302 Moved

From nginx-forum at nginx.us Sun Jun 1 09:02:15 2014 From: nginx-forum at nginx.us (SupaIrish) Date: Sun, 01 Jun 2014 05:02:15 -0400 Subject: Whitelisting Req/Conn Limiting In-Reply-To: References: Message-ID: <21c1113f46de2975dc93480bc684fe9a.NginxMailingListEnglish@forum.nginx.org> Thanks for the reply 1) Your explanation clarified my misunderstanding, much appreciated. 2) Your suggestion would make a lot of sense. But after reading your response, I realized I wrote the check wrong in my example. I'm trying to whitelist an inbound request from a specific server, not one that Nginx is serving. Instead of $hostname I should be using $remote_addr and the IP of the remote server I'm attempting to whitelist from the throttling. i.e. if ( $remote_addr = XX.XXX.XXX.XXX ) { set $whitelist 1; } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250510,250530#msg-250530 From nginx-forum at nginx.us Sun Jun 1 10:30:49 2014 From: nginx-forum at nginx.us (omercz) Date: Sun, 01 Jun 2014 06:30:49 -0400 Subject: Email Reverse Proxy issue Message-ID: <4efec97591f89c67ee99a2741d671b74.NginxMailingListEnglish@forum.nginx.org> I am using Nginx as an Email reverse proxy. The email client sends a request to the nginx, the nginx fetch the WHOLE email(message) from exchange server, and only then manipulates it and sends it back to client. Email Client<---->Nginx<----> Office 365 Everything is working great, besides the following problem, the Email client has a timeout of 30 seconds, but sometimes it can take the Nginx to download the whole email more the 30sec (if it has a big attachment). My question is as follow: In the meantime can the nginx send 'something' to the client to keep him aware that something is being downloaded ? Right now I have an ugly patch that sends on the open socket 'blanks' to the client every 20 seconds, until the nginx can send him the whole file. Thanks Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250534,250534#msg-250534 From reallfqq-nginx at yahoo.fr Sun Jun 1 12:09:34 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Sun, 1 Jun 2014 14:09:34 +0200 Subject: Whitelisting Req/Conn Limiting In-Reply-To: <21c1113f46de2975dc93480bc684fe9a.NginxMailingListEnglish@forum.nginx.org> References: <21c1113f46de2975dc93480bc684fe9a.NginxMailingListEnglish@forum.nginx.org> Message-ID: I am glad my explanations were clear enough, though I doubt I said more than the docs which, again, seem pretty clear to me. You could make suggestions on how to improve the docs by quoting what you think would gain to be rephrased better. Based on my previous advice, you already know that using 'if' is avoidable and recommended. What do you think you could change to match your new needs? At which level does the check should be done? How to use variables to make only targeted environments affected by you contional statement? You could search archives of the ML on the forum you are using since map configuration are a recurring question, and your use case has been addressed multiple times in the past. To increase your chances to gain help, please provide: - details on the process you followed - relevant bits of the configuration you achieved which bother you - intel about searches/thinking you made - precise questions/wondering you have --- *B. R.* On Sun, Jun 1, 2014 at 11:02 AM, SupaIrish wrote: > Thanks for the reply > > 1) Your explanation clarified my misunderstanding, much appreciated. > > 2) Your suggestion would make a lot of sense. But after reading your > response, I realized I wrote the check wrong in my example. I'm trying to > whitelist an inbound request from a specific server, not one that Nginx is > serving. Instead of $hostname I should be using $remote_addr and the IP of > the remote server I'm attempting to whitelist from the throttling. i.e. > > if ( $remote_addr = XX.XXX.XXX.XXX ) { > set $whitelist 1; > } > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,250510,250530#msg-250530 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From philipp.kraus at tu-clausthal.de Sun Jun 1 17:37:51 2014 From: philipp.kraus at tu-clausthal.de (Philipp Kraus) Date: Sun, 1 Jun 2014 19:37:51 +0200 Subject: location for php except Message-ID: <579A3506-81F3-40F5-AE62-E29F12BC51CE@tu-clausthal.de> Hello, I'm using nginx with Gitlab, so in the Gitlab some PHP projects are hosted and on other directory there exists some PHP scripts. For the PHP files I use: location ~ \.php$ { fastcgi_split_path_info ^(.+?\.php)(/.*)$; if (!-f $document_root$fastcgi_script_name) { return 404; } fastcgi_pass 127.0.0.1:9000; include /etc/nginx/fastcgi_params; try_files $uri $uri/ =404; } and for my Gitlab I'm using: location /gitlab { alias /home/gitlab/gitlab/public; try_files $uri @gitlab; } location @gitlab { proxy_read_timeout 300; proxy_connect_timeout 300; proxy_redirect off; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://gitlab; } The problem at the moment is, that if a PHP file is hosted in a Gitlab repository the location ~\.php$ is matched first. So how can I change the locations, that all PHP files, which URL has got the part /gitlab it should be passed to Gitlab and otherwise it should be passed to the fastcgi call e.g. myserver/gitlab/user/repository.git/master/test.php should be handled by Gitlab and myserver/somedirectory/test.php should be handled by the fastcgi call. Thanks a lot Phil From nginx-forum at nginx.us Sun Jun 1 17:48:09 2014 From: nginx-forum at nginx.us (allang) Date: Sun, 01 Jun 2014 13:48:09 -0400 Subject: Invalid ports added in redirects on AWS EC2 nginx Message-ID: On AWS, I'm trying to migrate a PHP Symfony app running on nginx. I want to be able to test the app by directly talking to the EC2 server and via an Elastic Load Balancer (ELB -the public route in). I've setup the ELB to decrypt all the SSL traffic and pass this on to my EC2 server via port 80, as well as pass port 80 directly onto my EC2 server via port 80. Initially this caused infinite redirects in my app but I researched and then fixed this by adding fastcgi_param HTTPS $https; with some custom logic that looks at $http_x_forwarded_proto to figure out when its actually via SSL. There remains one issue I can't solve. When a user logs into the Symfony app, if they come via the ELB, the form POST eventually returns a redirect back to https://elb.mysite.com:80/dashboard instead of https://elb.mysite.com/dashboard which gives the user an error of "SSL connection error". I've tried setting fastcgi_param SERVER_PORT $fastcgi_port; to force it away from 80 and I've also added the port_in_redirect off directive but both make no difference. The only way I've found to fix this is to alter the ELB 443 listener to pass traffic via https. The EC2 server has a self certified SSL certificate configured. But this means the EC2 server is wasting capacity performing this unnecessary 2nd decryption. Any help very much appreciated. Maybe there is a separate way within nginx of telling POST requests to not apply port numbers? Nginx vhost config: server { port_in_redirect off; listen 80; listen 443 ssl; ssl_certificate /etc/nginx/ssl/mysite.com/self-ssl.crt; ssl_certificate_key /etc/nginx/ssl/mysite.com/self-ssl.key; # Determine if HTTPS being used either locally or via ELB set $fastcgi_https off; set $fastcgi_port 80; if ( $http_x_forwarded_proto = 'https' ) { # ELB is using https set $fastcgi_https on; # set $fastcgi_port 443; } if ( $https = 'on' ) { # Local connection is using https set $fastcgi_https on; # set $fastcgi_port 443; } server_name *.mysite.com my-mysite-com-1234.eu-west-1.elb.amazonaws.com; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log error; rewrite ^/app\.php/?(.*)$ /$1 permanent; location / { port_in_redirect off; root /var/www/vhosts/mysite.com/web; index app.php index.php index.html index.html; try_files $uri @rewriteapp; } location ~* \.(jpg|jpeg|gif|png)$ { root /var/www/vhosts/mysite.com/web; access_log off; log_not_found off; expires 30d; } location ~* \.(css|js)$ { root /var/www/vhosts/mysite.com/web; access_log off; log_not_found off; expires 2h; } location @rewriteapp { rewrite ^(.*)$ /app.php/$1 last; } location ~ ^/(app|app_dev|config)\.php(/|$) { port_in_redirect off; fastcgi_pass 127.0.0.1:9000; fastcgi_split_path_info ^(.+\.php)(/.*)$; fastcgi_param HTTPS $fastcgi_https; # fastcgi_param SERVER_PORT $fastcgi_port; #fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/vhosts/mysite.com/web$fastcgi_script_name; include fastcgi_params; } } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250545,250545#msg-250545 From francis at daoine.org Sun Jun 1 18:16:13 2014 From: francis at daoine.org (Francis Daly) Date: Sun, 1 Jun 2014 19:16:13 +0100 Subject: location for php except In-Reply-To: <579A3506-81F3-40F5-AE62-E29F12BC51CE@tu-clausthal.de> References: <579A3506-81F3-40F5-AE62-E29F12BC51CE@tu-clausthal.de> Message-ID: <20140601181613.GA16942@daoine.org> On Sun, Jun 01, 2014 at 07:37:51PM +0200, Philipp Kraus wrote: Hi there, > I'm using nginx with Gitlab, so in the Gitlab some PHP projects are hosted and on other directory there exists some PHP scripts. > > For the PHP files I use: > > location ~ \.php$ { > and for my Gitlab I'm using: > > location /gitlab > The problem at the moment is, that if a PHP file is hosted in a Gitlab repository the location ~\.php$ is matched first. Strictly, it's that this location is the one that best matches the request. ("first" doesn't really apply.) See http://nginx.org/r/location for details. > So how can I change the locations, that all PHP files, which URL has got the part /gitlab it should be passed to Gitlab and > otherwise it should be passed to the fastcgi call e.g. If by "has got the part" you mean "starts with exactly the string", then pay particular attention to the "^~" modifier, (If not, then pay attention to the order of regexes.) f -- Francis Daly francis at daoine.org From philipp.kraus at tu-clausthal.de Sun Jun 1 19:00:13 2014 From: philipp.kraus at tu-clausthal.de (Philipp Kraus) Date: Sun, 1 Jun 2014 21:00:13 +0200 Subject: location for php except In-Reply-To: <20140601181613.GA16942@daoine.org> References: <579A3506-81F3-40F5-AE62-E29F12BC51CE@tu-clausthal.de> <20140601181613.GA16942@daoine.org> Message-ID: Am 01.06.2014 um 20:16 schrieb Francis Daly : > Strictly, it's that this location is the one that best matches the > request. ("first" doesn't really apply.) > > See http://nginx.org/r/location for details. okay, I have try to swap both location, imho I have translate "best location" with "first-come-first-serv order", so the swap does not create any effect. > >> So how can I change the locations, that all PHP files, which URL has got the part /gitlab it should be passed to Gitlab and >> otherwise it should be passed to the fastcgi call e.g. > > If by "has got the part" you mean "starts with exactly the string", > then pay particular attention to the "^~" modifier, I have added the ^~ to my locations and it seems to be working Thanks Phil From nginx-forum at nginx.us Mon Jun 2 03:47:33 2014 From: nginx-forum at nginx.us (TECK) Date: Sun, 01 Jun 2014 23:47:33 -0400 Subject: Nginx 1.7.0: location @php In-Reply-To: <20140531112745.GZ16942@daoine.org> References: <20140531112745.GZ16942@daoine.org> Message-ID: <07d939cb9c0fee924eeceae42fdbb282.NginxMailingListEnglish@forum.nginx.org> Francis, We are going in circles without reaching a solution. I think what I asked is very clear and simple: How do I avoid repeating a segment of configuration code assigned to @php into various locations: location @php { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass fastcgi; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name; include fastcgi.conf; } The above configuration will never change, regardless in what location is used: location ^~ /alpha { auth_basic "Restricted Access"; auth_basic_user_file htpasswd; try_files $uri $uri/ /alpha/index.php?$uri&$args; location ~ \.php$ { try_files @php =404; } } location ^~ /beta { try_files $uri $uri/ /beta/index.php?$uri&$args; location ~ \.php$ { try_files @php =404; } } If I replace the @php contents into /beta location, everything works. location ^~ /beta { try_files $uri $uri/ /beta/index.php?$uri&$args; location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass fastcgi; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name; include fastcgi.conf; } } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250342,250548#msg-250548 From artemrts at ukr.net Mon Jun 2 06:24:01 2014 From: artemrts at ukr.net (wishmaster) Date: Mon, 02 Jun 2014 09:24:01 +0300 Subject: Nginx 1.7.0: location @php In-Reply-To: <07d939cb9c0fee924eeceae42fdbb282.NginxMailingListEnglish@forum.nginx.org> References: <20140531112745.GZ16942@daoine.org> <07d939cb9c0fee924eeceae42fdbb282.NginxMailingListEnglish@forum.nginx.org> Message-ID: <1401690101.458972078.6ulmzud3@frv34.fwdcdn.com> I have the same problem in my php-application. Admin folder is protected with auth_basic and the rest folders - without auth. I have not found any solution except code duplication for php location. --- Original message --- From: "TECK" Date: 2 June 2014, 06:47:47 > Francis, > > We are going in circles without reaching a solution. I think what I asked is > very clear and simple: > How do I avoid repeating a segment of configuration code assigned to @php > into various locations: > location @php { > try_files $uri =404; > fastcgi_split_path_info ^(.+\.php)(/.+)$; > fastcgi_pass fastcgi; > fastcgi_param PATH_INFO $fastcgi_path_info; > fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name; > include fastcgi.conf; > } > > The above configuration will never change, regardless in what location is > used: > location ^~ /alpha { > auth_basic "Restricted Access"; > auth_basic_user_file htpasswd; > try_files $uri $uri/ /alpha/index.php?$uri From no-reply at alllangin.com Mon Jun 2 06:31:22 2014 From: no-reply at alllangin.com (support) Date: Mon, 02 Jun 2014 10:31:22 +0400 Subject: Nginx 1.7.0: location @php In-Reply-To: <1401690101.458972078.6ulmzud3@frv34.fwdcdn.com> References: <20140531112745.GZ16942@daoine.org> <07d939cb9c0fee924eeceae42fdbb282.NginxMailingListEnglish@forum.nginx.org> <1401690101.458972078.6ulmzud3@frv34.fwdcdn.com> Message-ID: <538C1A3A.70306@alllangin.com> yes. update and test 02.06.2014 10:24, wishmaster ?????: > I have the same problem in my php-application. Admin folder is protected with auth_basic and the rest folders - without auth. I have not found any solution except code duplication for php location. > > > --- Original message --- > From: "TECK" > Date: 2 June 2014, 06:47:47 > > > >> Francis, >> >> We are going in circles without reaching a solution. I think what I asked is >> very clear and simple: >> How do I avoid repeating a segment of configuration code assigned to @php >> into various locations: >> location @php { >> try_files $uri =404; >> fastcgi_split_path_info ^(.+\.php)(/.+)$; >> fastcgi_pass fastcgi; >> fastcgi_param PATH_INFO $fastcgi_path_info; >> fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name; >> include fastcgi.conf; >> } >> >> The above configuration will never change, regardless in what location is >> used: >> location ^~ /alpha { >> auth_basic "Restricted Access"; >> auth_basic_user_file htpasswd; >> try_files $uri $uri/ /alpha/index.php?$uri > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > From shahzaib.cb at gmail.com Mon Jun 2 09:04:45 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Mon, 2 Jun 2014 14:04:45 +0500 Subject: Connection reset by peer error !! Message-ID: Hello, We're using nginx as reverse proxy in front of apache and following error occurs most of the time : 2014/06/02 01:00:28 [error] 3288#0: *6492138 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 141.0.10.83, server: domain.com, request: "GET /rss/recent HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: "domain.com" 2014/06/02 01:00:29 [error] 3288#0: *6492143 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 141.0.8.54, server: domain.com, request: "GET /rss/recent HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: "domain.com" 2014/06/02 01:00:31 [error] 3285#0: *6492195 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 119.160.119.47, server: domain.com, request: "GET /video/2437706/18-xxx-sex-hot HTTP/1.1", upstream: " http://127.0.0.1:7172/video/2437706/18-xxx-sex-hot", host: "domain.com", referrer: "http://www.google.com.pk/search?hl=en&ie=ISO-8859-1&q=xxxsex" Following is the nginx.conf : user tune; # no need for more workers in the proxy mode worker_processes 16; error_log /var/log/nginx/error.log error; error_log /var/log/nginx/error.log crit; #error_log /var/log/nginx/error.log; worker_rlimit_nofile 409600; events { worker_connections 102400; # increase for busier servers use epoll; # you should use epoll here for Linux kernels 2.6.x } http { server_name_in_redirect off; server_names_hash_max_size 10240; proxy_read_timeout 900; fastcgi_read_timeout 900; server_names_hash_bucket_size 1024; include mime.types; default_type application/octet-stream; server_tokens off; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 5; gzip on; gzip_vary on; gzip_disable "MSIE [1-6]\."; gzip_proxied any; gzip_http_version 1.0; gzip_min_length 1000; gzip_comp_level 6; gzip_buffers 16 8k; # You can remove image/png image/x-icon image/gif image/jpeg if you have slow CPU gzip_types text/plain text/xml text/css application/x-javascript application/javascript application/xml application/xml+rss text/javascript application/atom+xml; ignore_invalid_headers on; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; reset_timedout_connection on; connection_pool_size 256; client_header_buffer_size 256k; large_client_header_buffers 4 256k; client_max_body_size 2000M; client_body_buffer_size 128k; request_pool_size 32k; output_buffers 4 32k; postpone_output 1460; client_body_in_file_only on; log_format bytes_log "$msec $bytes_sent ."; include "/etc/nginx/conf.d/virtual.conf"; include "/etc/nginx/conf.d/beta.conf"; include "/etc/nginx/conf.d/admin.conf"; #include "/etc/nginx/conf.d/admin-ssl.conf"; } Regards. Shahzaib -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Mon Jun 2 09:59:46 2014 From: nginx-forum at nginx.us (Ventzy) Date: Mon, 02 Jun 2014 05:59:46 -0400 Subject: Wildcard proxy_cache_purge doesn't work In-Reply-To: References: Message-ID: <2f381646d888a78612e32c366981fe87.NginxMailingListEnglish@forum.nginx.org> I see. Thank you. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250519,250558#msg-250558 From reallfqq-nginx at yahoo.fr Mon Jun 2 10:06:24 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Mon, 2 Jun 2014 12:06:24 +0200 Subject: Connection reset by peer error !! In-Reply-To: References: Message-ID: '18-xxx-sex-hot' :oD Pro. --- *B. R.* On Mon, Jun 2, 2014 at 11:04 AM, shahzaib shahzaib wrote: > Hello, > > We're using nginx as reverse proxy in front of apache and > following error occurs most of the time : > > 2014/06/02 01:00:28 [error] 3288#0: *6492138 recv() failed (104: > Connection reset by peer) while reading response header from upstream, > client: 141.0.10.83, server: domain.com, request: "GET /rss/recent > HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: "domain.com > " > 2014/06/02 01:00:29 [error] 3288#0: *6492143 recv() failed (104: > Connection reset by peer) while reading response header from upstream, > client: 141.0.8.54, server: domain.com, request: "GET /rss/recent > HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: "domain.com > " > 2014/06/02 01:00:31 [error] 3285#0: *6492195 recv() failed (104: > Connection reset by peer) while reading response header from upstream, > client: 119.160.119.47, server: domain.com, request: "GET > /video/2437706/18-xxx-sex-hot HTTP/1.1", upstream: " > http://127.0.0.1:7172/video/2437706/18-xxx-sex-hot", host: "domain.com", > referrer: "http://www.google.com.pk/search?hl=en&ie=ISO-8859-1&q=xxxsex" > > Following is the nginx.conf : > > user tune; > # no need for more workers in the proxy mode > worker_processes 16; > error_log /var/log/nginx/error.log error; > error_log /var/log/nginx/error.log crit; > #error_log /var/log/nginx/error.log; > worker_rlimit_nofile 409600; > events { > worker_connections 102400; # increase for busier servers > use epoll; # you should use epoll here for Linux kernels 2.6.x > } > http { > server_name_in_redirect off; > server_names_hash_max_size 10240; > proxy_read_timeout 900; > fastcgi_read_timeout 900; > server_names_hash_bucket_size 1024; > include mime.types; > default_type application/octet-stream; > server_tokens off; > sendfile on; > tcp_nopush on; > tcp_nodelay on; > keepalive_timeout 5; > gzip on; > gzip_vary on; > gzip_disable "MSIE [1-6]\."; > gzip_proxied any; > gzip_http_version 1.0; > gzip_min_length 1000; > gzip_comp_level 6; > gzip_buffers 16 8k; > # You can remove image/png image/x-icon image/gif image/jpeg if you have > slow CPU > gzip_types text/plain text/xml text/css application/x-javascript > application/javascript application/xml application/xml+rss text/javascript > application/atom+xml; > ignore_invalid_headers on; > client_header_timeout 3m; > client_body_timeout 3m; > send_timeout 3m; > reset_timedout_connection on; > connection_pool_size 256; > client_header_buffer_size 256k; > large_client_header_buffers 4 256k; > client_max_body_size 2000M; > client_body_buffer_size 128k; > request_pool_size 32k; > output_buffers 4 32k; > postpone_output 1460; > client_body_in_file_only on; > log_format bytes_log "$msec $bytes_sent ."; > include "/etc/nginx/conf.d/virtual.conf"; > include "/etc/nginx/conf.d/beta.conf"; > include "/etc/nginx/conf.d/admin.conf"; > #include "/etc/nginx/conf.d/admin-ssl.conf"; > > } > > Regards. > Shahzaib > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From shahzaib.cb at gmail.com Mon Jun 2 10:13:36 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Mon, 2 Jun 2014 15:13:36 +0500 Subject: Connection reset by peer error !! In-Reply-To: References: Message-ID: Lol, well that was some URL link on our website :-D. Could you please help me instead of enjoying the xxx words :p On Mon, Jun 2, 2014 at 3:06 PM, B.R. wrote: > '18-xxx-sex-hot' :oD > > Pro. > --- > *B. R.* > > > On Mon, Jun 2, 2014 at 11:04 AM, shahzaib shahzaib > wrote: > >> Hello, >> >> We're using nginx as reverse proxy in front of apache and >> following error occurs most of the time : >> >> 2014/06/02 01:00:28 [error] 3288#0: *6492138 recv() failed (104: >> Connection reset by peer) while reading response header from upstream, >> client: 141.0.10.83, server: domain.com, request: "GET /rss/recent >> HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: " >> domain.com" >> 2014/06/02 01:00:29 [error] 3288#0: *6492143 recv() failed (104: >> Connection reset by peer) while reading response header from upstream, >> client: 141.0.8.54, server: domain.com, request: "GET /rss/recent >> HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: " >> domain.com" >> 2014/06/02 01:00:31 [error] 3285#0: *6492195 recv() failed (104: >> Connection reset by peer) while reading response header from upstream, >> client: 119.160.119.47, server: domain.com, request: "GET >> /video/2437706/18-xxx-sex-hot HTTP/1.1", upstream: " >> http://127.0.0.1:7172/video/2437706/18-xxx-sex-hot", host: "domain.com", >> referrer: "http://www.google.com.pk/search?hl=en&ie=ISO-8859-1&q=xxxsex" >> >> Following is the nginx.conf : >> >> user tune; >> # no need for more workers in the proxy mode >> worker_processes 16; >> error_log /var/log/nginx/error.log error; >> error_log /var/log/nginx/error.log crit; >> #error_log /var/log/nginx/error.log; >> worker_rlimit_nofile 409600; >> events { >> worker_connections 102400; # increase for busier servers >> use epoll; # you should use epoll here for Linux kernels 2.6.x >> } >> http { >> server_name_in_redirect off; >> server_names_hash_max_size 10240; >> proxy_read_timeout 900; >> fastcgi_read_timeout 900; >> server_names_hash_bucket_size 1024; >> include mime.types; >> default_type application/octet-stream; >> server_tokens off; >> sendfile on; >> tcp_nopush on; >> tcp_nodelay on; >> keepalive_timeout 5; >> gzip on; >> gzip_vary on; >> gzip_disable "MSIE [1-6]\."; >> gzip_proxied any; >> gzip_http_version 1.0; >> gzip_min_length 1000; >> gzip_comp_level 6; >> gzip_buffers 16 8k; >> # You can remove image/png image/x-icon image/gif image/jpeg if you have >> slow CPU >> gzip_types text/plain text/xml text/css application/x-javascript >> application/javascript application/xml application/xml+rss text/javascript >> application/atom+xml; >> ignore_invalid_headers on; >> client_header_timeout 3m; >> client_body_timeout 3m; >> send_timeout 3m; >> reset_timedout_connection on; >> connection_pool_size 256; >> client_header_buffer_size 256k; >> large_client_header_buffers 4 256k; >> client_max_body_size 2000M; >> client_body_buffer_size 128k; >> request_pool_size 32k; >> output_buffers 4 32k; >> postpone_output 1460; >> client_body_in_file_only on; >> log_format bytes_log "$msec $bytes_sent ."; >> include "/etc/nginx/conf.d/virtual.conf"; >> include "/etc/nginx/conf.d/beta.conf"; >> include "/etc/nginx/conf.d/admin.conf"; >> #include "/etc/nginx/conf.d/admin-ssl.conf"; >> >> } >> >> Regards. >> Shahzaib >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx >> > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From shahzaib.cb at gmail.com Mon Jun 2 10:15:21 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Mon, 2 Jun 2014 15:15:21 +0500 Subject: Connection reset by peer error !! In-Reply-To: References:

