxy_pass file upload 500 "Internal Server Error" In-Reply-To: <0d62d050ee860cd904c2ab7078e70a8d.NginxMailingListEnglish@forum.nginx.org> References: <0d62d050ee860cd904c2ab7078e70a8d.NginxMailingListEnglish@forum.nginx.org> Message-ID: <7493ef0e163bfb8822b22cefd5b829ec.NginxMailingListEnglish@forum.nginx.org> Yes, i've seen in apache2 log file that my backend give 490 status code while nginx response is 500 with internal server error. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230692,230917#msg-230917 From nginx-forum at nginx.us Fri Sep 21 12:37:16 2012 From: nginx-forum at nginx.us (Loggy) Date: Fri, 21 Sep 2012 08:37:16 -0400 Subject: twentyeleven theme in WordPress - Nginx as reverse proxy to Apache2 In-Reply-To: <27b01c28cca6e8a8a286fa8bef5f6709.NginxMailingListEnglish@forum.nginx.org> References: <27b01c28cca6e8a8a286fa8bef5f6709.NginxMailingListEnglish@forum.nginx.org> Message-ID: Actually it's more serious than just the image. If you add a new comment when not logged in, the whole post with the new comment is entered into the cache and served OK. But an immediate additional comment added is not served because the cache hasn't expired. The comment count is also not updated. I have tried adding the Nginx proxy cache integrator which adds effectively expires the cache where particular types of cookie are found but a visitor does not (in general) result in a cookie so the image problem at least remains. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230916,230919#msg-230919 From nginx-forum at nginx.us Fri Sep 21 12:59:16 2012 From: nginx-forum at nginx.us (Loggy) Date: Fri, 21 Sep 2012 08:59:16 -0400 Subject: twentyeleven theme in WordPress - Nginx as reverse proxy to Apache2 In-Reply-To: References: <27b01c28cca6e8a8a286fa8bef5f6709.NginxMailingListEnglish@forum.nginx.org> Message-ID: <8bbaec94d61e7da0c8988fc93e789e8e.NginxMailingListEnglish@forum.nginx.org> The comment issue remains even with the WordPress Nginx proxy cache integrator plugin activated and the comments approved. They are not visible until the page of posts has expired.:( The plugin sets X-Accel-Expires to 0 where wordpress_comment_author or wordpress_wp-postpass cookies are set, thus switching off caching for that page and renewing the cache copy. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230916,230920#msg-230920 From nfnlists at gmail.com Fri Sep 21 13:40:24 2012 From: nfnlists at gmail.com (Nuno Neves) Date: Fri, 21 Sep 2012 14:40:24 +0100 Subject: Different cache time for different locations In-Reply-To: <87haqsnyt6.wl%appa@perusio.net> References: <20120831170824.GV40452@mdounin.ru> <87haqsnyt6.wl%appa@perusio.net> Message-ID: Hello, That's the way applications like wordpress and others works, in my case it's Invision Power Board. Thanks anyway. Nuno 2012/9/20 Ant?nio P. P. Almeida : > On 20 Set 2012 23h29 CEST, nfnlists at gmail.com wrote: > >> Hello >> >> 2012/8/31 Maxim Dounin : >>> Hello! >>> >>> On Fri, Aug 31, 2012 at 05:46:02PM +0100, Nuno Neves wrote: >>> >>>> Hello, >>>> >>>> All my requests passes in the php location to fastcgi ( location ~ >>>> \.php$ ) and I would like to have different cache time for >>>> different requests. >>>> >>>> As an example : >>>> >>>> / -> cache time for 10 minutes >>>> /about -> cache time for 1 day >>>> /products -> cache time for 1h >>>> >>>> Right now I have the same cache for all requests: >>>> fastcgi_cache_valid 200 302 10m; >>>> >>>> How am I able to accomplish this setup? >>> >>> Configure different locations to handle different requests, for >>> example >>> >>> location = / { >>> fastcgi_pass ... >>> fastcgi_cache_valid 10m; >>> ... >>> } >>> >>> location = /about { >>> fastcgi_pass ... >>> fastcgi_cache_valid 1d; >>> ... >>> } >>> >>> location = /products { >>> fastcgi_pass ... >>> fastcgi_cache_valid 1h; >>> ... >>> } >>> >>> Maxim Dounin >> >> I've tested this configuration, but since all php requests pass in ( >> location ~ \.php$ ) and all requests are sent to /index.php with >> try_files, this doesn't work. >> >> For example, all requests to /products are handle with /index.php >> with try_files >> >> location / { >> try_files $uri $uri/ /index.php; >> } >> >> location ~ \.php$ { >> fastcgi_pass ... >> fastcgi_cache one; >> fastcgi_cache_valid 200 20m; >> .... >> } > > Why do you use an insecure config? It's even referenced in the wiki: > http://wiki.nginx.org/Pitfalls#Passing_Uncontrolled_Requests_to_PHP > > I'm aware that is quite common to "recommend" this as de rigueur for > PHP but I fail to see why, It seems that is just easier to have a > catch all php than enumerate all scripts that are allowed. > > Maxim suggestion doesn't work for you because you have this regex > based location. I suggest you formulate your problem more clearly so > that the list can help you. > > Start by trying an exact location for index.php > > location = /index.php { > ... > } > > location = /products { > ... > } > > You have to "enable" PHP FCGI handling in each location. > > --- appa > >> >> If I add: >> >> location = /products { >> fastcgi_pass ... >> fastcgi_cache_valid 1h; >> ... >> } >> >> A request to /products get the value from .php location ( >> fastcgi_cache_valid 200 10m; ) >> If I remove fastcgi_cache_valid from .php location, all requests I >> get are MISS. >> >> Any ideas to accomplished this? >> >> Thanks >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From i.hailperin at heinlein-support.de Fri Sep 21 14:08:52 2012 From: i.hailperin at heinlein-support.de (Isaac Hailperin) Date: Fri, 21 Sep 2012 16:08:52 +0200 Subject: Best way to handle dynamic upstream backend? Message-ID: <505C74F4.3060208@heinlein-support.de> Hi, I use nginx as a reverse proxy in front of about 20 apaches. Now in my backend, currently defined as upstream backend_all { server 1.1.1.1; server 1.1.1.2; ... server 1.1.1.20; } i would like to include dynamic information about the health of the backend nodes. If a backend server is down, it should be marked as down automatically. Or if a server is specifically busy, it should get less used as a backend. I could implement a scrip which checks the backend and then generates the upstream definition accordingly. I would then have to reload nginx. (Would that generate timeouts for my users? - reload takes a few (aprox 10) seconds as there are a lot of websites.). This seems not like the best solution to me, as I feel that nginx might have build in solution for this (?). Also I have not only one nginx server, but four, so think I need to take care that these four distribute evenly to the backend. For this I was thinking of ip_hash. Any suggestions on how to handle this? Isaac From appa at perusio.net Fri Sep 21 16:44:32 2012 From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida) Date: Fri, 21 Sep 2012 18:44:32 +0200 Subject: Different cache time for different locations In-Reply-To: References: <20120831170824.GV40452@mdounin.ru> <87haqsnyt6.wl%appa@perusio.net> Message-ID: <87fw6bnx5b.wl%appa@perusio.net> On 21 Set 2012 15h40 CEST, nfnlists at gmail.com wrote: > Hello, > > That's the way applications like wordpress and others works, in my > case it's Invision Power Board. With WP you can enumerate all PHP files and even if you don't want to do that you can constrain the execution by using something like this: ## Regular PHP processing. location ~ ^(?