Message-ID: The website content is similar to youtube, random stuff. :-) Don't get it wrong. It's not a porn website :) On Mon, Jun 2, 2014 at 3:13 PM, shahzaib shahzaib wrote: > Lol, well that was some URL link on our website :-D. Could you please help > me instead of enjoying the xxx words :p > > > On Mon, Jun 2, 2014 at 3:06 PM, B.R. wrote: > >> '18-xxx-sex-hot' :oD >> >> Pro. >> --- >> *B. R.* >> >> >> On Mon, Jun 2, 2014 at 11:04 AM, shahzaib shahzaib > > wrote: >> >>> Hello, >>> >>> We're using nginx as reverse proxy in front of apache and >>> following error occurs most of the time : >>> >>> 2014/06/02 01:00:28 [error] 3288#0: *6492138 recv() failed (104: >>> Connection reset by peer) while reading response header from upstream, >>> client: 141.0.10.83, server: domain.com, request: "GET /rss/recent >>> HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: " >>> domain.com" >>> 2014/06/02 01:00:29 [error] 3288#0: *6492143 recv() failed (104: >>> Connection reset by peer) while reading response header from upstream, >>> client: 141.0.8.54, server: domain.com, request: "GET /rss/recent >>> HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: " >>> domain.com" >>> 2014/06/02 01:00:31 [error] 3285#0: *6492195 recv() failed (104: >>> Connection reset by peer) while reading response header from upstream, >>> client: 119.160.119.47, server: domain.com, request: "GET >>> /video/2437706/18-xxx-sex-hot HTTP/1.1", upstream: " >>> http://127.0.0.1:7172/video/2437706/18-xxx-sex-hot", host: "domain.com", >>> referrer: "http://www.google.com.pk/search?hl=en&ie=ISO-8859-1&q=xxxsex" >>> >>> Following is the nginx.conf : >>> >>> user tune; >>> # no need for more workers in the proxy mode >>> worker_processes 16; >>> error_log /var/log/nginx/error.log error; >>> error_log /var/log/nginx/error.log crit; >>> #error_log /var/log/nginx/error.log; >>> worker_rlimit_nofile 409600; >>> events { >>> worker_connections 102400; # increase for busier servers >>> use epoll; # you should use epoll here for Linux kernels 2.6.x >>> } >>> http { >>> server_name_in_redirect off; >>> server_names_hash_max_size 10240; >>> proxy_read_timeout 900; >>> fastcgi_read_timeout 900; >>> server_names_hash_bucket_size 1024; >>> include mime.types; >>> default_type application/octet-stream; >>> server_tokens off; >>> sendfile on; >>> tcp_nopush on; >>> tcp_nodelay on; >>> keepalive_timeout 5; >>> gzip on; >>> gzip_vary on; >>> gzip_disable "MSIE [1-6]\."; >>> gzip_proxied any; >>> gzip_http_version 1.0; >>> gzip_min_length 1000; >>> gzip_comp_level 6; >>> gzip_buffers 16 8k; >>> # You can remove image/png image/x-icon image/gif image/jpeg if you have >>> slow CPU >>> gzip_types text/plain text/xml text/css application/x-javascript >>> application/javascript application/xml application/xml+rss text/javascript >>> application/atom+xml; >>> ignore_invalid_headers on; >>> client_header_timeout 3m; >>> client_body_timeout 3m; >>> send_timeout 3m; >>> reset_timedout_connection on; >>> connection_pool_size 256; >>> client_header_buffer_size 256k; >>> large_client_header_buffers 4 256k; >>> client_max_body_size 2000M; >>> client_body_buffer_size 128k; >>> request_pool_size 32k; >>> output_buffers 4 32k; >>> postpone_output 1460; >>> client_body_in_file_only on; >>> log_format bytes_log "$msec $bytes_sent ."; >>> include "/etc/nginx/conf.d/virtual.conf"; >>> include "/etc/nginx/conf.d/beta.conf"; >>> include "/etc/nginx/conf.d/admin.conf"; >>> #include "/etc/nginx/conf.d/admin-ssl.conf"; >>> >>> } >>> >>> Regards. >>> Shahzaib >>> >>> _______________________________________________ >>> nginx mailing list >>> nginx at nginx.org >>> http://mailman.nginx.org/mailman/listinfo/nginx >>> >> >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From es12b1001 at iith.ac.in Mon Jun 2 10:45:09 2014 From: es12b1001 at iith.ac.in (Adarsh Pugalia) Date: Mon, 2 Jun 2014 16:15:09 +0530 Subject: How do i free memory when my master process ends? Message-ID: I am allocating memory using malloc for some of my variables in my module. I know i can call an exit master process, but how do i access my variables in that function. I tried finding some examples, but didnt find any. Can anyone guide me through this. -------------- next part -------------- An HTML attachment was scrubbed... URL: From contact at jpluscplusm.com Mon Jun 2 11:51:43 2014 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Mon, 2 Jun 2014 12:51:43 +0100 Subject: Nginx 1.7.0: location @php In-Reply-To: <07d939cb9c0fee924eeceae42fdbb282.NginxMailingListEnglish@forum.nginx.org> References: <20140531112745.GZ16942@daoine.org> <07d939cb9c0fee924eeceae42fdbb282.NginxMailingListEnglish@forum.nginx.org> Message-ID: On 2 June 2014 04:47, TECK wrote: > Francis, > > We are going in circles without reaching a solution Fortunately, this being a *public* *mailing* *list*, and Francis (along with almost every other subscriber) giving his time, experience and opinions for free, you are definitely no worse off than when you started. Actually, however, you're demonstrably better off, as Francis has both attempted to help you go through the kind of troubleshooting process that will serve you well if you apply it (Message-ID 20140525132809.GN16942 at daoine.org) and ... > I think what I asked is > very clear and simple: > How do I avoid repeating a segment of configuration code assigned to @php > into various locations: ... he has given you the answer to this question - that you clearly thought you began by asking, but didn't. In Message-ID 20140531112745.GZ16942 at daoine.org. HTH. From mdounin at mdounin.ru Mon Jun 2 12:26:13 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 2 Jun 2014 16:26:13 +0400 Subject: Email Reverse Proxy issue In-Reply-To: <4efec97591f89c67ee99a2741d671b74.NginxMailingListEnglish@forum.nginx.org> References: <4efec97591f89c67ee99a2741d671b74.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140602122613.GA1849@mdounin.ru> Hello! On Sun, Jun 01, 2014 at 06:30:49AM -0400, omercz wrote: > I am using Nginx as an Email reverse proxy. > The email client sends a request to the nginx, the nginx fetch the WHOLE > email(message) from exchange server, and only then manipulates it and sends > it back to client. This is not how nginx mail proxy works. > Email Client<---->Nginx<----> Office 365 > > Everything is working great, besides the following problem, the Email client > has a timeout of 30 seconds, > but sometimes it can take the Nginx to download the whole email more the > 30sec (if it has a big attachment). > > My question is as follow: > In the meantime can the nginx send 'something' to the client to keep him > aware that something is being downloaded ? > Right now I have an ugly patch that sends on the open socket 'blanks' to the > client every 20 seconds, until the nginx can send him the whole file. After an authentication, nginx just establises opaque pipe between a client and a server. Therefore, if the server sends anything, it will be immediately passed to the client. -- Maxim Dounin http://nginx.org/ From shahzaib.cb at gmail.com Mon Jun 2 13:17:40 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Mon, 2 Jun 2014 18:17:40 +0500 Subject: Connection reset by peer error !! In-Reply-To: References:

Message-ID: kept on getting those timeouts. recv() failed (104: Connection reset by peer) while reading response header from upstream On Mon, Jun 2, 2014 at 3:15 PM, shahzaib shahzaib wrote: > The website content is similar to youtube, random stuff. :-) Don't get it > wrong. It's not a porn website :) > > > On Mon, Jun 2, 2014 at 3:13 PM, shahzaib shahzaib > wrote: > >> Lol, well that was some URL link on our website :-D. Could you please >> help me instead of enjoying the xxx words :p >> >> >> On Mon, Jun 2, 2014 at 3:06 PM, B.R. wrote: >> >>> '18-xxx-sex-hot' :oD >>> >>> Pro. >>> --- >>> *B. R.* >>> >>> >>> On Mon, Jun 2, 2014 at 11:04 AM, shahzaib shahzaib < >>> shahzaib.cb at gmail.com> wrote: >>> >>>> Hello, >>>> >>>> We're using nginx as reverse proxy in front of apache and >>>> following error occurs most of the time : >>>> >>>> 2014/06/02 01:00:28 [error] 3288#0: *6492138 recv() failed (104: >>>> Connection reset by peer) while reading response header from upstream, >>>> client: 141.0.10.83, server: domain.com, request: "GET /rss/recent >>>> HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: " >>>> domain.com" >>>> 2014/06/02 01:00:29 [error] 3288#0: *6492143 recv() failed (104: >>>> Connection reset by peer) while reading response header from upstream, >>>> client: 141.0.8.54, server: domain.com, request: "GET /rss/recent >>>> HTTP/1.1", upstream: "http://127.0.0.1:7172/rss/recent", host: " >>>> domain.com" >>>> 2014/06/02 01:00:31 [error] 3285#0: *6492195 recv() failed (104: >>>> Connection reset by peer) while reading response header from upstream, >>>> client: 119.160.119.47, server: domain.com, request: "GET >>>> /video/2437706/18-xxx-sex-hot HTTP/1.1", upstream: " >>>> http://127.0.0.1:7172/video/2437706/18-xxx-sex-hot", host: "domain.com", >>>> referrer: "http://www.google.com.pk/search?hl=en&ie=ISO-8859-1&q=xxxsex >>>> " >>>> >>>> Following is the nginx.conf : >>>> >>>> user tune; >>>> # no need for more workers in the proxy mode >>>> worker_processes 16; >>>> error_log /var/log/nginx/error.log error; >>>> error_log /var/log/nginx/error.log crit; >>>> #error_log /var/log/nginx/error.log; >>>> worker_rlimit_nofile 409600; >>>> events { >>>> worker_connections 102400; # increase for busier servers >>>> use epoll; # you should use epoll here for Linux kernels 2.6.x >>>> } >>>> http { >>>> server_name_in_redirect off; >>>> server_names_hash_max_size 10240; >>>> proxy_read_timeout 900; >>>> fastcgi_read_timeout 900; >>>> server_names_hash_bucket_size 1024; >>>> include mime.types; >>>> default_type application/octet-stream; >>>> server_tokens off; >>>> sendfile on; >>>> tcp_nopush on; >>>> tcp_nodelay on; >>>> keepalive_timeout 5; >>>> gzip on; >>>> gzip_vary on; >>>> gzip_disable "MSIE [1-6]\."; >>>> gzip_proxied any; >>>> gzip_http_version 1.0; >>>> gzip_min_length 1000; >>>> gzip_comp_level 6; >>>> gzip_buffers 16 8k; >>>> # You can remove image/png image/x-icon image/gif image/jpeg if you >>>> have slow CPU >>>> gzip_types text/plain text/xml text/css application/x-javascript >>>> application/javascript application/xml application/xml+rss text/javascript >>>> application/atom+xml; >>>> ignore_invalid_headers on; >>>> client_header_timeout 3m; >>>> client_body_timeout 3m; >>>> send_timeout 3m; >>>> reset_timedout_connection on; >>>> connection_pool_size 256; >>>> client_header_buffer_size 256k; >>>> large_client_header_buffers 4 256k; >>>> client_max_body_size 2000M; >>>> client_body_buffer_size 128k; >>>> request_pool_size 32k; >>>> output_buffers 4 32k; >>>> postpone_output 1460; >>>> client_body_in_file_only on; >>>> log_format bytes_log "$msec $bytes_sent ."; >>>> include "/etc/nginx/conf.d/virtual.conf"; >>>> include "/etc/nginx/conf.d/beta.conf"; >>>> include "/etc/nginx/conf.d/admin.conf"; >>>> #include "/etc/nginx/conf.d/admin-ssl.conf"; >>>> >>>> } >>>> >>>> Regards. >>>> Shahzaib >>>> >>>> _______________________________________________ >>>> nginx mailing list >>>> nginx at nginx.org >>>> http://mailman.nginx.org/mailman/listinfo/nginx >>>> >>> >>> >>> _______________________________________________ >>> nginx mailing list >>> nginx at nginx.org >>> http://mailman.nginx.org/mailman/listinfo/nginx >>> >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Mon Jun 2 13:51:42 2014 From: nginx-forum at nginx.us (crespin) Date: Mon, 02 Jun 2014 09:51:42 -0400 Subject: Proposal minor patch on ngx_http_upstream.c Message-ID: <9f395830d9963bbb331d8106a78fc773.NginxMailingListEnglish@forum.nginx.org> Hello, errno is only set on error, so if |recv()| is a success, |err| will have a random value. Only debug message are impacted. Can you check if it is ok? Comments are welcome. Feel free to change the patch. Regards, yves --- nginx-1.6.0/src/http/ngx_http_upstream.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/nginx-1.6.0/src/http/ngx_http_upstream.c b/nginx-1.6.0/src/http/ngx index 040bda1..f60acb3 100644 --- a/nginx-1.6.0/src/http/ngx_http_upstream.c +++ b/nginx-1.6.0/src/http/ngx_http_upstream.c @@ -1128,7 +1128,7 @@ ngx_http_upstream_check_broken_connection(ngx_http_request_t *r, n = recv(c->fd, buf, 1, MSG_PEEK); - err = ngx_socket_errno; + err = n == 1 ? ngx_socket_errno : 0; ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ev->log, err, "http upstream recv(): %d", n); @@ -1158,9 +1158,6 @@ ngx_http_upstream_check_broken_connection(ngx_http_request_t *r, } ev->error = 1; - - } else { /* n == 0 */ - err = 0; } ev->eof = 1; -- 1.7.10.4 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250570,250570#msg-250570 From vishal.mestri at cloverinfotech.com Mon Jun 2 13:48:48 2014 From: vishal.mestri at cloverinfotech.com (Vishal Mestri) Date: Mon, 02 Jun 2014 19:18:48 +0530 (IST) Subject: Issue nginx - ajax In-Reply-To: <0db8aa0b-11d7-405c-ab3e-b0b01dba03f6@mail.cloverinfotech.com> Message-ID: <144f3e89-bd37-4ab4-9193-00308f241e3c@mail.cloverinfotech.com> Hi All and B.R. We tested on Apache as well and we faced same issue. Further, we disabled Antivirus on our client machine.(where we are accessing browser). Post that, we did following reverse proxy configuration on Nginx. When we receive request on 443 port, it will be sent to 80 port. When we receive request on 6401 port , it will be sent to 6400 port. This configuration without SSL worked on IE 10, Chrome and firefox as well. Further, as soon as , I turned on SSL configuration on port 443 and 6401 for Nginx, we faced old issue. i.e. site worked on Chrome, but not on firefox and IE. Further, we got following error on error log for firefox only. *29 SSL_read() failed (SSL: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:SSL alert number 48) while waiting for request, client: 203.115.123.90, server: 0.0.0.0:6401 We used below commands to generate ssl certificates:- openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt Thanks & Regards, Vishal Mestri ----- Original Message ----- From: "Vishal Mestri" To: nginx at nginx.org Sent: Tuesday, May 27, 2014 10:05:54 AM Subject: Re: Issue nginx - ajax Thanks B. R. for your immediate reply. Configuration file which we are using is attached along with the email. We want following functions:- On our server there are two services running. One on 80 port and another one on 6400 port. We want to use Nginx as product which can help us to SSL enable both services and these services does not have capabilities to be SSL Enabled. Thus, we want to Nginx to listen on two SSL Port 443 and 6401. When Nginx receives request on port 443 , it will reverse proxy that request to service running on 80 port. And when Nginx receives request on port 6401 , it will reverse proxy that request to service running on 6400 port. Service which is running on 80 port is apache tomcat, where as service running on port 6400 is proprietary product which is called using AJAX. This configuration is working very well on chrome, but we are facing issue on Internet explorer 8 onwards. Please let us know if shared configuration is correct or not. Thank you very much for reply. We have started looking in apache , but still it is in RnD phase. Thanks & Regards, Vishal Mestri ----- Original Message ----- From: "B.R." To: "Nginx ML" Sent: Monday, May 26, 2014 7:25:47 PM Subject: Re: Issue nginx - ajax If you wanted more help, you could provide some of the following: - Your configuration and what you expect it to do - The step you took to check the communication between nginx and your backend (the dumps of tcpdump) with details of what you expected Logs only show applied configuration (which might be faulty) do. However, if your decision is already made, then good luck with Apache or squid ;o) --- B. R. _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From trapni at gmail.com Mon Jun 2 14:00:28 2014 From: trapni at gmail.com (Christian Parpart) Date: Mon, 2 Jun 2014 16:00:28 +0200 Subject: $rquest_time for only the time it spent getting data from the upstream Message-ID: Hey all, we used $request_time in the past to measure how long it took to serve certain pages, this was never the problem, because there was something in front of nginx, thus, the client read/write operatings didn't influence the $request_time as much as a real client would. However, now, that we'd like to skip that extra level of indirection, we can't actually measure the time it took to actually process the request, as $request_time now kind of doubles because internet clients are slow usually. So is there a way to log the time the request handler required to "just handle the request internally", without the reads and writes from/to the client? Many thanks in advance, Christian Parpart. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ru at nginx.com Mon Jun 2 14:18:57 2014 From: ru at nginx.com (Ruslan Ermilov) Date: Mon, 2 Jun 2014 18:18:57 +0400 Subject: Proposal minor patch on ngx_http_upstream.c In-Reply-To: <9f395830d9963bbb331d8106a78fc773.NginxMailingListEnglish@forum.nginx.org> References: <9f395830d9963bbb331d8106a78fc773.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140602141857.GB25209@lo0.su> On Mon, Jun 02, 2014 at 09:51:42AM -0400, crespin wrote: > Hello, > > errno is only set on error, so if |recv()| is a success, |err| will have a > random value. > Only debug message are impacted. > Can you check if it is ok? > Comments are welcome. > Feel free to change the patch. > > Regards, > > yves > > > --- > nginx-1.6.0/src/http/ngx_http_upstream.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > > diff --git a/nginx-1.6.0/src/http/ngx_http_upstream.c > b/nginx-1.6.0/src/http/ngx > index 040bda1..f60acb3 100644 > --- a/nginx-1.6.0/src/http/ngx_http_upstream.c > +++ b/nginx-1.6.0/src/http/ngx_http_upstream.c > @@ -1128,7 +1128,7 @@ > ngx_http_upstream_check_broken_connection(ngx_http_request_t *r, > > n = recv(c->fd, buf, 1, MSG_PEEK); > > - err = ngx_socket_errno; > + err = n == 1 ? ngx_socket_errno : 0; (n == -1) > > ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ev->log, err, > "http upstream recv(): %d", n); > @@ -1158,9 +1158,6 @@ > ngx_http_upstream_check_broken_connection(ngx_http_request_t *r, > } > > ev->error = 1; > - > - } else { /* n == 0 */ > - err = 0; > } > > ev->eof = 1; > > -- > 1.7.10.4 > > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250570,250570#msg-250570 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -- Ruslan Ermilov From mdounin at mdounin.ru Mon Jun 2 14:48:28 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 2 Jun 2014 18:48:28 +0400 Subject: $rquest_time for only the time it spent getting data from the upstream In-Reply-To: References: Message-ID: <20140602144828.GD1849@mdounin.ru> Hello! On Mon, Jun 02, 2014 at 04:00:28PM +0200, Christian Parpart wrote: > Hey all, > > we used $request_time in the past to measure how long it took to serve > certain pages, this was never the problem, because there was something in > front of nginx, thus, the client read/write operatings didn't influence the > $request_time as much as a real client would. > > However, now, that we'd like to skip that extra level of indirection, we > can't actually measure the time it took to actually process the request, as > $request_time now kind of doubles because internet clients are slow usually. > > So is there a way to log the time the request handler required to "just > handle the request internally", without the reads and writes from/to the > client? Try looking at the $upstream_response_time variable, see here for details: http://nginx.org/r/$upstream_response_time -- Maxim Dounin http://nginx.org/ From mdounin at mdounin.ru Mon Jun 2 14:52:01 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 2 Jun 2014 18:52:01 +0400 Subject: Connection reset by peer error !! In-Reply-To: References: Message-ID: <20140602145201.GE1849@mdounin.ru> Hello! On Mon, Jun 02, 2014 at 02:04:45PM +0500, shahzaib shahzaib wrote: > Hello, > > We're using nginx as reverse proxy in front of apache and > following error occurs most of the time : > > 2014/06/02 01:00:28 [error] 3288#0: *6492138 recv() failed (104: Connection > reset by peer) while reading response header from upstream, client: > 141.0.10.83, server: domain.com, request: "GET /rss/recent HTTP/1.1", > upstream: "http://127.0.0.1:7172/rss/recent", host: "domain.com" [...] Your upstream server isn't working properly, and resets connections. There is more or less nothing to do on nginx side, try looking into the upstream server instead. -- Maxim Dounin http://nginx.org/ From mdounin at mdounin.ru Mon Jun 2 15:32:02 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 2 Jun 2014 19:32:02 +0400 Subject: Invalid ports added in redirects on AWS EC2 nginx In-Reply-To: References: Message-ID: <20140602153202.GF1849@mdounin.ru> Hello! On Sun, Jun 01, 2014 at 01:48:09PM -0400, allang wrote: > On AWS, I'm trying to migrate a PHP Symfony app running on nginx. I want to > be able to test the app by directly talking to the EC2 server and via an > Elastic Load Balancer (ELB -the public route in). > > I've setup the ELB to decrypt all the SSL traffic and pass this on to my EC2 > server via port 80, as well as pass port 80 directly onto my EC2 server via > port 80. > > Initially this caused infinite redirects in my app but I researched and then > fixed this by adding > > fastcgi_param HTTPS $https; > with some custom logic that looks at $http_x_forwarded_proto to figure out > when its actually via SSL. > > There remains one issue I can't solve. When a user logs into the Symfony > app, if they come via the ELB, the form POST eventually returns a redirect > back to https://elb.mysite.com:80/dashboard instead of > https://elb.mysite.com/dashboard which gives the user an error of "SSL > connection error". > > I've tried setting > > fastcgi_param SERVER_PORT $fastcgi_port; > to force it away from 80 and I've also added the [...] > fastcgi_param HTTPS $fastcgi_https; > # fastcgi_param SERVER_PORT $fastcgi_port; > #fastcgi_index index.php; > fastcgi_param SCRIPT_FILENAME > /var/www/vhosts/mysite.com/web$fastcgi_script_name; > include fastcgi_params; Make sure you've commented out SERVER_PORT from the fastcgi_params file. -- Maxim Dounin http://nginx.org/ From nginx-forum at nginx.us Mon Jun 2 15:37:31 2014 From: nginx-forum at nginx.us (crespin) Date: Mon, 02 Jun 2014 11:37:31 -0400 Subject: Proposal minor patch on ngx_http_upstream.c In-Reply-To: <20140602141857.GB25209@lo0.su> References: <20140602141857.GB25209@lo0.su> Message-ID: <05ef057b3763a12ffcc15d73c83ded2c.NginxMailingListEnglish@forum.nginx.org> Hello Ruslan, Thanks for your remark. Is it necessary to send the correct patch ? Regards, yves Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250570,250579#msg-250579 From mdounin at mdounin.ru Mon Jun 2 15:56:08 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 2 Jun 2014 19:56:08 +0400 Subject: How do i free memory when my master process ends? In-Reply-To: References: Message-ID: <20140602155608.GH1849@mdounin.ru> Hello! On Mon, Jun 02, 2014 at 04:15:09PM +0530, Adarsh Pugalia wrote: > I am allocating memory using malloc for some of my variables in my module. > I know i can call an exit master process, but how do i access my variables > in that function. I tried finding some examples, but didnt find any. Can > anyone guide me through this. Resource allocation and deallocations are usually done with pools in nginx. If you want to do some allocations which aren't from pool (e.g., an opened file, or a memory allocated directly with malloc() for some reason), it's usually good idea to add a pool cleanup to do required deallocation when coresponding pool will be destroyed. Try looking into the code for ngx_pool_cleanup_add(), there are lots of examples. -- Maxim Dounin http://nginx.org/ From nhadie at gmail.com Mon Jun 2 16:08:17 2014 From: nhadie at gmail.com (ron ramos) Date: Tue, 3 Jun 2014 00:08:17 +0800 Subject: Invalid ports added in redirects on AWS EC2 nginx In-Reply-To: References: Message-ID: how about binding it to another port like 8080. so elb will receive request as https port 443 and send it to ec2 instance via http port 8080. will that help? regards, nhadie On 2 Jun 2014 01:48, "allang" wrote: > On AWS, I'm trying to migrate a PHP Symfony app running on nginx. I want to > be able to test the app by directly talking to the EC2 server and via an > Elastic Load Balancer (ELB -the public route in). > > I've setup the ELB to decrypt all the SSL traffic and pass this on to my > EC2 > server via port 80, as well as pass port 80 directly onto my EC2 server via > port 80. > > Initially this caused infinite redirects in my app but I researched and > then > fixed this by adding > > fastcgi_param HTTPS $https; > with some custom logic that looks at $http_x_forwarded_proto to figure out > when its actually via SSL. > > There remains one issue I can't solve. When a user logs into the Symfony > app, if they come via the ELB, the form POST eventually returns a redirect > back to https://elb.mysite.com:80/dashboard instead of > https://elb.mysite.com/dashboard which gives the user an error of "SSL > connection error". > > I've tried setting > > fastcgi_param SERVER_PORT $fastcgi_port; > to force it away from 80 and I've also added the > > port_in_redirect off > directive but both make no difference. > > The only way I've found to fix this is to alter the ELB 443 listener to > pass > traffic via https. The EC2 server has a self certified SSL certificate > configured. But this means the EC2 server is wasting capacity performing > this unnecessary 2nd decryption. > > Any help very much appreciated. Maybe there is a separate way within nginx > of telling POST requests to not apply port numbers? > > Nginx vhost config: > server { > port_in_redirect off; > > listen 80; > listen 443 ssl; > > ssl_certificate /etc/nginx/ssl/mysite.com/self-ssl.crt; > ssl_certificate_key /etc/nginx/ssl/mysite.com/self-ssl.key; > > # Determine if HTTPS being used either locally or via ELB > set $fastcgi_https off; > set $fastcgi_port 80; > if ( $http_x_forwarded_proto = 'https' ) { > # ELB is using https > set $fastcgi_https on; > # set $fastcgi_port 443; > } > if ( $https = 'on' ) { > # Local connection is using https > set $fastcgi_https on; > # set $fastcgi_port 443; > } > > server_name *.mysite.com > my-mysite-com-1234.eu-west-1.elb.amazonaws.com; > > access_log /var/log/nginx/access.log; > error_log /var/log/nginx/error.log error; > > rewrite ^/app\.php/?(.*)$ /$1 permanent; > > location / { > port_in_redirect off; > root /var/www/vhosts/mysite.com/web; > index app.php index.php index.html index.html; > try_files $uri @rewriteapp; > } > > location ~* \.(jpg|jpeg|gif|png)$ { > root /var/www/vhosts/mysite.com/web; > access_log off; > log_not_found off; > expires 30d; > } > > location ~* \.(css|js)$ { > root /var/www/vhosts/mysite.com/web; > access_log off; > log_not_found off; > expires 2h; > } > > location @rewriteapp { > rewrite ^(.*)$ /app.php/$1 last; > } > > location ~ ^/(app|app_dev|config)\.php(/|$) { > port_in_redirect off; > fastcgi_pass 127.0.0.1:9000; > fastcgi_split_path_info ^(.+\.php)(/.*)$; > fastcgi_param HTTPS $fastcgi_https; > # fastcgi_param SERVER_PORT $fastcgi_port; > #fastcgi_index index.php; > fastcgi_param SCRIPT_FILENAME > /var/www/vhosts/mysite.com/web$fastcgi_script_name; > include fastcgi_params; > } > } > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,250545,250545#msg-250545 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From shahzaib.cb at gmail.com Mon Jun 2 16:29:18 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Mon, 2 Jun 2014 21:29:18 +0500 Subject: Connection reset by peer error !! In-Reply-To: <20140602145201.GE1849@mdounin.ru> References: <20140602145201.GE1849@mdounin.ru> Message-ID: thanks @Maxim, our upstream server is apache and there are not any suspicious error_logs in apache. We're getting one reset error every 3 hours. Is there any clue to find the root cause of apache problem ? I know its nginx forum, sorry for off-topic. On Mon, Jun 2, 2014 at 7:52 PM, Maxim Dounin wrote: > Hello! > > On Mon, Jun 02, 2014 at 02:04:45PM +0500, shahzaib shahzaib wrote: > > > Hello, > > > > We're using nginx as reverse proxy in front of apache and > > following error occurs most of the time : > > > > 2014/06/02 01:00:28 [error] 3288#0: *6492138 recv() failed (104: > Connection > > reset by peer) while reading response header from upstream, client: > > 141.0.10.83, server: domain.com, request: "GET /rss/recent HTTP/1.1", > > upstream: "http://127.0.0.1:7172/rss/recent", host: "domain.com" > > [...] > > Your upstream server isn't working properly, and resets > connections. There is more or less nothing to do on nginx side, > try looking into the upstream server instead. > > -- > Maxim Dounin > http://nginx.org/ > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Mon Jun 2 16:44:31 2014 From: nginx-forum at nginx.us (allang) Date: Mon, 02 Jun 2014 12:44:31 -0400 Subject: Invalid ports added in redirects on AWS EC2 nginx In-Reply-To: <20140602153202.GF1849@mdounin.ru> References: <20140602153202.GF1849@mdounin.ru> Message-ID: <05a4be0e26d23ca4692bee9088c81749.NginxMailingListEnglish@forum.nginx.org> That's fixed it ! Thanks Maxim. You are a lifesaver. Much appreciated. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250545,250586#msg-250586 From nginx-forum at nginx.us Mon Jun 2 18:09:53 2014 From: nginx-forum at nginx.us (Satake) Date: Mon, 02 Jun 2014 14:09:53 -0400 Subject: Browser showing headers and Gziped code inside body. Message-ID: I'm currently using nginx/1.4.7 and for some reason a client is complaining that the page is showing with errors in both his browsers (Firefox and IE). The error in question is the following: https://www.dropbox.com/s/wnpjyyq01j7l5qg/Problemas%20ao%20inserir%20post.jpg Does anyone have any suggestion or idea of why this is happening? Regards. $ nginx -V nginx version: nginx/1.4.7 built by gcc 4.7.2 (Debian 4.7.2-5) TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt=-Wl,-z,relro --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-file-aio --with-http_spdy_module --with-http_addition_module --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gzip_static_module --with-http_gunzip_module --with-http_image_filter_module --with-http_mp4_module --with-http_perl_module --with-http_random_index_module --with-http_secure_link_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/headers-more-nginx-module --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-auth-ldap --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-auth-pam --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-cache-purge --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-dav-ext-module --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-development-kit --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-echo --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/ngx-fancyindex --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-push-stream-module --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-lua --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-upload-progress --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-upstream-fair --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-syslog --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/ngx_http_pinba_module --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/ngx_http_substitutions_filter_module --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/ngx_pagespeed --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-x-rid-header --with-ld-opt=-lossp-uuid Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250588,250588#msg-250588 From qwrules at gmail.com Mon Jun 2 18:16:22 2014 From: qwrules at gmail.com (KC) Date: Mon, 02 Jun 2014 20:16:22 +0200 Subject: Can't get nginx to work with Adminer nor phpMyadmin Message-ID: <538CBF76.5090208@gmail.com> I have been trying to set up Nginx with Adminer (and phpMyadmin), but I can't seem to get it to work. Here are my config files: /etc/nginx/nginx.conf: http://pastebin.com/uNTAwuTp* * /etc/nginx/sites-available/adminer: http://pastebin.com/cpwK1Bz2 But still if I go to http://server.ip/adminer I only get "404 Not Found" error. What am I doing wrong? From reallfqq-nginx at yahoo.fr Mon Jun 2 18:37:04 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Mon, 2 Jun 2014 20:37:04 +0200 Subject: Browser showing headers and Gziped code inside body. In-Reply-To: References: Message-ID: What you provided clearly shows that nginx has been compiled with 3rd-party modules. Standard debugging procedures suggest: 1?) Removal all 3rd-party modules to address issues in core nginx only 2?) If not enough, check your logs to see if anything appears in them regarding that client connection(s) 3?) If not enough, read official nginx docs for instructions on how to activate debug log If 2?) or 3?) are relevant (ie problem with core nginx still appears to your client), please provide the collected logs/errors messages here. --- *B. R.* On Mon, Jun 2, 2014 at 8:09 PM, Satake wrote: > I'm currently using nginx/1.4.7 and for some reason a client is complaining > that the page is showing with errors in both his browsers (Firefox and IE). > > The error in question is the following: > > > https://www.dropbox.com/s/wnpjyyq01j7l5qg/Problemas%20ao%20inserir%20post.jpg > > Does anyone have any suggestion or idea of why this is happening? > > Regards. > > $ nginx -V > nginx version: nginx/1.4.7 > built by gcc 4.7.2 (Debian 4.7.2-5) > TLS SNI support enabled > configure arguments: --with-cc-opt='-g -O2 -fstack-protector > --param=ssp-buffer-size=4 -Wformat -Werror=format-security > -D_FORTIFY_SOURCE=2' --with-ld-opt=-Wl,-z,relro --prefix=/usr/share/nginx > --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log > --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock > --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body > --http-fastcgi-temp-path=/var/lib/nginx/fastcgi > --http-proxy-temp-path=/var/lib/nginx/proxy > --http-scgi-temp-path=/var/lib/nginx/scgi > --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit > --with-ipv6 --with-http_ssl_module --with-http_stub_status_module > --with-http_realip_module --with-file-aio --with-http_spdy_module > --with-http_addition_module --with-http_dav_module --with-http_flv_module > --with-http_geoip_module --with-http_gzip_static_module > --with-http_gunzip_module --with-http_image_filter_module > --with-http_mp4_module --with-http_perl_module > --with-http_random_index_module --with-http_secure_link_module > --with-http_spdy_module --with-http_sub_module --with-http_xslt_module > --with-mail --with-mail_ssl_module > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/headers-more-nginx-module > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-auth-ldap > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-auth-pam > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-cache-purge > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-dav-ext-module > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-development-kit > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-echo > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/ngx-fancyindex > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-push-stream-module > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-lua > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-upload-progress > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-upstream-fair > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-syslog > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/ngx_http_pinba_module > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/ngx_http_substitutions_filter_module > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/ngx_pagespeed > > --add-module=/usr/src/nginx/source/nginx-1.4.7/debian/modules/nginx-x-rid-header > --with-ld-opt=-lossp-uuid > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,250588,250588#msg-250588 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From reallfqq-nginx at yahoo.fr Mon Jun 2 18:43:01 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Mon, 2 Jun 2014 20:43:01 +0200 Subject: Can't get nginx to work with Adminer nor phpMyadmin In-Reply-To: <538CBF76.5090208@gmail.com> References: <538CBF76.5090208@gmail.com> Message-ID: The right link for you nginx.conf is: http://pastebin.com/uNTAwuTp You could at least had that properly done... Copy-pasting nginx configuration from somewhere else without understanding it has little chances of success. What have you tried to configure? What do you expect from it (which directive does what)? Please copy the *relevant* parts of your configuration in your messages here so further reference will be understandable. --- *B. R.* On Mon, Jun 2, 2014 at 8:16 PM, KC wrote: > I have been trying to set up Nginx with Adminer (and phpMyadmin), but I > can't seem to get it to work. > > Here are my config files: > > /etc/nginx/nginx.conf: > http://pastebin.com/uNTAwuTp* > * > /etc/nginx/sites-available/adminer: > http://pastebin.com/cpwK1Bz2 > > > But still if I go to http://server.ip/adminer > > I only get "404 Not Found" error. > > What am I doing wrong? > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From qwrules at gmail.com Mon Jun 2 20:12:03 2014 From: qwrules at gmail.com (KC) Date: Mon, 02 Jun 2014 22:12:03 +0200 Subject: Can't get nginx to work with Adminer nor phpMyadmin In-Reply-To: References: <538CBF76.5090208@gmail.com> Message-ID: <538CDA93.2010002@gmail.com> Sorry about the link. Don't know how it happened. So, the portions in question of nginx.conf are: ----------------------------------------------------------------- server { server_name phpmyadmin.; root /usr/share/webapps/phpMyAdmin; index index.php; location ~ \.php$ { try_files $uri =404; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; include fastcgi.conf; } } server { server_name adminer.; root /usr/share/webapps/adminer; index index.php; location ~ \.php$ { try_files $uri =404; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; include fastcgi.conf; } } ----------------------------------------------------------------- And the /etc/nginx/sites-available/adminer file is: ----------------------------------------------------------------- server { listen 80; server_name adminer; index adminer-3.3.3.php; set $root_path '/usr/share/webapps/adminer'; root $root_path; try_files $uri $uri/ @rewrite; location @rewrite { rewrite ^/(.*)$ /index.php?_url=/$1; } location ~ \.php { fastcgi_pass unix:/run/php5-fpm.sock; fastcgi_index /adminer-3.3.3.php; include /etc/nginx/fastcgi_params; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } location ~* ^/(css|img|js|flv|swf|download)/(.+)$ { root $root_path; } location ~ /\.ht { deny all; } } ----------------------------------------------------------------- I don't know if this file is necessary. The howtos for making Adminer/phpMyadmin work with Nginx are very limited to non-existent. I want to be able to type http://ipaddress/phpmyadmin (or adminer) and see its respective interface. But as it is now, I only get 404 error. On 02/06/14 20:43, B.R. wrote: > The right link for you nginx.conf is: > http://pastebin.com/uNTAwuTp > You could at least had that properly done... > > Copy-pasting nginx configuration from somewhere else without > understanding it has little chances of success. > > What have you tried to configure? > What do you expect from it (which directive does what)? > > Please copy the /*relevant*/ parts of your configuration in your > messages here so further reference will be understandable. > --- > *B. R.* > > > On Mon, Jun 2, 2014 at 8:16 PM, KC > wrote: > > I have been trying to set up Nginx with Adminer (and phpMyadmin), > but I can't seem to get it to work. > > Here are my config files: > > /etc/nginx/nginx.conf: > http://pastebin.com/uNTAwuTp* > * > /etc/nginx/sites-available/__adminer: > http://pastebin.com/cpwK1Bz2 > > > But still if I go to http://server.ip/adminer > > I only get "404 Not Found" error. > > What am I doing wrong? > > _________________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/__mailman/listinfo/nginx > > > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > From francis at daoine.org Mon Jun 2 23:12:48 2014 From: francis at daoine.org (Francis Daly) Date: Tue, 3 Jun 2014 00:12:48 +0100 Subject: Can't get nginx to work with Adminer nor phpMyadmin In-Reply-To: <538CDA93.2010002@gmail.com> References: <538CBF76.5090208@gmail.com> <538CDA93.2010002@gmail.com> Message-ID: <20140602231248.GB16942@daoine.org> On Mon, Jun 02, 2014 at 10:12:03PM +0200, KC wrote: Hi there, > I want to be able to type http://ipaddress/phpmyadmin (or adminer) > and see its respective interface. But as it is now, I only get 404 > error. If you want http://ipaddress/phpmyadmin and http://ipaddress/adminer to both work, you will probably want a single server{} block with all of the configuration. http://nginx.org/en/docs/http/request_processing.html for the reason. After you've done that, configure each application independently, probably by wrapping the normal "it's a php script" configuration within location blocks like location ^~ /adminer/ After that, when you test, you can read the nginx logs to see exactly why the 404 was produced. Good luck with it, f -- Francis Daly francis at daoine.org From nginx-forum at nginx.us Tue Jun 3 06:54:19 2014 From: nginx-forum at nginx.us (nginxsantos) Date: Tue, 03 Jun 2014 02:54:19 -0400 Subject: Thread support Message-ID: Hi, I am trying to run Nginx as a multi threaded application. Looking at the code it seems the initial code to support multi threaded was there. May be it got broken (as the error message says) or it was not developed to the end. Can anyone who is aware of the history of the Nginx comment about the thread support of Nginx. I am trying to understand what was the reason behind not supporting this as a multi threaded application. Please let me where it was stopped or where it was broken ? Thank you. Regards, Santos Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250598,250598#msg-250598 From vl at nginx.com Tue Jun 3 07:01:49 2014 From: vl at nginx.com (Vladimir Homutov) Date: Tue, 3 Jun 2014 11:01:49 +0400 Subject: Thread support In-Reply-To: References: Message-ID: <20140603070149.GA20304@vlpc> On Tue, Jun 03, 2014 at 02:54:19AM -0400, nginxsantos wrote: > Hi, > > I am trying to run Nginx as a multi threaded application. Looking at the > code it seems the initial code to support multi threaded was there. May be > it got broken (as the error message says) or it was not developed to the > end. > See this: http://mailman.nginx.org/pipermail/nginx/2007-September/001796.html http://mailman.nginx.org/pipermail/nginx/2008-April/004559.html > Can anyone who is aware of the history of the Nginx comment about the thread > support of Nginx. I am trying to understand what was the reason behind not > supporting this as a multi threaded application. > > Please let me where it was stopped or where it was broken ? From contact at jpluscplusm.com Tue Jun 3 09:48:28 2014 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Tue, 3 Jun 2014 10:48:28 +0100 Subject: Browser showing headers and Gziped code inside body. In-Reply-To: References: Message-ID: On 2 June 2014 19:09, Satake wrote: > I'm currently using nginx/1.4.7 and for some reason a client is complaining > that the page is showing with errors in both his browsers (Firefox and IE). > > The error in question is the following: > > https://www.dropbox.com/s/wnpjyyq01j7l5qg/Problemas%20ao%20inserir%20post.jpg > > Does anyone have any suggestion or idea of why this is happening? I /was/ about to suggest you post the output of a "curl -v -o /dev/null" of that page as I thought you probably have the Content-Type header set to something incorrect. But then I noticed that your screenshot actually shows a sub-request getting inserted halfway through the page, after the header. I suggest that whatever entity is combining the page header and the sub-request body is causing your problem, by not dealing with its input correctly. From sarah at nginx.com Tue Jun 3 09:54:39 2014 From: sarah at nginx.com (sarah.novotny) Date: Tue, 3 Jun 2014 02:54:39 -0700 Subject: Wiki updates -- was: Can anyone tell me how to delete spam pages on the wiki? In-Reply-To: <3bee8aed88d9df1dfb76e51832b2e2f4.NginxMailingListEnglish@forum.nginx.org> References: <3bee8aed88d9df1dfb76e51832b2e2f4.NginxMailingListEnglish@forum.nginx.org> Message-ID: I?d like to offer a MONSTER thank you to talkingnews and tsbolzonello for helping battle the wiki spam.? We?ve had no net new spam in more than a week and all the old spam has been vanquished. ? Next up is going through the existing content to audit and update the remaining pages. ?If any of you are interested in helping and have trouble editing, please send me and email. talkingnews and tsbolzonello, please send me your physical mail addresses. I?d like to ship you some treats. Sarah From:?talkingnews nginx-forum at nginx.us Reply:?nginx at nginx.org nginx at nginx.org Date:?May 28, 2014 at 11:29:17 AM To:?nginx at nginx.org nginx at nginx.org Subject:? Can anyone tell me how to delete spam pages on the wiki? Click this: http://wiki.nginx.org/index.php?title=Special:Search&limit=500&offset=0&redirs=1&profile=default&search=a+ See the problem?! I stopped counting at 500 pages. It gets kinda tedious searching for info to end up wading through wedding dress and SEO spam and finding out "how to finger you woman". I can't seem to do anything except "blank" the pages - my wiki username is talkingnews. If someone can give me "the power", I promise not to be malicious, but when I get a spare 10 minutes from time to time I'll go through and delete 100 or so spams. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250445,250445#msg-250445 _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx --? sarah.novotny -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Tue Jun 3 10:24:06 2014 From: nginx-forum at nginx.us (talkingnews) Date: Tue, 03 Jun 2014 06:24:06 -0400 Subject: Wiki updates -- was: Can anyone tell me how to delete spam pages on the wiki? In-Reply-To: References: Message-ID: <527de04cfa2f5ced94f7d2f6a0decec2.NginxMailingListEnglish@forum.nginx.org> sarahnovotny Wrote: > I?d like to offer a MONSTER thank you to talkingnews and tsbolzonello > for helping battle the wiki spam.? The least I can do in return for this great nginx server! email sent :) > Next up is going through the existing content to audit and update the > remaining pages. ?If any of you are interested in helping and have > trouble editing, please send me and email. Thought I'd reply on-list to see what others think here: Regarding those other pages, what about pages like this? http://wiki.nginx.org/Bugs - I know it says "old/obsolete", but as it appears second in Google search results, perhaps a redirect to http://trac.nginx.org/nginx/ might make things easier? Also, the Chinese pages seem to mix between http://wiki.nginx.org/ChsFullExample and http://wiki.nginx.org/CoreModuleChs I see that in this example: http://wiki.nginx.org/index.php?title=HttpEmptyGifModuleChs&action=history that there's a move to moving the Chs from the start to the end of the URL. However, nginx is truly international and growing fast - is there any extension, configuration or module for the Wiki which would allow pages to be tagged or grouped by language, so someone could include or exclude a language in search results? I think that would be helpful to have the same page names but under language directories, a bit like php do, eg: http://www.php.net/manual/en/language.basic-syntax.php http://www.php.net/manual/pt_BR/language.basic-syntax.php Also, I know that you can see the "last updated" date by clicking the little calendar on the top right, but I was thinking that it might be useful to have a "last updated" date clearly on the main page, perhaps at the head or foot. Also, how about an "applies to" section? That way, I could tick "applies to 1.7+" and just get pages containing tips and configs for this version. Just throwing some thoughts out there - anyone else got any thoughts on that? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250601,250602#msg-250602 From vishal.mestri at cloverinfotech.com Tue Jun 3 10:58:54 2014 From: vishal.mestri at cloverinfotech.com (Vishal Mestri) Date: Tue, 03 Jun 2014 16:28:54 +0530 (IST) Subject: Issue nginx - ajax In-Reply-To: <144f3e89-bd37-4ab4-9193-00308f241e3c@mail.cloverinfotech.com> Message-ID: <2688e699-8ae7-42fa-81fd-7b47b41262ae@mail.cloverinfotech.com> Hi B.R. and all, Really thank you for your support till now. We were able to resolve issue on IE as well as on Firefox. we did following settings:- 1) IE We added my website to secure site list. Post that, I imported certificate to "Trusted Root Certiication Authorities". 2) I used "security exception option" by adding same certificate twice by accessing two different ports 6401 and 443. B. R.> Thank you for all your inputs. Thanks & Regards, Vishal Mestri ----- Original Message ----- From: "Vishal Mestri" To: nginx at nginx.org Sent: Monday, June 2, 2014 7:18:48 PM Subject: Re: Issue nginx - ajax Hi All and B.R. We tested on Apache as well and we faced same issue. Further, we disabled Antivirus on our client machine.(where we are accessing browser). Post that, we did following reverse proxy configuration on Nginx. When we receive request on 443 port, it will be sent to 80 port. When we receive request on 6401 port , it will be sent to 6400 port. This configuration without SSL worked on IE 10, Chrome and firefox as well. Further, as soon as , I turned on SSL configuration on port 443 and 6401 for Nginx, we faced old issue. i.e. site worked on Chrome, but not on firefox and IE. Further, we got following error on error log for firefox only. *29 SSL_read() failed (SSL: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:SSL alert number 48) while waiting for request, client: 203.115.123.90, server: 0.0.0.0:6401 We used below commands to generate ssl certificates:- openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt Thanks & Regards, Vishal Mestri ----- Original Message ----- From: "Vishal Mestri" To: nginx at nginx.org Sent: Tuesday, May 27, 2014 10:05:54 AM Subject: Re: Issue nginx - ajax Thanks B. R. for your immediate reply. Configuration file which we are using is attached along with the email. We want following functions:- On our server there are two services running. One on 80 port and another one on 6400 port. We want to use Nginx as product which can help us to SSL enable both services and these services does not have capabilities to be SSL Enabled. Thus, we want to Nginx to listen on two SSL Port 443 and 6401. When Nginx receives request on port 443 , it will reverse proxy that request to service running on 80 port. And when Nginx receives request on port 6401 , it will reverse proxy that request to service running on 6400 port. Service which is running on 80 port is apache tomcat, where as service running on port 6400 is proprietary product which is called using AJAX. This configuration is working very well on chrome, but we are facing issue on Internet explorer 8 onwards. Please let us know if shared configuration is correct or not. Thank you very much for reply. We have started looking in apache , but still it is in RnD phase. Thanks & Regards, Vishal Mestri ----- Original Message ----- From: "B.R." To: "Nginx ML" Sent: Monday, May 26, 2014 7:25:47 PM Subject: Re: Issue nginx - ajax If you wanted more help, you could provide some of the following: - Your configuration and what you expect it to do - The step you took to check the communication between nginx and your backend (the dumps of tcpdump) with details of what you expected Logs only show applied configuration (which might be faulty) do. However, if your decision is already made, then good luck with Apache or squid ;o) --- B. R. _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From contact at jpluscplusm.com Tue Jun 3 12:05:29 2014 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Tue, 3 Jun 2014 13:05:29 +0100 Subject: Issue nginx - ajax In-Reply-To: <2688e699-8ae7-42fa-81fd-7b47b41262ae@mail.cloverinfotech.com> References: <144f3e89-bd37-4ab4-9193-00308f241e3c@mail.cloverinfotech.com> <2688e699-8ae7-42fa-81fd-7b47b41262ae@mail.cloverinfotech.com> Message-ID: On 3 June 2014 11:58, Vishal Mestri wrote: > Hi B.R. and all, > > > Really thank you for your support till now. > > > We were able to resolve issue on IE as well as on Firefox. > > > we did following settings:- > > > 1) IE > > We added my website to secure site list. > > Post that, I imported certificate to "Trusted Root Certiication > Authorities". And that's a solution for /all/ clients who'll be accessing this site? You're going to make them install your *site* cert as a root CA? I think you may have made a mistake here. At the very least, you're doing the wrong thing. > 2) I used "security exception option" by adding same certificate twice by > accessing two different ports 6401 and 443. Ditto. I'd keep working on this, if it were me. YMMV. From jayadev at ymail.com Tue Jun 3 16:42:41 2014 From: jayadev at ymail.com (Jayadev C) Date: Tue, 3 Jun 2014 09:42:41 -0700 (PDT) Subject: Getting rewritten and encoded/escaped url in nginx module Message-ID: <1401813761.57691.YahooMailNeo@web163503.mail.gq1.yahoo.com> Hi, I am writing a nginx proxy module and want to grab the url which is urlencoded (as the client sends it) and also after rewrite rules are applied.? My typical url looks like : path1/path2/path3/urlencoded(key)?args, after rewriting the url I would love to have is something like : newpath1/newpath2/newpath3/../urlencoded(key)?args. Currently , r->uri? is decoded rewritten uri, r->unparsed_uri is encoded but not rewritten. I read on the forum that nginx decodes the url for rewrite, is there a handy internal function I can use encode the rewritten url back. A simple use of ngx_escape_uri(r->uri) with different parameters doesn't do what I want out of the box. Thanks, Jayadev -------------- next part -------------- An HTML attachment was scrubbed... URL: From reallfqq-nginx at yahoo.fr Tue Jun 3 17:09:08 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Tue, 3 Jun 2014 19:09:08 +0200 Subject: Getting rewritten and encoded/escaped url in nginx module In-Reply-To: <1401813761.57691.YahooMailNeo@web163503.mail.gq1.yahoo.com> References: <1401813761.57691.YahooMailNeo@web163503.mail.gq1.yahoo.com> Message-ID: I am not providing a direct answer but could not you use some standard modules to do that? Such as using (examples): - rewrite associated with a map, loaded from a separate configuration file reloaded after changes - the perl module to invoke external perl scripts doing that for you, maybe in conjunction with the ssi module ? --- *B. R.* On Tue, Jun 3, 2014 at 6:42 PM, Jayadev C wrote: > > Hi, > > I am writing a nginx proxy module and want to grab the url which is > urlencoded (as the client sends it) and also after rewrite rules are > applied. My typical url looks like : > path1/path2/path3/urlencoded(key)?args , after rewriting the url I would > love to have is something like : > newpath1/newpath2/newpath3/../urlencoded(key)?args. > > Currently , r->uri is decoded rewritten uri, r->unparsed_uri is encoded > but not rewritten. > > I read on the forum that nginx decodes the url for rewrite, is there a > handy internal function I can use encode the rewritten url back. A simple > use of ngx_escape_uri(r->uri) with different parameters doesn't do what I > want out of the box. > > Thanks, > Jayadev > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Tue Jun 3 17:17:28 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 3 Jun 2014 21:17:28 +0400 Subject: Getting rewritten and encoded/escaped url in nginx module In-Reply-To: <1401813761.57691.YahooMailNeo@web163503.mail.gq1.yahoo.com> References: <1401813761.57691.YahooMailNeo@web163503.mail.gq1.yahoo.com> Message-ID: <20140603171728.GU1849@mdounin.ru> Hello! On Tue, Jun 03, 2014 at 09:42:41AM -0700, Jayadev C wrote: > > > Hi, > > > I am writing a nginx proxy module and want to grab the url which > is urlencoded (as the client sends it) and also after rewrite > rules are applied.? My typical url looks like : > path1/path2/path3/urlencoded(key)?args, after rewriting the url > I would love to have is something like : > > newpath1/newpath2/newpath3/../urlencoded(key)?args. > > Currently , r->uri? is decoded rewritten uri, r->unparsed_uri is > encoded but not rewritten. > > I read on the forum that nginx decodes the url for rewrite, is > there a handy internal function I can use encode the rewritten > url back. A simple use of ngx_escape_uri(r->uri) with different > parameters doesn't do what I want out of the box. The ngx_escape_uri(r->uri) _is_ the internal function you should use if you need encoded URI. If in doubt, try looking, e.g., into the ngx_http_proxy_create_request() function to see how it's done there. -- Maxim Dounin http://nginx.org/ From jayadev at ymail.com Tue Jun 3 21:08:36 2014 From: jayadev at ymail.com (Jayadev C) Date: Tue, 3 Jun 2014 14:08:36 -0700 (PDT) Subject: Getting rewritten and encoded/escaped url in nginx module In-Reply-To: <20140603171728.GU1849@mdounin.ru> References: <1401813761.57691.YahooMailNeo@web163503.mail.gq1.yahoo.com> <20140603171728.GU1849@mdounin.ru> Message-ID: <1401829716.69686.YahooMailNeo@web163501.mail.gq1.yahoo.com> The problem is ngx_http_proxy doesn't do that either, once rewrite is applied the url remains decoded (or I am not reading the code correctly).? In fact escaping uri back is a bit tricky since you have to split the rewritten url to segments and apply encoding again (which would require looking at the original url to know the correct number of '/'s). Anybody had attempted doing something like this ? or is there an easier way. Jayadev On Tuesday, June 3, 2014 10:17 AM, Maxim Dounin wrote: Hello! On Tue, Jun 03, 2014 at 09:42:41AM -0700, Jayadev C wrote: > > > Hi, > > > I am writing a nginx proxy module and want to grab the url which > is urlencoded (as the client sends it) and also after rewrite > rules are applied.? My typical url looks like : > path1/path2/path3/urlencoded(key)?args, after rewriting the url > I would love to have is something like : > > newpath1/newpath2/newpath3/../urlencoded(key)?args. > > Currently , r->uri? is decoded rewritten uri, r->unparsed_uri is > encoded but not rewritten. > > I read on the forum that nginx decodes the url for rewrite, is > there a handy internal function I can use encode the rewritten > url back. A simple use of ngx_escape_uri(r->uri) with different > parameters doesn't do what I want out of the box. The ngx_escape_uri(r->uri) _is_ the internal function you should use if you need encoded URI. If in doubt, try looking, e.g., into the ngx_http_proxy_create_request() function to see how it's done there. -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From vishal.mestri at cloverinfotech.com Wed Jun 4 04:48:42 2014 From: vishal.mestri at cloverinfotech.com (Vishal Mestri) Date: Wed, 04 Jun 2014 10:18:42 +0530 (IST) Subject: Issue nginx - ajax In-Reply-To: Message-ID: Hi Jonathan Matthews, Thank you for your valuable comments. I understand , what you would like to suggest, b ut we are using self-signed certificate just for trial demo. Once UAT is done, we would be using actual certificate, where I guess we will not face any issue. Thanks & Regards, Vishal Mestri ----- Original Message ----- From: "Jonathan Matthews" To: nginx at nginx.org Sent: Tuesday, June 3, 2014 5:35:29 PM Subject: Re: Issue nginx - ajax On 3 June 2014 11:58, Vishal Mestri wrote: > Hi B.R. and all, > > > Really thank you for your support till now. > > > We were able to resolve issue on IE as well as on Firefox. > > > we did following settings:- > > > 1) IE > > We added my website to secure site list. > > Post that, I imported certificate to "Trusted Root Certiication > Authorities". And that's a solution for /all/ clients who'll be accessing this site? You're going to make them install your *site* cert as a root CA? I think you may have made a mistake here. At the very least, you're doing the wrong thing. > 2) I used "security exception option" by adding same certificate twice by > accessing two different ports 6401 and 443. Ditto. I'd keep working on this, if it were me. YMMV. _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From contact at jpluscplusm.com Wed Jun 4 09:11:20 2014 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Wed, 4 Jun 2014 10:11:20 +0100 Subject: Issue nginx - ajax In-Reply-To: References:

Message-ID: On 4 June 2014 05:48, Vishal Mestri wrote: > Hi Jonathan Matthews, > > Thank you for your valuable comments. > I understand , what you would like to suggest, but we are using self-signed > certificate just for trial demo. > > Once UAT is done, we would be using actual certificate, where I guess we > will not face any issue. The 2 problems I have seen you state in this thread are that 1) your error logs are full of "upstream prematurely closed connection while reading upstream", and 2) this problem doesn't go away when you use HTTP instead of HTTPS. I am unsure why you think the provenance of your SSL certificate has *anything* to do with these two error conditions. I suggest to you that it /really/ doesn't; and that you haven't found the root cause of your problem. Good luck with it, J From nginx-forum at nginx.us Wed Jun 4 11:15:17 2014 From: nginx-forum at nginx.us (chrismcv) Date: Wed, 04 Jun 2014 07:15:17 -0400 Subject: Can I use ssl_verify_client without a prompt Message-ID: Hi, I'm using ssl_client_certificate, I want to set "proxy_set_header X-Cert-DN $ssl_client_s_dn;" when I proxy. I've ssl_verify_client set to optional - this all works great, but in the browser, the user gets a cert prompt. Is there a way I can avoid the cert prompt - so the header will get set if a cert is supplied, but otherwise it won't prompt the user? (So curl -e cert.crt https://mysite should get the cert header, but a browser shouldn't know about it). Cheers, Chris Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250627,250627#msg-250627 From nginx-forum at nginx.us Wed Jun 4 13:17:56 2014 From: nginx-forum at nginx.us (Godinho) Date: Wed, 04 Jun 2014 09:17:56 -0400 Subject: nginx Segmentation fault Message-ID: <3ea3501ac4ed08cc75d36d64fe933870.NginxMailingListEnglish@forum.nginx.org> I needed to use modsecurity so I compiled nginx and modsecurity. Modsecurity was compiled with options: ./configure --enable-standalone-module nginx with: ./configure --add-module=../modsecurity-2.8.0/nginx/modsecurity/ When I try to test my configuration I have this: [root at nginx1 nginx]# /usr/local/nginx/sbin/nginx -t Segmentation fault from message logs: Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip 00007f9088569a32 sp 00007fffc90ccf58 error 4 in libc-2.12.so[7f90884e0000+18b000] Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip 00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in libc-2.12.so[7f6626c0a000+18b000] Update: it seams it a modsecurity problem, copiled without it (./configure --with-http_ssl_module) work just fine... Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250629,250629#msg-250629 From nginx-forum at nginx.us Wed Jun 4 13:24:49 2014 From: nginx-forum at nginx.us (yarek) Date: Wed, 04 Jun 2014 09:24:49 -0400 Subject: How to install Nginx from source and avoid the OpenSSL Bug ? Message-ID: Hi, I am new to nginx and linux. I tried to install nginx form source (nginx+rtmp module) following many tutos on my Debian And all gives me the same error: ./configure --add-module=../nginx-rtmp-module-master make -f objs/Makefile make[1]: entrant dans le r?pertoire ? /root/nginx/nginx-1.4.3 ? cc -c -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I/root/nginx/nginx-rtmp-module/ -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs \ -o objs/src/event/ngx_event_openssl.o \ src/event/ngx_event_openssl.c src/event/ngx_event_openssl.c: In function ngx_ssl_create: src/event/ngx_event_openssl.c:189:5: error: ?SSL_OP_MSIE_SSLV2_RSA_PADDING? undeclared (first use in this function) src/event/ngx_event_openssl.c:189:5: note: each undeclared identifier is reported only once for each function it appears in make[1]: * [objs/src/event/ngx_event_openssl.o] Erreur 1 make[1]: quittant le r?pertoire ? /root/nginx/nginx-1.4.3 ? make: * [build] Erreur 2 It seems error comes from : Planned removal of SSL_OP_MSIE_SSLV2_RSA_PADDING breaks dependent software if you are using OpenSSL 1.0.2 or higher. Any idea on how do I fix that ? Thanks Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250630,250630#msg-250630 From kurt at x64architecture.com Wed Jun 4 13:27:42 2014 From: kurt at x64architecture.com (Kurt Cancemi) Date: Wed, 4 Jun 2014 09:27:42 -0400 Subject: nginx Segmentation fault In-Reply-To: References: <3ea3501ac4ed08cc75d36d64fe933870.NginxMailingListEnglish@forum.nginx.org> Message-ID: Hello, this is unrelated to nginx and has to do with mod_security. There is an alternative if it suits your needs called naxsi. Regards, Kurt Cancemi http://www.getwnmp.org On Jun 4, 2014 9:18 AM, "Godinho" wrote: I needed to use modsecurity so I compiled nginx and modsecurity. Modsecurity was compiled with options: ./configure --enable-standalone-module nginx with: ./configure --add-module=../modsecurity-2.8.0/nginx/modsecurity/ When I try to test my configuration I have this: [root at nginx1 nginx]# /usr/local/nginx/sbin/nginx -t Segmentation fault from message logs: Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip 00007f9088569a32 sp 00007fffc90ccf58 error 4 in libc-2.12.so[7f90884e0000+18b000] Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip 00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in libc-2.12.so[7f6626c0a000+18b000] Update: it seams it a modsecurity problem, copiled without it (./configure --with-http_ssl_module) work just fine... Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250629,250629#msg-250629 _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From luky-37 at hotmail.com Wed Jun 4 13:33:04 2014 From: luky-37 at hotmail.com (Lukas Tribus) Date: Wed, 4 Jun 2014 15:33:04 +0200 Subject: How to install Nginx from source and avoid the OpenSSL Bug ? In-Reply-To: References: Message-ID: Hi, > How to install Nginx from source and avoid the OpenSSL Bug ? What openssl bug are you talking about? Debian contains all important fixes afaik. > It seems error comes from : > Planned removal of SSL_OP_MSIE_SSLV2_RSA_PADDING breaks dependent software > if you are using OpenSSL 1.0.2 or higher. > > Any idea on how do I fix that ? It was already fixed 9 months ago: http://hg.nginx.org/nginx/rev/a73678f5f96f Use a recent nginx tarball. Regards, Lukas From reallfqq-nginx at yahoo.fr Wed Jun 4 13:50:55 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Wed, 4 Jun 2014 15:50:55 +0200 Subject: How to install Nginx from source and avoid the OpenSSL Bug ? In-Reply-To: References:

Message-ID: On Wed, Jun 4, 2014 at 3:33 PM, Lukas Tribus wrote: > > How to install Nginx from source and avoid the OpenSSL Bug ? > > What openssl bug are you talking about? Debian contains all > important fixes afaik. > ?I think 'yarek'? ? tries to build nginx with a 3rd-party program. I'd suggest to use either the latest stable (v1.6.0) or mainline (v1.7.1) source. v1.4.3 is pretty old now and is deprecated. Btw, nginx links the OpenSSL library dynamically, so the bug has never lied inside nginx. It depends on the version of OpenSSL which has been used to compile nginx (since using a version other than the one used for compilation at run time might fail/introduce problems). > It seems error comes from : > > Planned removal of SSL_OP_MSIE_SSLV2_RSA_PADDING breaks dependent > software > > if you are using OpenSSL 1.0.2 or higher. > > > > Any idea on how do I fix that ? > > It was already fixed 9 months ago: > http://hg.nginx.org/nginx/rev/a73678f5f96f > > Use a recent nginx tarball. > ?'yarek' you could have compared the error message triggered by the source you were using with the current ngx_event_openssl.c source file . You would have seen that the deprecation of the constant you triggered is handled, by a check for its existence. Lukas has been kind enough to provide you with the exact commit introducing this change. ?To sump up: - use recent/supported source - use an unaffected version of OpenSSL ? when compiling your nginx binary. All major distro (including Debian) have fixed their repositories with corrected versions for a long time now ? --- *B. R.* -------------- next part -------------- An HTML attachment was scrubbed... URL: From luky-37 at hotmail.com Wed Jun 4 14:52:19 2014 From: luky-37 at hotmail.com (Lukas Tribus) Date: Wed, 4 Jun 2014 16:52:19 +0200 Subject: How to install Nginx from source and avoid the OpenSSL Bug ? In-Reply-To: References: , , Message-ID: Hi, >> How to install Nginx from source and avoid the OpenSSL Bug ?? >? > What openssl bug are you talking about? Debian contains all? > important fixes afaik.? >? > ?I think 'yarek'?? tries to build nginx with a 3rd-party program. Just installing libssl-dev from the debian repository would have been enough then. Also using: ?aptitude build-dep nginx is a more convenient way to install all source dependencies. Building openssl on his own without understanding system paths is dangerous and will probably break his system. Lukas From rpaprocki at fearnothingproductions.net Wed Jun 4 15:00:36 2014 From: rpaprocki at fearnothingproductions.net (Robert Paprocki) Date: Wed, 04 Jun 2014 08:00:36 -0700 Subject: nginx Segmentation fault In-Reply-To: References: <3ea3501ac4ed08cc75d36d64fe933870.NginxMailingListEnglish@forum.nginx.org> Message-ID: <538F3494.5090804@fearnothingproductions.net> Can you post a full core dump? Did you verify the mod_security tarball you downloaded? Can detail the steps taken to build that module? What version of nginx are you trying to build? On 6/4/2014 06:27, Kurt Cancemi wrote: > > Hello, this is unrelated to nginx and has to do with mod_security. > There is an alternative if it suits your needs called naxsi. > > Regards, > Kurt Cancemi > http://www.getwnmp.org > > On Jun 4, 2014 9:18 AM, "Godinho"

> wrote: > > I needed to use modsecurity so I compiled nginx and modsecurity. > > Modsecurity was compiled with options: ./configure > --enable-standalone-module > > nginx with: ./configure > --add-module=../modsecurity-2.8.0/nginx/modsecurity/ > > When I try to test my configuration I have this: > > [root at nginx1 nginx]# /usr/local/nginx/sbin/nginx -t > Segmentation fault > > from message logs: > Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip > 00007f9088569a32 sp 00007fffc90ccf58 error 4 in > libc-2.12.so [7f90884e0000+18b000] > Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip > 00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in > libc-2.12.so [7f6626c0a000+18b000] > > Update: it seams it a modsecurity problem, copiled without it > (./configure > --with-http_ssl_module) work just fine... > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,250629,250629#msg-250629 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Wed Jun 4 15:04:59 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Wed, 4 Jun 2014 19:04:59 +0400 Subject: Getting rewritten and encoded/escaped url in nginx module In-Reply-To: <1401829716.69686.YahooMailNeo@web163501.mail.gq1.yahoo.com> References: <1401813761.57691.YahooMailNeo@web163503.mail.gq1.yahoo.com> <20140603171728.GU1849@mdounin.ru> <1401829716.69686.YahooMailNeo@web163501.mail.gq1.yahoo.com> Message-ID: <20140604150459.GA1849@mdounin.ru> Hello! On Tue, Jun 03, 2014 at 02:08:36PM -0700, Jayadev C wrote: > The problem is ngx_http_proxy doesn't do that either, once > rewrite is applied the url remains decoded (or I am not reading > the code correctly). The proxy does ngx_escape_uri() if URI was rewritten. It has to, as unencoded URI can't be used in a HTTP request. Take a look at the ngx_http_proxy_create_request() function as previously suggested. >?In fact escaping uri back is a bit tricky > since you have to split the rewritten url to segments and apply > encoding again (which would require looking at the original url > to know the correct number of '/'s). As long as there were encoded slashes, the encoding of these slashes will be lost if URI was rewritten. This is the expected behaviour. -- Maxim Dounin http://nginx.org/ From kyprizel at gmail.com Wed Jun 4 15:05:27 2014 From: kyprizel at gmail.com (kyprizel) Date: Wed, 4 Jun 2014 19:05:27 +0400 Subject: nginx Segmentation fault In-Reply-To: <538F3494.5090804@fearnothingproductions.net> References: <3ea3501ac4ed08cc75d36d64fe933870.NginxMailingListEnglish@forum.nginx.org> <538F3494.5090804@fearnothingproductions.net> Message-ID: I think this bug was fixed in nginx_refactoring tree. On Wed, Jun 4, 2014 at 7:00 PM, Robert Paprocki < rpaprocki at fearnothingproductions.net> wrote: > Can you post a full core dump? Did you verify the mod_security tarball > you downloaded? Can detail the steps taken to build that module? What > version of nginx are you trying to build? > > On 6/4/2014 06:27, Kurt Cancemi wrote: > > Hello, this is unrelated to nginx and has to do with mod_security. There > is an alternative if it suits your needs called naxsi. > > Regards, > Kurt Cancemi > http://www.getwnmp.org > On Jun 4, 2014 9:18 AM, "Godinho" wrote: > > I needed to use modsecurity so I compiled nginx and modsecurity. > > Modsecurity was compiled with options: ./configure > --enable-standalone-module > > nginx with: ./configure > --add-module=../modsecurity-2.8.0/nginx/modsecurity/ > > When I try to test my configuration I have this: > > [root at nginx1 nginx]# /usr/local/nginx/sbin/nginx -t > Segmentation fault > > from message logs: > Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip > 00007f9088569a32 sp 00007fffc90ccf58 error 4 in > libc-2.12.so[7f90884e0000+18b000] > Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip > 00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in > libc-2.12.so[7f6626c0a000+18b000] > > Update: it seams it a modsecurity problem, copiled without it (./configure > --with-http_ssl_module) work just fine... > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,250629,250629#msg-250629 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > > > > _______________________________________________ > nginx mailing listnginx at nginx.orghttp://mailman.nginx.org/mailman/listinfo/nginx > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From defan at nginx.com Wed Jun 4 15:12:43 2014 From: defan at nginx.com (Andrei Belov) Date: Wed, 4 Jun 2014 19:12:43 +0400 Subject: nginx Segmentation fault In-Reply-To: <3ea3501ac4ed08cc75d36d64fe933870.NginxMailingListEnglish@forum.nginx.org> References: <3ea3501ac4ed08cc75d36d64fe933870.NginxMailingListEnglish@forum.nginx.org> Message-ID: <5D405364-E117-43D8-B119-71FDFC08E3AA@nginx.com> Hi, there is a lot of open issues with ModSecurity and nginx: https://github.com/SpiderLabs/ModSecurity/issues?labels=Platform+-+Nginx&state=open Some of them have been already fixed in nginx_refactoring branch: https://github.com/SpiderLabs/ModSecurity/tree/nginx_refactoring I spent some time experimenting with this branch locally, and added a number of improvements to the code: https://github.com/defanator/ModSecurity/tree/nginx_refactoring A number of patches were already imported into SpiderLabs/nginx_refactoring repository, others are under review and testing. Please feel free to try - any feedback will be greatly appreciated! Cheers, ? Andrei Belov http://nginx.com/ On 04 Jun 2014, at 17:17, Godinho wrote: > I needed to use modsecurity so I compiled nginx and modsecurity. > > Modsecurity was compiled with options: ./configure > --enable-standalone-module > > nginx with: ./configure > --add-module=../modsecurity-2.8.0/nginx/modsecurity/ > > When I try to test my configuration I have this: > > [root at nginx1 nginx]# /usr/local/nginx/sbin/nginx -t > Segmentation fault > > from message logs: > Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip > 00007f9088569a32 sp 00007fffc90ccf58 error 4 in > libc-2.12.so[7f90884e0000+18b000] > Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip > 00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in > libc-2.12.so[7f6626c0a000+18b000] > > Update: it seams it a modsecurity problem, copiled without it (./configure > --with-http_ssl_module) work just fine... > > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250629,250629#msg-250629 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > From kyprizel at gmail.com Wed Jun 4 15:58:22 2014 From: kyprizel at gmail.com (kyprizel) Date: Wed, 4 Jun 2014 19:58:22 +0400 Subject: nginx Segmentation fault In-Reply-To: <5D405364-E117-43D8-B119-71FDFC08E3AA@nginx.com> References: <3ea3501ac4ed08cc75d36d64fe933870.NginxMailingListEnglish@forum.nginx.org> <5D405364-E117-43D8-B119-71FDFC08E3AA@nginx.com> Message-ID: Andrei, have you checked issue 630? https://github.com/SpiderLabs/ModSecurity/issues/630 On Wed, Jun 4, 2014 at 7:12 PM, Andrei Belov wrote: > Hi, > > there is a lot of open issues with ModSecurity and nginx: > > https://github.com/SpiderLabs/ModSecurity/issues?labels=Platform+-+Nginx&state=open > > Some of them have been already fixed in nginx_refactoring branch: > https://github.com/SpiderLabs/ModSecurity/tree/nginx_refactoring > > I spent some time experimenting with this branch locally, > and added a number of improvements to the code: > https://github.com/defanator/ModSecurity/tree/nginx_refactoring > > A number of patches were already imported into SpiderLabs/nginx_refactoring > repository, others are under review and testing. > > Please feel free to try - any feedback will be greatly appreciated! > > Cheers, > > ? > Andrei Belov > http://nginx.com/ > > > On 04 Jun 2014, at 17:17, Godinho wrote: > > > I needed to use modsecurity so I compiled nginx and modsecurity. > > > > Modsecurity was compiled with options: ./configure > > --enable-standalone-module > > > > nginx with: ./configure > > --add-module=../modsecurity-2.8.0/nginx/modsecurity/ > > > > When I try to test my configuration I have this: > > > > [root at nginx1 nginx]# /usr/local/nginx/sbin/nginx -t > > Segmentation fault > > > > from message logs: > > Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip > > 00007f9088569a32 sp 00007fffc90ccf58 error 4 in > > libc-2.12.so[7f90884e0000+18b000] > > Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip > > 00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in > > libc-2.12.so[7f6626c0a000+18b000] > > > > Update: it seams it a modsecurity problem, copiled without it > (./configure > > --with-http_ssl_module) work just fine... > > > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,250629,250629#msg-250629 > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From defan at nginx.com Wed Jun 4 16:10:00 2014 From: defan at nginx.com (Andrei Belov) Date: Wed, 4 Jun 2014 20:10:00 +0400 Subject: nginx Segmentation fault In-Reply-To: References: <3ea3501ac4ed08cc75d36d64fe933870.NginxMailingListEnglish@forum.nginx.org> <5D405364-E117-43D8-B119-71FDFC08E3AA@nginx.com> Message-ID: <028E5567-F32C-4A1D-BDA2-07CEE4949EDC@nginx.com> Not yet. Quick look makes me think that "client_body_in_file_only on;" might help. -- defan > On 04 ???? 2014 ?., at 19:58, kyprizel wrote: > > Andrei, have you checked issue 630? > > https://github.com/SpiderLabs/ModSecurity/issues/630 > > >> On Wed, Jun 4, 2014 at 7:12 PM, Andrei Belov wrote: >> Hi, >> >> there is a lot of open issues with ModSecurity and nginx: >> https://github.com/SpiderLabs/ModSecurity/issues?labels=Platform+-+Nginx&state=open >> >> Some of them have been already fixed in nginx_refactoring branch: >> https://github.com/SpiderLabs/ModSecurity/tree/nginx_refactoring >> >> I spent some time experimenting with this branch locally, >> and added a number of improvements to the code: >> https://github.com/defanator/ModSecurity/tree/nginx_refactoring >> >> A number of patches were already imported into SpiderLabs/nginx_refactoring >> repository, others are under review and testing. >> >> Please feel free to try - any feedback will be greatly appreciated! >> >> Cheers, >> >> ? >> Andrei Belov >> http://nginx.com/ >> >> >> On 04 Jun 2014, at 17:17, Godinho wrote: >> >> > I needed to use modsecurity so I compiled nginx and modsecurity. >> > >> > Modsecurity was compiled with options: ./configure >> > --enable-standalone-module >> > >> > nginx with: ./configure >> > --add-module=../modsecurity-2.8.0/nginx/modsecurity/ >> > >> > When I try to test my configuration I have this: >> > >> > [root at nginx1 nginx]# /usr/local/nginx/sbin/nginx -t >> > Segmentation fault >> > >> > from message logs: >> > Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip >> > 00007f9088569a32 sp 00007fffc90ccf58 error 4 in >> > libc-2.12.so[7f90884e0000+18b000] >> > Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip >> > 00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in >> > libc-2.12.so[7f6626c0a000+18b000] >> > >> > Update: it seams it a modsecurity problem, copiled without it (./configure >> > --with-http_ssl_module) work just fine... >> > >> > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250629,250629#msg-250629 >> > >> > _______________________________________________ >> > nginx mailing list >> > nginx at nginx.org >> > http://mailman.nginx.org/mailman/listinfo/nginx >> > >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From amikamsnir at gmail.com Wed Jun 4 16:15:40 2014 From: amikamsnir at gmail.com (Amikam Snir) Date: Wed, 4 Jun 2014 19:15:40 +0300 Subject: sub-request to external resource Message-ID: Hi all, How can I make sub-request to external resource (without returning it to the user)? The following commands are used only for internal resources: ngx.location.capture ngx.exec any idea? :-) Thanks in advance, -------------- next part -------------- An HTML attachment was scrubbed... URL: From shahzaib.cb at gmail.com Wed Jun 4 18:50:08 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Wed, 4 Jun 2014 23:50:08 +0500 Subject: Caching servers in Local ISPs !! In-Reply-To: References: <2d390b3d32431d04dd610eefbd2f19c0.NginxMailingListEnglish@forum.nginx.org> Message-ID: @itpp, i just used your method try_files and it worked flawlessly :). Following is the testing config : server { listen 80; server_name domain.com; root /var/www/html/files; location / { root /var/www/html/files; try_files $uri @getfrom_origin; } location @getfrom_origin { proxy_pass http://127.0.0.1:8080; } } if proxy_pass worked for localhost, i hope it will also work for remote host to forward request if the file doesn't exist on local caching server. :-) Would you suggest me to add some more configs for tweaking on nginx ? Btw, proxy_pass should only be for mp4 and jpeg, cause the caching is only for video files. Should i use rsync or lsync for mirroring the files between Origin and caching server ? Suggestion will be highly appreciated. Regards. Shahzaib On Wed, May 28, 2014 at 4:19 PM, shahzaib shahzaib wrote: > Right. I'll proceed with my research and get back to you with better > approach . :) > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Wed Jun 4 19:19:43 2014 From: nginx-forum at nginx.us (itpp2012) Date: Wed, 04 Jun 2014 15:19:43 -0400 Subject: Caching servers in Local ISPs !! In-Reply-To: References: Message-ID: shahzaib1232 Wrote: ------------------------------------------------------- > @itpp, i just used your method try_files and it worked flawlessly :). > Following is the testing config : > > server { > listen 80; > server_name domain.com; > root /var/www/html/files; > > location / { location ~* (\.mp3|\.avi|\.mp4)$ { > Should i use rsync or lsync for mirroring the files between Origin and > caching server ? Whatever works for you, I'd prefer rsync since that's easier to schedule for off-peek hours. Also sync to a temp folder and move after completion or nginx will attempt to send partial files. see also http://wanproxy.org/ Posted at Nginx Forum: http://forum.nginx.org/read.php?2,249997,250645#msg-250645 From shahzaib.cb at gmail.com Wed Jun 4 19:23:41 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Thu, 5 Jun 2014 00:23:41 +0500 Subject: Caching servers in Local ISPs !! In-Reply-To: References: Message-ID: >>Also sync to a temp folder and move after completion or nginx will attempt to send partial files. Oh right. Thanks for quick help and suggestion :). I'll look into wanproxy now. On Thu, Jun 5, 2014 at 12:19 AM, itpp2012 wrote: > shahzaib1232 Wrote: > ------------------------------------------------------- > > @itpp, i just used your method try_files and it worked flawlessly :). > > Following is the testing config : > > > > server { > > listen 80; > > server_name domain.com; > > root /var/www/html/files; > > > > location / { > > location ~* (\.mp3|\.avi|\.mp4)$ { > > > Should i use rsync or lsync for mirroring the files between Origin and > > caching server ? > > Whatever works for you, I'd prefer rsync since that's easier to schedule > for > off-peek hours. > Also sync to a temp folder and move after completion or nginx will attempt > to send partial files. > see also http://wanproxy.org/ > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,249997,250645#msg-250645 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Wed Jun 4 19:29:47 2014 From: nginx-forum at nginx.us (Spacedust) Date: Wed, 04 Jun 2014 15:29:47 -0400 Subject: [alert] 12928#0: worker process 3958 exited on signal 11 Message-ID: <7fb4a3505cf38f408a87f525bc3b25da.NginxMailingListEnglish@forum.nginx.org> I use nginx 1.7.1 as frontend proxy to Apache 2.2.27 + php-fpm 5.5.13. When I add new domain, then just reload nginx it throwing errors like "connection reset" etc. Error log is full of something like this: tail -f /var/log/nginx/error.log 2014/06/04 11:36:23 [alert] 12928#0: worker process 3958 exited on signal 11 2014/06/04 11:36:23 [alert] 12928#0: worker process 3959 exited on signal 11 2014/06/04 11:36:23 [alert] 12928#0: worker process 3992 exited on signal 11 2014/06/04 11:36:23 [alert] 12928#0: worker process 3982 exited on signal 11 2014/06/04 11:36:24 [alert] 12928#0: worker process 3993 exited on signal 11 2014/06/04 11:36:24 [alert] 12928#0: worker process 3995 exited on signal 11 2014/06/04 11:36:25 [alert] 12928#0: worker process 4001 exited on signal 11 2014/06/04 11:36:25 [alert] 12928#0: worker process 3994 exited on signal 11 2014/06/04 11:36:25 [alert] 12928#0: worker process 4002 exited on signal 11 2014/06/04 11:36:26 [alert] 12928#0: worker process 4021 exited on signal 11 Then I have to restart nginx, and sometimes even killall -9 nginx then restart, because then it shows something like this: 2014/06/04 21:16:30 [emerg] 11491#0: bind() to 0.0.0.0:443 failed (98: Address already in use) 2014/06/04 21:16:30 [emerg] 11491#0: bind() to [::]:443 failed (98: Address already in use) 2014/06/04 21:16:35 [emerg] 11754#0: bind() to 0.0.0.0:80 failed (98: Address already in use) 2014/06/04 21:16:35 [emerg] 11754#0: bind() to [::]:80 failed (98: Address already in use) 2014/06/04 21:16:35 [emerg] 11754#0: bind() to 0.0.0.0:443 failed (98: Address already in use) 2014/06/04 21:16:35 [emerg] 11754#0: bind() to [::]:443 failed (98: Address already in use) 2014/06/04 21:16:35 [emerg] 11754#0: bind() to 0.0.0.0:80 failed (98: Address already in use) 2014/06/04 21:16:35 [emerg] 11754#0: bind() to [::]:80 failed (98: Address already in use) 2014/06/04 21:16:35 [emerg] 11754#0: bind() to 0.0.0.0:443 failed (98: Address already in use) 2014/06/04 21:16:35 [emerg] 11754#0: bind() to [::]:443 failed (98: Address already in use) How to resolve this ? My config is as follows: user nginx; worker_processes 8; worker_rlimit_nofile 400000; pid /var/run/nginx.pid; events { worker_connections 8192; use epoll; } http { add_header Cache-Control public; server_names_hash_max_size 4096; server_names_hash_bucket_size 2048; types_hash_bucket_size 64; types_hash_max_size 2048; client_header_buffer_size 2k; client_header_timeout 180s; client_body_timeout 180s; send_timeout 180s; client_max_body_size 64M; client_body_buffer_size 128k; sendfile on; tcp_nopush on; tcp_nodelay on; server_tokens off; include '/etc/nginx/conf.d/*.conf'; } include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #access_log /var/log/nginx/access.log main; error_log /var/log/nginx/error.log alert; ### MR - must be using nginx-special (including ngx_http_log_request_speed) ## just enough remove # below for enable; only request > 5000 miliseconds write to error.log #log_request_speed_filter on; #log_request_speed_filter_timeout 5000; gzip on; gzip_static on; gzip_min_length 1024; gzip_comp_level 4; gzip_proxied any; gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript; keepalive_timeout 180; limit_conn_zone $binary_remote_addr zone=addr:10m; limit_rate_after 1000m; limit_rate 12500k; proxy_cache_path /dev/shm/nginx-proxy levels=1:2 keys_zone=pcache:8m max_size=1000m inactive=600m; proxy_temp_path /dev/shm/nginx 1 2; fastcgi_cache_path /dev/shm/nginx-fastcgi levels=1:2 keys_zone=fcache:8m max_size=1000m inactive=600m; fastcgi_temp_path /dev/shm/nginx 1 2; include /home/nginx/conf/defaults/*.conf; include /home/nginx/conf/domains/*.conf; Example domain config: ### begin - web of 'vmax24.pl' - do not remove/modify this line ## webmail for 'vmax24.pl' server { #disable_symlinks if_not_owner; listen 0.0.0.0:80; listen [::]:80; server_name webmail.vmax24.pl; index index.php index.html index.shtml index.htm default.htm Default.aspx Default.asp index.pl; set $rootdir '/home/kloxo/httpd/webmail/onlinemail'; root $rootdir; include '/home/nginx/conf/globals/custom.proxy.conf'; } ## web for 'vmax24.pl' server { #disable_symlinks if_not_owner; listen 0.0.0.0:80; listen [::]:80; server_name vmax24.pl www.vmax24.pl; index index.php index.html index.shtml index.htm default.htm Default.aspx Default.asp index.pl; set $domain 'vmax24.pl'; set $rootdir '/home/eremi21/vmax24.pl'; root $rootdir; set $user 'eremi21'; set $fpmport '57907'; include '/home/nginx/conf/globals/custom.proxy.conf'; include '/home/nginx/conf/globals/generic.conf'; } ## webmail for 'vmax24.pl' server { #disable_symlinks if_not_owner; listen 0.0.0.0:443; listen [::]:443; ssl on; ssl_certificate /home/kloxo/httpd/ssl/eth0___localhost.pem; ssl_certificate_key /home/kloxo/httpd/ssl/eth0___localhost.key; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; server_name webmail.vmax24.pl; index index.php index.html index.shtml index.htm default.htm Default.aspx Default.asp index.pl; set $rootdir '/home/kloxo/httpd/webmail/onlinemail'; root $rootdir; include '/home/nginx/conf/globals/custom.proxy.conf'; } ## web for 'vmax24.pl' server { #disable_symlinks if_not_owner; listen 0.0.0.0:443; listen [::]:443; ssl on; ssl_certificate /home/kloxo/httpd/ssl/eth0___localhost.pem; ssl_certificate_key /home/kloxo/httpd/ssl/eth0___localhost.key; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; server_name vmax24.pl www.vmax24.pl; index index.php index.html index.shtml index.htm default.htm Default.aspx Default.asp index.pl; set $domain 'vmax24.pl'; set $rootdir '/home/eremi21/vmax24.pl'; root $rootdir; set $user 'eremi21'; set $fpmport '57907'; include '/home/nginx/conf/globals/custom.proxy.conf'; include '/home/nginx/conf/globals/generic.conf'; } ### end - web of 'vmax24.pl' - do not remove/modify this line Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250647,250647#msg-250647 From nginx-forum at nginx.us Wed Jun 4 19:37:32 2014 From: nginx-forum at nginx.us (Spacedust) Date: Wed, 04 Jun 2014 15:37:32 -0400 Subject: [alert] 12928#0: worker process 3958 exited on signal 11 In-Reply-To: <7fb4a3505cf38f408a87f525bc3b25da.NginxMailingListEnglish@forum.nginx.org> References: <7fb4a3505cf38f408a87f525bc3b25da.NginxMailingListEnglish@forum.nginx.org> Message-ID: <639b3e8d930c193fcdb4d8fd37d7c11e.NginxMailingListEnglish@forum.nginx.org> Also dmesg is full of this: nginx[9184]: segfault at 27 ip 0000000000447606 sp 00007fff9972a8b0 error 4 in nginx[400000+b6000] nginx[9599]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 in nginx[400000+b6000] nginx[9579]: segfault at 117 ip 0000000000447606 sp 00007fff9972b7f0 error 4 in nginx[400000+b6000] nginx[9600]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 in nginx[400000+b6000] nginx[9639]: segfault at ea78 ip 0000000000447606 sp 00007fff9972b7f0 error 4 in nginx[400000+b6000] nginx[9659]: segfault at 19 ip 0000000000447606 sp 00007fff9972a8b0 error 4 in nginx[400000+b6000] nginx[9601]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 in nginx[400000+b6000] nginx[9662]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 in nginx[400000+b6000] nginx[9663]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 in nginx[400000+b6000] nginx[9661]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 in nginx[400000+b6000] Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250647,250648#msg-250648 From piotr at cloudflare.com Wed Jun 4 19:47:51 2014 From: piotr at cloudflare.com (Piotr Sikora) Date: Wed, 4 Jun 2014 12:47:51 -0700 Subject: [alert] 12928#0: worker process 3958 exited on signal 11 In-Reply-To: <639b3e8d930c193fcdb4d8fd37d7c11e.NginxMailingListEnglish@forum.nginx.org> References: <7fb4a3505cf38f408a87f525bc3b25da.NginxMailingListEnglish@forum.nginx.org> <639b3e8d930c193fcdb4d8fd37d7c11e.NginxMailingListEnglish@forum.nginx.org> Message-ID: Hey, assuming this is your whole config, could you either uncomment the access_log directive or add "access_log off"? I'm pretty sure you're hitting the bug introduced in 1.7.0: http://mailman.nginx.org/pipermail/nginx-devel/2014-June/005430.html Best regards, Piotr Sikora From vl at nginx.com Wed Jun 4 19:48:05 2014 From: vl at nginx.com (Homutov Vladimir) Date: Wed, 04 Jun 2014 23:48:05 +0400 Subject: [alert] 12928#0: worker process 3958 exited on signal 11 In-Reply-To: <639b3e8d930c193fcdb4d8fd37d7c11e.NginxMailingListEnglish@forum.nginx.org> References: <7fb4a3505cf38f408a87f525bc3b25da.NginxMailingListEnglish@forum.nginx.org> <639b3e8d930c193fcdb4d8fd37d7c11e.NginxMailingListEnglish@forum.nginx.org> Message-ID: <538F77F5.6070508@nginx.com> On 04.06.2014 23:37, Spacedust wrote: > Also dmesg is full of this: > > nginx[9184]: segfault at 27 ip 0000000000447606 sp 00007fff9972a8b0 error 4 > in nginx[400000+b6000] > nginx[9599]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 > in nginx[400000+b6000] > nginx[9579]: segfault at 117 ip 0000000000447606 sp 00007fff9972b7f0 error 4 > in nginx[400000+b6000] > nginx[9600]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 > in nginx[400000+b6000] > nginx[9639]: segfault at ea78 ip 0000000000447606 sp 00007fff9972b7f0 error > 4 in nginx[400000+b6000] > nginx[9659]: segfault at 19 ip 0000000000447606 sp 00007fff9972a8b0 error 4 > in nginx[400000+b6000] > nginx[9601]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 > in nginx[400000+b6000] > nginx[9662]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 > in nginx[400000+b6000] > nginx[9663]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 > in nginx[400000+b6000] > nginx[9661]: segfault at 19 ip 0000000000447606 sp 00007fff9972b7f0 error 4 > in nginx[400000+b6000] > > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250647,250648#msg-250648 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > http://wiki.nginx.org/Debugging When asking for help with debugging please provide: nginx -V output full config debug log backtrace (if nginx exits on signal) From nginx-forum at nginx.us Wed Jun 4 19:53:28 2014 From: nginx-forum at nginx.us (Spacedust) Date: Wed, 04 Jun 2014 15:53:28 -0400 Subject: [alert] 12928#0: worker process 3958 exited on signal 11 In-Reply-To: References: Message-ID: <1ce031932f075681c1660077bcf62bc4.NginxMailingListEnglish@forum.nginx.org> Piotr Sikora Wrote: ------------------------------------------------------- > Hey, > assuming this is your whole config, could you either uncomment the > access_log directive or add "access_log off"? I'm pretty sure you're > hitting the bug introduced in 1.7.0: > http://mailman.nginx.org/pipermail/nginx-devel/2014-June/005430.html Yes. It started since 1.7.0 - all previous version were working fine with the same config ;) Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250647,250651#msg-250651 From nginx-forum at nginx.us Thu Jun 5 03:36:24 2014 From: nginx-forum at nginx.us (TECK) Date: Wed, 04 Jun 2014 23:36:24 -0400 Subject: Nginx 1.7.0: location @php In-Reply-To: <538C1A3A.70306@alllangin.com> References: <538C1A3A.70306@alllangin.com> Message-ID: <4850f866b7b07c766893dfc40bdf7a60.NginxMailingListEnglish@forum.nginx.org> support Wrote: ------------------------------------------------------- > yes. > > update and test > > 02.06.2014 10:24, wishmaster ?????: > > I have the same problem in my php-application. Admin folder is > protected with auth_basic and the rest folders - without auth. I have > not found any solution except code duplication for php location. Can you please explain what to update and test? Is unclear. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250342,250654#msg-250654 From nginx-forum at nginx.us Thu Jun 5 03:41:56 2014 From: nginx-forum at nginx.us (TECK) Date: Wed, 04 Jun 2014 23:41:56 -0400 Subject: Nginx 1.7.0: location @php In-Reply-To: References: Message-ID: <6157c3147221a3d27a0a1078fb07b83b.NginxMailingListEnglish@forum.nginx.org> Jonathan Matthews Wrote: ------------------------------------------------------- > Fortunately, this being a *public* *mailing* *list*, and Francis > (along with almost every other subscriber) giving his time, experience > and opinions for free, you are definitely no worse off than when you > started. > > Actually, however, you're demonstrably better off, as Francis has both > attempted to help you go through the kind of troubleshooting process > that will serve you well if you apply it (Message-ID > 20140525132809.GN16942 at daoine.org) and ... > > > I think what I asked is > > very clear and simple: > > How do I avoid repeating a segment of configuration code assigned to > @php > > into various locations: > > .... he has given you the answer to this question - that you clearly > thought you began by asking, but didn't. In Message-ID > 20140531112745.GZ16942 at daoine.org. > > HTH. I'm sorry, I did not understood nothing. Can you provide an example of how to avoid repeating the php configuration through @php location? IMO the logic presented is clear: define a @php location and call it in other locations with try_files, like explained into Nginx documentation. In my case the end result is unexpected, the php file contents will be downloaded, instead of being executed. This works: http://pastie.org/private/5gkl1pti1co0onzhgb8jpg This does not: http://pastie.org/private/iuz58naozk6xo92ukqmwsg Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250342,250655#msg-250655 From nginx-forum at nginx.us Thu Jun 5 07:15:26 2014 From: nginx-forum at nginx.us (justink101) Date: Thu, 05 Jun 2014 03:15:26 -0400 Subject: Redirect to custom landing pages based on http referer Message-ID: <1612962ec04c5e4d96acccf8e471cb2f.NginxMailingListEnglish@forum.nginx.org> Is it possible using nginx to essentially look at the http referer header, and if its set to a specific value, and the page is index.html or /, redirect to a custom landing page. For example: # Psuedo code if($page = "index.html" and $http_referer ~* (www\.)?amazon.com.*) { rewrite ^ "our-amazon-landing-page.html" permanent; } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250656,250656#msg-250656 From francis at daoine.org Thu Jun 5 07:35:47 2014 From: francis at daoine.org (Francis Daly) Date: Thu, 5 Jun 2014 08:35:47 +0100 Subject: Redirect to custom landing pages based on http referer In-Reply-To: <1612962ec04c5e4d96acccf8e471cb2f.NginxMailingListEnglish@forum.nginx.org> References: <1612962ec04c5e4d96acccf8e471cb2f.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140605073547.GC16942@daoine.org> On Thu, Jun 05, 2014 at 03:15:26AM -0400, justink101 wrote: Hi there, > Is it possible using nginx to essentially look at the http referer header, > and if its set to a specific value, and the page is index.html or /, > redirect to a custom landing page. Yes. With a few other assumptions: location = /index.html { if ($http_referer ~* (www.)?amazon.com) { return 301 /our-amazon-landing-page.html; } } That doesn't scale much beyond one match; if you need that, use a "map". f -- Francis Daly francis at daoine.org From r at roze.lv Thu Jun 5 08:31:49 2014 From: r at roze.lv (Reinis Rozitis) Date: Thu, 5 Jun 2014 11:31:49 +0300 Subject: Nginx 1.7.0: location @php In-Reply-To: <6157c3147221a3d27a0a1078fb07b83b.NginxMailingListEnglish@forum.nginx.org> References: <6157c3147221a3d27a0a1078fb07b83b.NginxMailingListEnglish@forum.nginx.org> Message-ID: > I'm sorry, I did not understood nothing. Can you provide an example of how > to avoid repeating the php configuration through @php location? As someone said in earlier mails you can always use include and put the repeating parts in seperate files. For example put this into php.conf: location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass fastcgi; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name; include fastcgi.conf; } And then your main config will look like: location ^~ /alpha { auth_basic "Restricted Access"; auth_basic_user_file htpasswd; try_files $uri $uri/ /alpha/index.php?$uri&$args; include php.conf; } location ^~ /beta { try_files $uri $uri/ /beta/index.php?$uri&$args; include php.conf; } rr From qwrules at gmail.com Thu Jun 5 08:45:19 2014 From: qwrules at gmail.com (KC) Date: Thu, 05 Jun 2014 10:45:19 +0200 Subject: Can't get nginx to work with Adminer nor phpMyadmin In-Reply-To: <20140602231248.GB16942@daoine.org> References: <538CBF76.5090208@gmail.com> <538CDA93.2010002@gmail.com> <20140602231248.GB16942@daoine.org> Message-ID: <53902E1F.9050002@gmail.com> Hello >> I want to be able to type http://ipaddress/phpmyadmin (or adminer) >> and see its respective interface. But as it is now, I only get 404 >> error. > > If you want http://ipaddress/phpmyadmin and http://ipaddress/adminer to > both work, you will probably want a single server{} block with all of > the configuration. > I must say I do not understand those config files. Say, I only want to make adminer work, and we have a segment that goes like that server { listen 80; server_name example.org www.example.org; ... } Where am I supposed to put the subfolder name here? Why are there those "example.org" domain names, if I am not even using a domain at the moment? All I want is to http://192.168.0.2 to point to the index file in root html folder and http://192.168.0.2/adminer to point to a html/adminer And reading http://nginx.org/en/docs/http/request_processing.html is confusing for that reason - I see no references to subfolders, just some domains. I suppose that the "location" bit is taking care of subfolders, but if this is so, then... that would mean there is nothing to be set in "server" blocks. I just don't get it. Cheers From nginx-forum at nginx.us Thu Jun 5 13:36:09 2014 From: nginx-forum at nginx.us (dirknel) Date: Thu, 05 Jun 2014 09:36:09 -0400 Subject: Google Analytics event generation by using Nginx logs Message-ID: <32155ce935473d4d2aff17227f119c36.NginxMailingListEnglish@forum.nginx.org> Hi This is my first posting here, so HI to everyone :) I would like to generate Google Analytics events for documents/videos served directly by Nginx. Currently the user of our system can either get the docs by going through our website or by going directly to the url. In the first instance the javascript on the webpage logs the Google Analytics event but I do not know how to do create an event when the user uses the static link to the document/video (that basically bypasses the website). A lot of information should be in the Nginx access logs and I would like to use that to generate a Google Analytics event. Has anyone tried to do this? Any suggestions would be helpful. Kind regards, Dirk Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250668,250668#msg-250668 From nginx-forum at nginx.us Thu Jun 5 15:10:16 2014 From: nginx-forum at nginx.us (MaxDudu) Date: Thu, 05 Jun 2014 11:10:16 -0400 Subject: DNS resolution of backends Message-ID: Hi guys We run a reverse proxy to Amazon S3 service. Sometime Amazon change their IPs and some of them may become unresponsive and render reservse proxy unusuable. Is there options to force nginx to re-resolve IPs of backends lets say each 5 mins ? Thanks ! Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250669,250669#msg-250669 From r at roze.lv Thu Jun 5 15:20:35 2014 From: r at roze.lv (Reinis Rozitis) Date: Thu, 5 Jun 2014 18:20:35 +0300 Subject: DNS resolution of backends In-Reply-To: References: Message-ID: <8DF54348BD7D416A8A47FFB3F417EB49@MasterPC> > We run a reverse proxy to Amazon S3 service. Sometime Amazon change their > IPs and some of them may become unresponsive and render reservse proxy > unusuable. Is there options to force nginx to re-resolve IPs of backends > lets say each 5 mins ? Give the upstream{} block the hostnames of the instances and add an resolver ( http://nginx.org/en/docs/http/ngx_http_core_module.html#resolver ). Optionally add valid=5m; if the TTL of the domain is not optimal. p.s. for the nginx to be more responsive you can also tweak the connect timeouts like proxy_connect_timeout ( http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_connect_timeout ) as the default is quite high - 60 seconds. rr From namxam at gmail.com Thu Jun 5 16:00:12 2014 From: namxam at gmail.com (Maximilian Schulz) Date: Thu, 5 Jun 2014 18:00:12 +0200 Subject: Dynamic config options from ENV Message-ID: Hi everybody, is it possible to set a nginx config variable from an ENV variable? I tried several thing, but none of them worked. The most promising was specifying "env MY_VAR;" at the top of the nginx.conf and then using its value via "my_option $ENV{"MY_VAR"};". But it didn't work. I always got an error about the line not being terminated. 1. Is it possible to set a config option via ENV varaibles 2. If so, does it have any performance implications? (The ENV wont change during run time) Thank you very much for your help. Max -------------- next part -------------- An HTML attachment was scrubbed... URL: From contact at jpluscplusm.com Thu Jun 5 16:21:29 2014 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Thu, 5 Jun 2014 17:21:29 +0100 Subject: Dynamic config options from ENV In-Reply-To: References: Message-ID: On 5 June 2014 17:00, Maximilian Schulz wrote: > Hi everybody, > > is it possible to set a nginx config variable from an ENV variable? I tried > several thing, but none of them worked. The most promising was specifying > "env MY_VAR;" at the top of the nginx.conf and then using its value via > "my_option $ENV{"MY_VAR"};". But it didn't work. I always got an error about > the line not being terminated. > > 1. Is it possible to set a config option via ENV varaibles > 2. If so, does it have any performance implications? (The ENV wont change > during run time) You can't do this nicely with nginx. Your best option is to pre-process the config file each time you reload/etc, interpolating the envvars so that nginx itself sees static values. From nginx-forum at nginx.us Thu Jun 5 16:23:10 2014 From: nginx-forum at nginx.us (erankor2) Date: Thu, 05 Jun 2014 12:23:10 -0400 Subject: Asynchronous file processing Message-ID: Hi all, I'm working on a native nginx module in which I want to read an input file and perform some manipulations on its data. Since the files I'm reading are big and accessed over NFS, I want to use asynchronous I/O for reading them, and I want to implement it as a pipeline of chunks, i.e. read a chunk, process the chunk, add the chunk to the response chain. My questions are as follows: 1. Is there any sample / documentation / basic guidelines you can give me on how to progressively output data back to the client ? 2. Does nginx support generating responses with chunked-encoding (I may not be able to determine the response size without processing the whole file, and would prefer to avoid keeping the entire processed buffer in memory at once) ? 3. Can you send me some guidelines on how to perform asynchronous file read (my understanding is that I need to use ngx_file_aio_read and if I get NGX_AGAIN, set the handler/data members of file->aio to my completion callback) ? Thank you in advance, Eran Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250673,250673#msg-250673 From namxam at gmail.com Thu Jun 5 16:50:10 2014 From: namxam at gmail.com (Maximilian Schulz) Date: Thu, 5 Jun 2014 18:50:10 +0200 Subject: Dynamic config options from ENV In-Reply-To: References:

Message-ID: Thank you Jonathan, I was afraid that this is the only option? really sad :( I am currently experimenting with docker and dynamic setups which work for all environments? too bad that we need to use a custom script do handle the problem at hand. But thank you very much. Max On Thu, Jun 5, 2014 at 6:21 PM, Jonathan Matthews wrote: > On 5 June 2014 17:00, Maximilian Schulz wrote: > > Hi everybody, > > > > is it possible to set a nginx config variable from an ENV variable? I > tried > > several thing, but none of them worked. The most promising was specifying > > "env MY_VAR;" at the top of the nginx.conf and then using its value via > > "my_option $ENV{"MY_VAR"};". But it didn't work. I always got an error > about > > the line not being terminated. > > > > 1. Is it possible to set a config option via ENV varaibles > > 2. If so, does it have any performance implications? (The ENV wont change > > during run time) > > You can't do this nicely with nginx. Your best option is to > pre-process the config file each time you reload/etc, interpolating > the envvars so that nginx itself sees static values. > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Thu Jun 5 18:33:16 2014 From: nginx-forum at nginx.us (itpp2012) Date: Thu, 05 Jun 2014 14:33:16 -0400 Subject: [ANN] Windows nginx 1.7.2.2 RedKnight Message-ID: <36198a8c351e2300590a6b8183f30202.NginxMailingListEnglish@forum.nginx.org> 20:13 5-6-2014 nginx 1.7.2.2 RedKnight Based on nginx 1.7.2 (5-6-2014) with; + Openssl-1.0.1h (CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470) + New nginx Windows icon + Source changes back ported + Source changes add-on's back ported + Changes for nginx_basic: Source changes back ported * Scheduled release: no (openssl fixes) * Additional specifications: see 'Feature list' Builds can be found here: http://nginx-win.ecsds.eu/ Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250675,250675#msg-250675 From r at roze.lv Thu Jun 5 18:34:29 2014 From: r at roze.lv (Reinis Rozitis) Date: Thu, 5 Jun 2014 21:34:29 +0300 Subject: Dynamic config options from ENV In-Reply-To: References:

Message-ID: <9A18A07BD4C14C57A3FE1B4C65CC116D@NeiRoze> > I am currently experimenting with docker and dynamic setups which work for > all environments? too bad that we need to use a custom script do handle > the problem at hand. Well probably not that bad if you can use something allready made: https://index.docker.io/u/shepmaster/nginx-template-image/ rr From nginx-forum at nginx.us Thu Jun 5 18:40:03 2014 From: nginx-forum at nginx.us (MaxDudu) Date: Thu, 05 Jun 2014 14:40:03 -0400 Subject: DNS resolution of backends In-Reply-To: <8DF54348BD7D416A8A47FFB3F417EB49@MasterPC> References: <8DF54348BD7D416A8A47FFB3F417EB49@MasterPC> Message-ID: <13c771ae230693a534eade5cd30fecd5.NginxMailingListEnglish@forum.nginx.org> Sounds exactly like what I'm looking for thank you Reinis ! Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250669,250677#msg-250677 From kyprizel at gmail.com Thu Jun 5 21:04:43 2014 From: kyprizel at gmail.com (kyprizel) Date: Fri, 6 Jun 2014 01:04:43 +0400 Subject: nginx Segmentation fault In-Reply-To: <028E5567-F32C-4A1D-BDA2-07CEE4949EDC@nginx.com> References: <3ea3501ac4ed08cc75d36d64fe933870.NginxMailingListEnglish@forum.nginx.org> <5D405364-E117-43D8-B119-71FDFC08E3AA@nginx.com> <028E5567-F32C-4A1D-BDA2-07CEE4949EDC@nginx.com> Message-ID: No, it does not help. The problem somewhere in body reading/processing. On Wed, Jun 4, 2014 at 8:10 PM, Andrei Belov wrote: > Not yet. > > Quick look makes me think that "client_body_in_file_only on;" might help. > > -- defan > > On 04 ???? 2014 ?., at 19:58, kyprizel wrote: > > Andrei, have you checked issue 630? > > https://github.com/SpiderLabs/ModSecurity/issues/630 > > > On Wed, Jun 4, 2014 at 7:12 PM, Andrei Belov wrote: > >> Hi, >> >> there is a lot of open issues with ModSecurity and nginx: >> >> https://github.com/SpiderLabs/ModSecurity/issues?labels=Platform+-+Nginx&state=open >> >> Some of them have been already fixed in nginx_refactoring branch: >> https://github.com/SpiderLabs/ModSecurity/tree/nginx_refactoring >> >> I spent some time experimenting with this branch locally, >> and added a number of improvements to the code: >> https://github.com/defanator/ModSecurity/tree/nginx_refactoring >> >> A number of patches were already imported into >> SpiderLabs/nginx_refactoring >> repository, others are under review and testing. >> >> Please feel free to try - any feedback will be greatly appreciated! >> >> Cheers, >> >> ? >> Andrei Belov >> http://nginx.com/ >> >> >> On 04 Jun 2014, at 17:17, Godinho wrote: >> >> > I needed to use modsecurity so I compiled nginx and modsecurity. >> > >> > Modsecurity was compiled with options: ./configure >> > --enable-standalone-module >> > >> > nginx with: ./configure >> > --add-module=../modsecurity-2.8.0/nginx/modsecurity/ >> > >> > When I try to test my configuration I have this: >> > >> > [root at nginx1 nginx]# /usr/local/nginx/sbin/nginx -t >> > Segmentation fault >> > >> > from message logs: >> > Jun 4 13:57:43 nginx1 kernel: nginx[12229]: segfault at 410 ip >> > 00007f9088569a32 sp 00007fffc90ccf58 error 4 in >> > libc-2.12.so[7f90884e0000+18b000] >> > Jun 4 13:57:44 nginx1 kernel: nginx[12230]: segfault at 410 ip >> > 00007f6626c93a32 sp 00007fff4fdd7cf8 error 4 in >> > libc-2.12.so[7f6626c0a000+18b000] >> > >> > Update: it seams it a modsecurity problem, copiled without it >> (./configure >> > --with-http_ssl_module) work just fine... >> > >> > Posted at Nginx Forum: >> http://forum.nginx.org/read.php?2,250629,250629#msg-250629 >> > >> > _______________________________________________ >> > nginx mailing list >> > nginx at nginx.org >> > http://mailman.nginx.org/mailman/listinfo/nginx >> > >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx >> > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From black.fledermaus at arcor.de Fri Jun 6 07:48:52 2014 From: black.fledermaus at arcor.de (basti) Date: Fri, 06 Jun 2014 09:48:52 +0200 Subject: Deny all + Custom Error page Message-ID: <53917264.4000503@arcor.de> Hello, I try to block wildcard sub domains as follows: # block wildcard server { server_name ~^(.*)\.example\.com$ ; root /usr/share/nginx/www; error_page 403 /index.html; allow 127.0.0.1; deny all; access_log off; log_not_found off; } I always get the default "403 Forbidden" site of nginx. When "deny all" is removed it work as expected. Can anybody explain? And does anybody know a workaround? Best Regards; Basti From black.fledermaus at arcor.de Fri Jun 6 08:57:32 2014 From: black.fledermaus at arcor.de (basti) Date: Fri, 06 Jun 2014 10:57:32 +0200 Subject: Deny all + Custom Error page In-Reply-To: <53917264.4000503@arcor.de> References: <53917264.4000503@arcor.de> Message-ID: <5391827C.6060707@arcor.de> Here is my solution: server { server_name ~^(.*)\.example\.com$ ; return 200; deny all; access_log off; log_not_found off; } Am 06.06.2014 09:48, schrieb basti: > Hello, > > I try to block wildcard sub domains as follows: > > > # block wildcard > server { > server_name ~^(.*)\.example\.com$ ; > root /usr/share/nginx/www; > error_page 403 /index.html; > allow 127.0.0.1; > deny all; > access_log off; > log_not_found off; > } > > I always get the default "403 Forbidden" site of nginx. > When "deny all" is removed it work as expected. > > Can anybody explain? > And does anybody know a workaround? > > Best Regards; > Basti > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From nginx-forum at nginx.us Fri Jun 6 09:16:43 2014 From: nginx-forum at nginx.us (kirimedia) Date: Fri, 06 Jun 2014 05:16:43 -0400 Subject: the http output chain is empty bug (nginx lua module) Message-ID: <0762076a534bfb820547e9aca335c9b8.NginxMailingListEnglish@forum.nginx.org> nginx >= 1.5.7 nginx-lua-module >= 0.9.8 (possibly older version) CentOS 6 # ./sbin/nginx -V nginx version: nginx/1.5.7 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC) configure arguments: --add-module=../lua-nginx-module Config file user nginx; worker_processes 1; error_log /var/log/nginx/nginx-error.log error; events { use epoll; } http { gzip on; server { listen 80; root /usr/local/nginx/html; location = /empty/ { empty_gif; } location = /include/ { content_by_lua ' ngx.location.capture("/empty/") ngx.location.capture("/empty/") '; } location = /ssi.html { ssi on; } } } Content of /usr/local/nginx/html/ssi.html HEADER Or request http://localhost/ssi.html (with header Accept-Encoding: gzip) become blank response (without headers and without body) And in log [alert] 20457#0: *1 the http output chain is empty, client: 127.0.0.1, server: , request: "GET /ssi.html HTTP/1.1", subrequest: "/include/" How I can fix it? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250689,250689#msg-250689 From contact at jpluscplusm.com Fri Jun 6 09:24:10 2014 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Fri, 6 Jun 2014 10:24:10 +0100 Subject: Deny all + Custom Error page In-Reply-To: <53917264.4000503@arcor.de> References: <53917264.4000503@arcor.de> Message-ID: On 6 Jun 2014 08:49, "basti" wrote: > > Hello, > > I try to block wildcard sub domains as follows: > > > # block wildcard > server { > server_name ~^(.*)\.example\.com$ ; > root /usr/share/nginx/www; > error_page 403 /index.html; > allow 127.0.0.1; > deny all; > access_log off; > log_not_found off; > } I'm sure there's a precedence rule that'll explain this but I don't have it to hand. However, have you considered merely telling that server{} to listen only on 127.0.0.1? You may also wish to look at the server_name documentation for the shorthand of "*.foo.com" instead of the regex you're using. Finally, if your aim is just to deny requests for hosts you haven't explicitly configured elsewhere in nginx's config file, I find the following to be a useful catchall. Use it alongside well-defined server_names in other server blocks. server { listen 80 default_server; server_name _; location / { return 404; } } HTH, J -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Fri Jun 6 10:13:15 2014 From: nginx-forum at nginx.us (itpp2012) Date: Fri, 06 Jun 2014 06:13:15 -0400 Subject: the http output chain is empty bug (nginx lua module) In-Reply-To: <0762076a534bfb820547e9aca335c9b8.NginxMailingListEnglish@forum.nginx.org> References: <0762076a534bfb820547e9aca335c9b8.NginxMailingListEnglish@forum.nginx.org> Message-ID: <7751874f37ebd4b6f5ef700cd0e2259a.NginxMailingListEnglish@forum.nginx.org> See http://trac.nginx.org/nginx/ticket/132 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250689,250692#msg-250692 From mdounin at mdounin.ru Fri Jun 6 10:37:26 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Fri, 6 Jun 2014 14:37:26 +0400 Subject: the http output chain is empty bug (nginx lua module) In-Reply-To: <7751874f37ebd4b6f5ef700cd0e2259a.NginxMailingListEnglish@forum.nginx.org> References: <0762076a534bfb820547e9aca335c9b8.NginxMailingListEnglish@forum.nginx.org> <7751874f37ebd4b6f5ef700cd0e2259a.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140606103725.GF1849@mdounin.ru> Hello! On Fri, Jun 06, 2014 at 06:13:15AM -0400, itpp2012 wrote: > See http://trac.nginx.org/nginx/ticket/132 Unlikely it's related. -- Maxim Dounin http://nginx.org/ From nginx-forum at nginx.us Fri Jun 6 11:41:18 2014 From: nginx-forum at nginx.us (nginxsantos) Date: Fri, 06 Jun 2014 07:41:18 -0400 Subject: nginx channel Message-ID: <57fba2620e2097b231c5869e780250b9.NginxMailingListEnglish@forum.nginx.org> Would be great where channels are used, I am talking about ngx_channel? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250694,250694#msg-250694 From contact at jpluscplusm.com Fri Jun 6 12:03:37 2014 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Fri, 6 Jun 2014 13:03:37 +0100 Subject: nginx channel In-Reply-To: <57fba2620e2097b231c5869e780250b9.NginxMailingListEnglish@forum.nginx.org> References: <57fba2620e2097b231c5869e780250b9.NginxMailingListEnglish@forum.nginx.org> Message-ID: On 6 June 2014 12:41, nginxsantos wrote: > Would be great where channels are used, I am talking about ngx_channel? Please rearrange your words into a comprehensible sentence and/or question. Thank you. From nginx-forum at nginx.us Fri Jun 6 12:14:25 2014 From: nginx-forum at nginx.us (nginxsantos) Date: Fri, 06 Jun 2014 08:14:25 -0400 Subject: nginx channel In-Reply-To: References: Message-ID: <85df0db4459b62cce6972c2d7117d8e4.NginxMailingListEnglish@forum.nginx.org> I was not clear about the usage of ngx_channel? When each worker process is started, the function "ngx_pass_open_channel" is called. It is not clear to me where we do use the channels, I mean for what ? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250694,250697#msg-250697 From mdounin at mdounin.ru Fri Jun 6 12:20:43 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Fri, 6 Jun 2014 16:20:43 +0400 Subject: nginx channel In-Reply-To: <85df0db4459b62cce6972c2d7117d8e4.NginxMailingListEnglish@forum.nginx.org> References: <85df0db4459b62cce6972c2d7117d8e4.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140606122043.GI1849@mdounin.ru> Hello! On Fri, Jun 06, 2014 at 08:14:25AM -0400, nginxsantos wrote: > I was not clear about the usage of ngx_channel? When each worker process is > started, the function "ngx_pass_open_channel" is called. It is not clear to > me where we do use the channels, I mean for what ? Channels are used to pass control messages from master to workers. In particular, this is how master asks workers to shutdown, reopen logs and so on. It is planned that this infrastructure will also allow workers to pass various notifications from one process to others, though it's not something currently available. -- Maxim Dounin http://nginx.org/ From nginx-forum at nginx.us Fri Jun 6 12:33:24 2014 From: nginx-forum at nginx.us (nginxsantos) Date: Fri, 06 Jun 2014 08:33:24 -0400 Subject: nginx channel In-Reply-To: <20140606122043.GI1849@mdounin.ru> References: <20140606122043.GI1849@mdounin.ru> Message-ID: <271c4059807ad695606e9d296ec1e59c.NginxMailingListEnglish@forum.nginx.org> Thanks Maxim. It helps... Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250694,250700#msg-250700 From mdounin at mdounin.ru Fri Jun 6 12:40:24 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Fri, 6 Jun 2014 16:40:24 +0400 Subject: DNS resolution of backends In-Reply-To: <8DF54348BD7D416A8A47FFB3F417EB49@MasterPC> References: <8DF54348BD7D416A8A47FFB3F417EB49@MasterPC> Message-ID: <20140606124024.GJ1849@mdounin.ru> Hello! On Thu, Jun 05, 2014 at 06:20:35PM +0300, Reinis Rozitis wrote: > >We run a reverse proxy to Amazon S3 service. Sometime Amazon change their > >IPs and some of them may become unresponsive and render reservse proxy > >unusuable. Is there options to force nginx to re-resolve IPs of backends > >lets say each 5 mins ? > > Give the upstream{} block the hostnames of the instances and add an resolver > ( http://nginx.org/en/docs/http/ngx_http_core_module.html#resolver ). This won't make any difference. Names of servers in upstream{} blocks are resolved during configuration parsing, and won't be re-resolved till next configuration parsing. To ensure periodic hostname resolution, one have to use a hostname (not an upstream block) in proxy_pass, and variables in the proxy_pass directive. This way, nginx won't know a hostname in advance, and will have to use resolver to resolve it, resulting in a periodic hostname resolution. (Alternatively, a special "resolve" flag for servers in upstream{} blocks was recently introduced of the commercial subscription, see http://nginx.org/en/docs/http/ngx_http_upstream_module.html#server. But this requires commercial subscription.) -- Maxim Dounin http://nginx.org/ From shahzaib.cb at gmail.com Fri Jun 6 13:36:27 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Fri, 6 Jun 2014 18:36:27 +0500 Subject: Caching servers in Local ISPs !! In-Reply-To: References: Message-ID: @itpp I am currenlty proceeding with proxy_cache method just because i had to done this in emergency mode due to boss pressure :-|. I have a quick question, can i make nginx to cache files for specific clients ? Like, if our caching servers are deployed by only single ISP named "ptcl". So if ip from ptcl client is browsing video, only his requested file should be cached not for any other client, does nginx support that ?? I know its kind of funny, but i've to complete this task :( On Thu, Jun 5, 2014 at 12:23 AM, shahzaib shahzaib wrote: > >>Also sync to a temp folder and move after completion or nginx will > attempt > to send partial files. > > Oh right. Thanks for quick help and suggestion :). I'll look into wanproxy > now. > > > > > On Thu, Jun 5, 2014 at 12:19 AM, itpp2012 wrote: > >> shahzaib1232 Wrote: >> ------------------------------------------------------- >> > @itpp, i just used your method try_files and it worked flawlessly :). >> > Following is the testing config : >> > >> > server { >> > listen 80; >> > server_name domain.com; >> > root /var/www/html/files; >> > >> > location / { >> >> location ~* (\.mp3|\.avi|\.mp4)$ { >> >> > Should i use rsync or lsync for mirroring the files between Origin and >> > caching server ? >> >> Whatever works for you, I'd prefer rsync since that's easier to schedule >> for >> off-peek hours. >> Also sync to a temp folder and move after completion or nginx will attempt >> to send partial files. >> see also http://wanproxy.org/ >> >> Posted at Nginx Forum: >> http://forum.nginx.org/read.php?2,249997,250645#msg-250645 >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From roy at xdam.com Fri Jun 6 15:13:10 2014 From: roy at xdam.com (Roy Phillips) Date: Fri, 06 Jun 2014 11:13:10 -0400 Subject: NGINX Error when uploading images Message-ID: Hi all, We have a handful of users in the UK that are getting the error (screenshot attached) We narrowed it down to the ISP/Router ?Virgin BT? ISP or Home Hub 2.0. If they use another ISP or even tether to an iPhone it works. They also upgraded the Home Hub 2.0 to Home Hub 5.0 and it works. Do you know of a work around for this error by any chance? Thank you, Roy Phillips XDAM Support 239-791-9995 roy at xdam.com http://www.xdam.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Unknown[8].png Type: image/png Size: 13519 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Unknown.png Type: image/png Size: 48758 bytes Desc: not available URL: From nginx-forum at nginx.us Fri Jun 6 15:26:07 2014 From: nginx-forum at nginx.us (itpp2012) Date: Fri, 06 Jun 2014 11:26:07 -0400 Subject: Caching servers in Local ISPs !! In-Reply-To: References: Message-ID: shahzaib1232 Wrote: ------------------------------------------------------- > @itpp I am currenlty proceeding with proxy_cache method just because i > had > to done this in emergency mode due to boss pressure :-|. I have a > quick > question, can i make nginx to cache files for specific clients ? > > Like, if our caching servers are deployed by only single ISP named > "ptcl". > So if ip from ptcl client is browsing video, only his requested file > should > be cached not for any other client, does nginx support that ?? You could do this based on some IP ranges or via https://github.com/flant/nginx-http-rdns See http://serverfault.com/questions/380642/nginx-how-to-redirect-users-with-certain-ip-to-special-page and http://www.cyberciti.biz/faq/nginx-redirect-backend-traffic-based-upon-client-ip-address/ Posted at Nginx Forum: http://forum.nginx.org/read.php?2,249997,250707#msg-250707 From mdounin at mdounin.ru Fri Jun 6 15:45:03 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Fri, 6 Jun 2014 19:45:03 +0400 Subject: NGINX Error when uploading images In-Reply-To: References: Message-ID: <20140606154503.GK1849@mdounin.ru> Hello! On Fri, Jun 06, 2014 at 11:13:10AM -0400, Roy Phillips wrote: > Hi all, > > We have a handful of users in the UK that are getting the error (screenshot > attached) We narrowed it down to the ISP/Router ?Virgin BT? ISP or Home Hub > 2.0. > > If they use another ISP or even tether to an iPhone it works. > > They also upgraded the Home Hub 2.0 to Home Hub 5.0 and it works. > > Do you know of a work around for this error by any chance? Unless you are using nginx and did something strange in the configuration, most relevant link I can think of is: http://nginx.org/en/docs/welcome_nginx_facebook.html Wikipedia article on the BT Home Hub suggests it has (or at least had) major problems with security, and this may be the reason: https://en.wikipedia.org/wiki/BT_Home_Hub#Criticism http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub/ -- Maxim Dounin http://nginx.org/ From roy at xdam.com Fri Jun 6 15:56:06 2014 From: roy at xdam.com (Roy Phillips) Date: Fri, 06 Jun 2014 11:56:06 -0400 Subject: NGINX Error when uploading images In-Reply-To: <20140606154503.GK1849@mdounin.ru> References: <20140606154503.GK1849@mdounin.ru> Message-ID: Thanks, Our application doesn?t use NGINX or our hosting provider in the USA. When the user drags and drops images in the webpage app that?s when they get the error containing NGINX. We suspect their ISP or Router uses NGINX on the backend but can?t confirm with level 1 support over there. Is that possible? Why would NGINX come up otherwise? Thank you, Roy Phillips XDAM Support 239-791-9995 roy at xdam.com http://www.xdam.com On 6/6/14, 11:45 AM, "Maxim Dounin" wrote: >Hello! > >On Fri, Jun 06, 2014 at 11:13:10AM -0400, Roy Phillips wrote: > >> Hi all, >> >> We have a handful of users in the UK that are getting the error >>(screenshot >> attached) We narrowed it down to the ISP/Router ?Virgin BT? ISP or Home >>Hub >> 2.0. >> >> If they use another ISP or even tether to an iPhone it works. >> >> They also upgraded the Home Hub 2.0 to Home Hub 5.0 and it works. >> >> Do you know of a work around for this error by any chance? > >Unless you are using nginx and did something strange in the >configuration, most relevant link I can think of is: > >http://nginx.org/en/docs/welcome_nginx_facebook.html > >Wikipedia article on the BT Home Hub suggests it has (or at least >had) major problems with security, and this may be the reason: > >https://en.wikipedia.org/wiki/BT_Home_Hub#Criticism >http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub/ > >-- >Maxim Dounin >http://nginx.org/ > >_______________________________________________ >nginx mailing list >nginx at nginx.org >http://mailman.nginx.org/mailman/listinfo/nginx From shahzaib.cb at gmail.com Fri Jun 6 15:56:36 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Fri, 6 Jun 2014 20:56:36 +0500 Subject: Caching servers in Local ISPs !! In-Reply-To: References: Message-ID: Thanks a lot itpp. :) I'll look into it and get back to you. Thanks again for quick solution :) On Fri, Jun 6, 2014 at 8:26 PM, itpp2012 wrote: > shahzaib1232 Wrote: > ------------------------------------------------------- > > @itpp I am currenlty proceeding with proxy_cache method just because i > > had > > to done this in emergency mode due to boss pressure :-|. I have a > > quick > > question, can i make nginx to cache files for specific clients ? > > > > Like, if our caching servers are deployed by only single ISP named > > "ptcl". > > So if ip from ptcl client is browsing video, only his requested file > > should > > be cached not for any other client, does nginx support that ?? > > You could do this based on some IP ranges or via > https://github.com/flant/nginx-http-rdns > > See > > http://serverfault.com/questions/380642/nginx-how-to-redirect-users-with-certain-ip-to-special-page > and > > http://www.cyberciti.biz/faq/nginx-redirect-backend-traffic-based-upon-client-ip-address/ > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,249997,250707#msg-250707 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Fri Jun 6 15:57:22 2014 From: nginx-forum at nginx.us (mfaridi) Date: Fri, 06 Jun 2014 11:57:22 -0400 Subject: arch linux , swf dir and forbidden error Message-ID: <83bd4fa8143cb6a8fab8f0ebf6409392.NginxMailingListEnglish@forum.nginx.org> I use arch linux and install nginx from arch repo , every thing is OK, I want use nginx for use play flash game and swf game , i download many swf files and make swf directory in /usr/share/nginx/html and put all swf files in swf directory and after that I set 755 for swf directory and set 644 for all swf files , but when I type in browser like firefox type http://127.0.0.1/swf I see this error 403 Forbidden and I can not play sw game but when I type http://127.0.0.1/swf/pacman.swf every thing is good and I can flash game what is problem ? I set 777 ,for folder and all swf but I see that problem again and I see 403 Forbidden Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250709,250709#msg-250709 From nginx-forum at nginx.us Fri Jun 6 21:16:23 2014 From: nginx-forum at nginx.us (MaxDudu) Date: Fri, 06 Jun 2014 17:16:23 -0400 Subject: DNS resolution of backends In-Reply-To: <20140606124024.GJ1849@mdounin.ru> References: <20140606124024.GJ1849@mdounin.ru> Message-ID: <714f2763c40d8e0cbd12c21ccade4bb5.NginxMailingListEnglish@forum.nginx.org> Ok thank for clarifications Max Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250669,250713#msg-250713 From francis at daoine.org Fri Jun 6 23:15:17 2014 From: francis at daoine.org (Francis Daly) Date: Sat, 7 Jun 2014 00:15:17 +0100 Subject: arch linux , swf dir and forbidden error In-Reply-To: <83bd4fa8143cb6a8fab8f0ebf6409392.NginxMailingListEnglish@forum.nginx.org> References: <83bd4fa8143cb6a8fab8f0ebf6409392.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140606231517.GD16942@daoine.org> On Fri, Jun 06, 2014 at 11:57:22AM -0400, mfaridi wrote: Hi there, > http://127.0.0.1/swf > I see this error > 403 Forbidden > and I can not play sw game > but when I type > http://127.0.0.1/swf/pacman.swf > every thing is good and I can flash game > what is problem ? What does error_log say? Most likely there is no index.html file, or autoindex (http://nginx.org/r/autoindex) is not on, is my guess. f -- Francis Daly francis at daoine.org From nginx-forum at nginx.us Sat Jun 7 01:07:57 2014 From: nginx-forum at nginx.us (ericmachine) Date: Fri, 06 Jun 2014 21:07:57 -0400 Subject: website with login button, redirect to intranet? Message-ID: <1aac1b8eb732bce84b8a4ea3c1640cb4.NginxMailingListEnglish@forum.nginx.org> Hi everyone, I would like to check whether this is possible with nginx (on ubuntu 12.04 LTS 64 bits). I have a website www.mywebpage.com.my this is just another website. There is a login button. When someone click on this login button, it would redirect them to https://erp.mywebpage.com.my. However, there are 2 scenarios will happen:- - if you are connected to our secure VPN (via OpenVPN), this redirection would be successful. - if you are not connected to the secure VPN (means the user doesn't have any access), then it will show "you are not authorised to view this page". This message should appear within www.mywebpage.com.my. FYI www.mywebpage.com.my - hosted on a public facing VPS (outside office) erp.mywebpage.com.my - hosted at my office server (once connected to the secure VPN, it is as if accessing via intranet) Is this possible and any suggestions to make this work? Thanks. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250715,250715#msg-250715 From lordnynex at gmail.com Sat Jun 7 04:52:14 2014 From: lordnynex at gmail.com (Lord Nynex) Date: Fri, 6 Jun 2014 21:52:14 -0700 Subject: website with login button, redirect to intranet? In-Reply-To: <1aac1b8eb732bce84b8a4ea3c1640cb4.NginxMailingListEnglish@forum.nginx.org> References: <1aac1b8eb732bce84b8a4ea3c1640cb4.NginxMailingListEnglish@forum.nginx.org> Message-ID: Hello, Assuming your VPN subnet is 10.10.1.0/24, In your server{} block on erp.mywebpage.com.my you will want to put the following. allow 10.10.1.0/24; deny all; error_page 403 = @403; location @403 { echo "You are not authorized to view this page" } On Fri, Jun 6, 2014 at 6:07 PM, ericmachine wrote: > Hi everyone, > > I would like to check whether this is possible with nginx (on ubuntu 12.04 > LTS 64 bits). > > I have a website > > www.mywebpage.com.my > > this is just another website. > > There is a login button. When someone click on this login button, it would > redirect them to https://erp.mywebpage.com.my. However, there are 2 > scenarios will happen:- > - if you are connected to our secure VPN (via OpenVPN), this redirection > would be successful. > - if you are not connected to the secure VPN (means the user doesn't have > any access), then it will show "you are not authorised to view this page". > This message should appear within www.mywebpage.com.my. > > FYI > > www.mywebpage.com.my - hosted on a public facing VPS (outside office) > > erp.mywebpage.com.my - hosted at my office server (once connected to the > secure VPN, it is as if accessing via intranet) > > Is this possible and any suggestions to make this work? > > Thanks. > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,250715,250715#msg-250715 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From luciano at vespaperitivo.it Sat Jun 7 08:50:05 2014 From: luciano at vespaperitivo.it (Luciano Mannucci) Date: Sat, 7 Jun 2014 10:50:05 +0200 Subject: Switching to nginx: php and rewrite rules from apache Message-ID: Hello list, I'm moving a bunch of sites from Apache to nginx 1.5.13 :). Everything went fine for the static ones and for the sites under wp or joomla. I have one site in php developped by the customer that seemed ok till I discovered that it has a subdirectory with its own .htacess file. Trying to add the rewriting rules makes the php "dead", only in the cited subdirectory. Here is my config: server { listen 212.45.144.216:80 default_server; server_name new.assirm.it test.assirm.it; access_log /dati/log/http/assirm/access.log; error_log /dati/log/http/assirm/error_new.log; rewrite_log on; #charset koi8-r; location ~ \.php$ { root /dati/httpd/web_assirm/sito_nginx; fastcgi_pass 127.0.0.1:9004; fastcgi_index index.php; include /etc/nginx/fastcgi.conf; } location / { root /dati/httpd/web_assirm/sito_nginx; index index.html index.htm index.php home.html welcome.html; # try_files $uri $uri/ /index.php?$args; rewrite ^/ultime-news.php$ /archivio-news.php?last=1 ; rewrite ^/(.*)_news(.*).htm$ /news.php?id=$2 ; rewrite ^/(.*)_ev(.*).htm$ /evento.php?id=$2 ; rewrite ^/(.*)_att(.*).htm$ /attivita.php?id=$2 ; rewrite ^/(.*)_k(.*).htm$ /pagina.php?k=$2 ; rewrite ^/(.*)_sk(.*).htm$ /stampa-contenuto.php?k=$2 ; rewrite ^/(.*)_sn(.*).htm$ /stampa-news.php?id=$2 ; rewrite ^/(.*)_a(.*).htm$ /associato.php?id=$2&$args ; rewrite ^/(.*)_p(.*).htm$ /mypost.php?id=$2&$args ; rewrite ^/ricerca-(.*).htm$ /risultati.php?s=$1&goo=1 ; rewrite ^/privacy.php$ /pagina.php?k=privacy ; } location ^~ /en/ { rewrite ^/en/ultime-news.php$ /en/archivio-news.php?last=1 break; rewrite ^/en/(.*)_news(.*).htm$ /en/news.php?id=$2 break; rewrite ^/en/(.*)_ev(.*).htm$ /en/evento.php?id=$2 break; rewrite ^/en/(.*)_att(.*).htm$ /en/attivita.php?id=$2 break; rewrite ^/en/(.*)_k(.*).htm$ /en/pagina.php?k=$2 break; rewrite ^/en/(.*)_sk(.*).htm$ /en/stampa-contenuto.php?k=$2 break; rewrite ^/en/(.*)_sn(.*).htm$ /en/stampa-news.php?id=$2 break; rewrite ^/en/(.*)_a(.*).htm$ /en/associato.php?id=$2&$args break; rewrite ^/en/(.*)_p(.*).htm$ /en/mypost.php?id=$2&$args break; rewrite ^/en/(.*)_wit(.*).htm$ /en/wit.php?c=$2&$args break; rewrite ^/en/ricerca-(.*).htm$ /en/risultati.php?s=$1&goo=1 break; rewrite ^/en/privacy.php$ /en/pagina.php?k=privacy break; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } What did I have wrong? Many thanks to all, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster at sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From francis at daoine.org Sat Jun 7 09:08:54 2014 From: francis at daoine.org (Francis Daly) Date: Sat, 7 Jun 2014 10:08:54 +0100 Subject: Switching to nginx: php and rewrite rules from apache In-Reply-To: <20140607085016.E94C83FA26A@mail.nginx.com> References: <20140607085016.E94C83FA26A@mail.nginx.com> Message-ID: <20140607090854.GE16942@daoine.org> On Sat, Jun 07, 2014 at 10:50:05AM +0200, Luciano Mannucci wrote: Hi there, > I have one site in php developped by the customer that seemed > ok till I discovered that it has a subdirectory with its own .htacess > file. Trying to add the rewriting rules makes the php "dead", only in > the cited subdirectory. You use "location" (http://nginx.org/r/location) and "rewrite" (http://nginx.org/r/rewrite) with the "break" flag. Based on the documentation, I guess that you will want to include within your "/en/" location, some configuration which tells nginx how you want php requests to be handled. > What did I have wrong? You left out some useful information: * what request do you make? * what response do you get? * what response do you want? f -- Francis Daly francis at daoine.org From luciano at vespaperitivo.it Sat Jun 7 10:08:05 2014 From: luciano at vespaperitivo.it (Luciano Mannucci) Date: Sat, 7 Jun 2014 12:08:05 +0200 Subject: Switching to nginx: php and rewrite rules from apache In-Reply-To: <20140607090854.GE16942@daoine.org> References: <20140607085016.E94C83FA26A@mail.nginx.com> <20140607090854.GE16942@daoine.org> Message-ID: On Sat, 7 Jun 2014 10:08:54 +0100 Francis Daly wrote: > On Sat, Jun 07, 2014 at 10:50:05AM +0200, Luciano Mannucci wrote: > > Hi there, > > What did I have wrong? > > You left out some useful information: > > * what request do you make? new.assirm.it/en/ > * what response do you get? The index.php page source. > * what response do you want? The php interpreted result. Many thanks again, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster at sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From francis at daoine.org Sat Jun 7 10:39:55 2014 From: francis at daoine.org (Francis Daly) Date: Sat, 7 Jun 2014 11:39:55 +0100 Subject: Switching to nginx: php and rewrite rules from apache In-Reply-To: <20140607100815.9D0C73FA281@mail.nginx.com> References: <20140607085016.E94C83FA26A@mail.nginx.com> <20140607090854.GE16942@daoine.org> <20140607100815.9D0C73FA281@mail.nginx.com> Message-ID: <20140607103955.GF16942@daoine.org> On Sat, Jun 07, 2014 at 12:08:05PM +0200, Luciano Mannucci wrote: > On Sat, 7 Jun 2014 10:08:54 +0100 > Francis Daly wrote: Hi there, > > * what request do you make? > new.assirm.it/en/ > > > * what response do you get? > The index.php page source. > > > * what response do you want? > The php interpreted result. So, within your location ^~ /en/ { add something like location ~ \.php$ { fastcgi_pass 127.0.0.1:9004; } so that nginx knows to handle this request the way you want it to. (If you have no other configuration, the nginx default is "serve the file from the file system".) f -- Francis Daly francis at daoine.org From nginx-forum at nginx.us Sat Jun 7 14:54:21 2014 From: nginx-forum at nginx.us (ericmachine) Date: Sat, 07 Jun 2014 10:54:21 -0400 Subject: website with login button, redirect to intranet? In-Reply-To: References: Message-ID: Thanks :) I will give this a try :) Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250715,250722#msg-250722 From nginx-forum at nginx.us Sat Jun 7 20:59:29 2014 From: nginx-forum at nginx.us (terryr) Date: Sat, 07 Jun 2014 16:59:29 -0400 Subject: Wiki updates -- was: Can anyone tell me how to delete spam pages on the wiki? In-Reply-To: <527de04cfa2f5ced94f7d2f6a0decec2.NginxMailingListEnglish@forum.nginx.org> References: <527de04cfa2f5ced94f7d2f6a0decec2.NginxMailingListEnglish@forum.nginx.org> Message-ID: <17e12a037781f460aebed074ef9bf02d.NginxMailingListEnglish@forum.nginx.org> I'd like to also add my thanks. Great work. I think a very visible last updated date and the "applies to" section would be great. When I first started using nginx and the wiki, I found one thing a bit confusing. Clicking on a link on http://wiki.nginx.org/Modules directs you to the corresponding page on nginx.org/en/docs. While it's great to be directed to those docs, I expected to be taken to a wiki page on the core module. I would suggest some kind of notice that these links will take you to the nginx.org/en/docs site. The obsoleted pages are difficult. A link like this http://wiki.nginx.org/CoreModule#error_log in a google search bypasses the notice at the top so whoever's reading has no idea that the page has been obsoleted. I'm not registerd on the wiki so I don't know what editing options are availble to offer any suggestions for dealing with this. Terry Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250601,250725#msg-250725 From nginx-forum at nginx.us Sat Jun 7 21:05:46 2014 From: nginx-forum at nginx.us (mfaridi) Date: Sat, 07 Jun 2014 17:05:46 -0400 Subject: arch linux , swf dir and forbidden error In-Reply-To: <20140606231517.GD16942@daoine.org> References: <20140606231517.GD16942@daoine.org> Message-ID: <82fc0cb61f046f525a5e80f28e01dad8.NginxMailingListEnglish@forum.nginx.org> Francis Daly Wrote: ------------------------------------------------------- > On Fri, Jun 06, 2014 at 11:57:22AM -0400, mfaridi wrote: > > Hi there, > > > http://127.0.0.1/swf > > I see this error > > 403 Forbidden > > and I can not play sw game > > but when I type > > http://127.0.0.1/swf/pacman.swf > > every thing is good and I can flash game > > what is problem ? > > What does error_log say? > > Most likely there is no index.html file, or autoindex > (http://nginx.org/r/autoindex) is not on, is my guess. > > f > -- > Francis Daly francis at daoine.org > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx when I type tail -f access.log I see these 127.0.0.1 - - [08/Jun/2014:02:39:03 +0430] "GET /swf/ HTTP/1.1" 403 168 "-" "Mozilla/5.0 (X11; Linux i686; rv:29.0) Gecko/20100101 Firefox/29.0" 127.0.0.1 - - [08/Jun/2014:02:39:04 +0430] "GET /favicon.ico HTTP/1.1" 404 168 "-" "Mozilla/5.0 (X11; Linux i686; rv:29.0) Gecko/20100101 Firefox/29.0" 127.0.0.1 - - [08/Jun/2014:02:40:00 +0430] "GET /swf/ HTTP/1.1" 403 168 "-" "Mozilla/5.0 (X11; Linux i686; rv:29.0) Gecko/20100101 Firefox/29.0" 127.0.0.1 - - [08/Jun/2014:02:40:27 +0430] "GET /swf/ HTTP/1.1" 403 168 "-" "Mozilla/5.0 (X11; Linux i686; rv:29.0) Gecko/20100101 Firefox/29.0" 127.0.0.1 - - [08/Jun/2014:02:41:24 +0430] "GET /swf/ HTTP/1.1" 403 168 "-" "Mozilla/5.0 (X11; Linux i686; rv:29.0) Gecko/20100101 Firefox/29.0" Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250709,250726#msg-250726 From francis at daoine.org Sat Jun 7 22:17:28 2014 From: francis at daoine.org (Francis Daly) Date: Sat, 7 Jun 2014 23:17:28 +0100 Subject: arch linux , swf dir and forbidden error In-Reply-To: <82fc0cb61f046f525a5e80f28e01dad8.NginxMailingListEnglish@forum.nginx.org> References: <20140606231517.GD16942@daoine.org> <82fc0cb61f046f525a5e80f28e01dad8.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140607221728.GG16942@daoine.org> On Sat, Jun 07, 2014 at 05:05:46PM -0400, mfaridi wrote: > Francis Daly Wrote: > ------------------------------------------------------- > > On Fri, Jun 06, 2014 at 11:57:22AM -0400, mfaridi wrote: Hi there, > > What does error_log say? > > > > Most likely there is no index.html file, or autoindex > > (http://nginx.org/r/autoindex) is not on, is my guess. > 127.0.0.1 - - [08/Jun/2014:02:39:03 +0430] "GET /swf/ HTTP/1.1" 403 168 "-" > "Mozilla/5.0 (X11; Linux i686; rv:29.0) Gecko/20100101 Firefox/29.0" So the request you make is "/swf/". The response you get is http 403. What response do you want to get? error_log might say why you get the 403 response. f -- Francis Daly francis at daoine.org From agentzh at gmail.com Sat Jun 7 23:17:50 2014 From: agentzh at gmail.com (Yichun Zhang (agentzh)) Date: Sat, 7 Jun 2014 16:17:50 -0700 Subject: [ANN] OpenResty 1.7.0.1 released Message-ID: Hi folks! I am happy to announce the new formal release, 1.7.0.1, of the OpenResty bundle: http://openresty.org/#Download Special thanks go to all our contributors for making this happen! Below is the complete change log for this release, as compared to the last formal release, 1.5.12.1: * upgraded the Nginx core to 1.7.0. * see the changes here: * feature: bundled new Lua library, the lua-resty-lrucache library, which is also enabled by default. see https://github.com/openresty/lua-resty-lrucache#readme for more details. thanks Shuxin Yang for the help. * upgraded LuaJIT to v2.1-20140607: https://github.com/openresty/luajit2/tags * imported Mike Pall's latest bug fixes and features: * Fix frame traversal while searching for error function. * Fix FOLD rule for STRREF of SNEW. * FFI: Fix recording of indexing a struct pointer ctype object itself. * FFI: Another fix for cdata equality comparisons. * Fix FOLD rule for "string.sub(s, ...) == k". * x86: Fix code generation for unused result of "math.random()". * x64: Workaround for MSVC build issue. * PPC: Fix red zone overflow in machine code generation. * Fix compatibility issues with Illumos. Thanks to Theo Schlossnagle. * Add PS Vita port. Thanks to Anton Stenmark. * disabled trace stitching by default for now since it may trigger random lua stack corruptions when using with ngx_lua. * feature: jit.dump: output Lua source location after every BC. * feature: added internal memory-buffer-based trace entry/exit/start-recording event logging, mainly for debugging bugs in the JIT compiler. it requires "-DLUA_USE_TRACE_LOGS" when building. * feature: save "g->jit_base" to "g->saved_jit_base" before "lj_err_throw" clears "g->jit_base" which makes it impossible to get Lua backtrace in such states. * upgraded the lua-resty-core library to 0.0.7. * feature: implemented ngx.req.set_header() (partial: table-typed values not yet supported) and ngx.req.clear_header() with FFI in the resty.core.request module. * feature: implemented shdict:flush_all() with FFI in the resty.core.shdict. * feature: implemented ngx.req.set_method() with FFI in resty.core.request. * feature: implemented ngx.req.get_method() with FFI in resty.core.request. * feature: implemented ngx.time() with FFI in resty.core.time. * feature: implemented ngx.req.start_time with FFI in rest.core.request. * feature: implemented ngx.now() with FFI in resty.core.time. * upgraded the ngx_lua module to 0.9.8. * bugfix: the ngx.ctx table might be released prematurely when ngx.exit() was used to generate the response header. thanks Monkey Zhang for the report. now we always release ngx.ctx in our request pool cleanup handler. * bugfix: we did not call our coroutine cleanup handlers right after our coroutine completes (either successfully or unsuccessfully) otherwise segmentation fault might happen when the Lua VM throws out unexpected exceptions like "attempt to yield across C-call boundary". thanks Lipin Dmitriy for the report. * bugfix: nginx does not guarentee the parent pointer of the rbtree root is meaningful, which could lead to inifinite loops when the ngx_lua module tried to abort pending timers prematurely (upon worker exit). thanks pengqi for the report. * bugfix: ngx.req.set_method(): we incorrectly modified "r->method" when the method ID was wrong. * bugfix: rewrite_by_lua* and access_by_lua* will now terminate the current request if the response header has already been sent (via calls like ngx.say and ngx.send_headers) at that point. thanks yaronli and Sophos for the report. * bugfix: issues in the error handling for pure C API functions for shared dict. thanks Xiaochen Wang. * feature: now we save the original pattern string pointer value into our "ngx_http_lua_regex_t" C struct, to help runtime regex profiling and debugging. * feature: allow use of 3rd-party pcre bindings in init_by_lua*. thanks ikokostya for the feature request. * feature: added pure C API functions to support the new FFI-based Lua API implemented in the lua-resty-core library. * feature: make use of the new shm API in nginx 1.5.13+ to suppress the "no memory" error logging when the shared dictionaries run out of memory. * feature: added C macro "NGX_LUA_ABORT_AT_PANIC" to allow generating a core dump when the Lua VM panics. * upgraded the ngx_srcache module to 0.27. * bugfix: we used to skip all the output header and body filters run before our filters (which unfortunately bypassed the standard ngx_http_not_modified_filter_module, for example). thanks Lloyd Zhou for the report. * feature: added new config directive srcache_store_ranges for storing 206 Partial Content responses generated by the standard ngx_http_range_filter_module. * bugfix: updated the dtrace patch because systemtap 2.5 no longer accepts the "-xnolib" option in its dtrace utility. * removed our bundled version of "ngx_http_auth_request_module" because recent versions of the nginx core already have it. thanks LazyZhu for the report. * bugfix: applied our patch for the nginx core to fix the long standing memory fragmentation issue for blocks larger than the page size in the nginx slab allocator: thanks Shuxin Yang for the help. The HTML version of the change log with lots of helpful hyper-links can be browsed here: http://openresty.org/#ChangeLog1007000 OpenResty (aka. ngx_openresty) is a full-fledged web application server by bundling the standard Nginx core, lots of 3rd-party Nginx modules and Lua libraries, as well as most of their external dependencies. See OpenResty's homepage for details: http://openresty.org/ We have run extensive testing on our Amazon EC2 test cluster and ensured that all the components (including the Nginx core) play well together. The latest test report can always be found here: http://qa.openresty.org Enjoy! -agentzh From al-nginx at none.at Sat Jun 7 23:34:36 2014 From: al-nginx at none.at (Aleksandar Lazic) Date: Sun, 08 Jun 2014 01:34:36 +0200 Subject: ANN: HTTP 1.1 is now RFC 7230 to RFC 7235 Message-ID: <9f4fe7c46b19b7a17b52074280e7dbfa@none.at> Dear Readers. Today I haven seen the following post on the curl-lib mailing list which I want to share. http://curl.haxx.se/mail/lib-2014-06/0073.html ##### Zite Finally, RFC 2616 is deprecated and HTTP 1.1 is now offically instead done in the whole range of new RFCs in the subject. This revision work has taken almost seven years to complete. ##### In the new rfcs are always a section Changes from RFC 2616 and in the last one 7235 is it Changes from RFCs 2616 and 2617 Best regards Aleks From nginx-forum at nginx.us Sun Jun 8 17:50:18 2014 From: nginx-forum at nginx.us (nrahl) Date: Sun, 08 Jun 2014 13:50:18 -0400 Subject: Default host is being ignored? Message-ID: I created a default conf file: server { listen 80 default; listen 443 default; server_name ""; return 444; } and linked it in sites-enabled. The other server is declared with: server { listen 80; listen 443 ssl; server_name .mydomain.com; Accessing the https://xx.xx.xx.xx (the IP address) uses the mydomain.com host instead of using the default, which should reject the request. The browser is sending the host as "xx.xx.xx.xx". This should not match the mydomain.com file. So why is it it not using the right server? I've also tried leaving server name blank and adding "ssl" after 443 in the listen directive, but it still ignores the default server and uses the domain.com one instead. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250732,250732#msg-250732 From shahzaib.cb at gmail.com Mon Jun 9 06:45:22 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Mon, 9 Jun 2014 11:45:22 +0500 Subject: http_geo_module invalid option during compile !! Message-ID: Does nginx Geo module work on nginx ? I am getting the following error during compiling nginx-1.4.7 with it : ./configure --with-http_mp4_module --with-http_flv_module --with-http_geoip_module --with-http_geo_module --sbin-path=/usr/local/sbin --with-debug ./configure: error: invalid option "--with-http_geo_module" -------------- next part -------------- An HTML attachment was scrubbed... URL: From francis at daoine.org Mon Jun 9 07:30:21 2014 From: francis at daoine.org (Francis Daly) Date: Mon, 9 Jun 2014 08:30:21 +0100 Subject: http_geo_module invalid option during compile !! In-Reply-To: References: Message-ID: <20140609073021.GI16942@daoine.org> On Mon, Jun 09, 2014 at 11:45:22AM +0500, shahzaib shahzaib wrote: > Does nginx Geo module work on nginx ? I am getting the following error > during compiling nginx-1.4.7 with it : > > ./configure --with-http_mp4_module --with-http_flv_module > --with-http_geoip_module --with-http_geo_module --sbin-path=/usr/local/sbin > --with-debug > ./configure: error: invalid option "--with-http_geo_module" ./configure --help | grep geo Some modules are default-excluded, and must be added with "--with-"; some are default-included, and must be removed with "--without-". f -- Francis Daly francis at daoine.org From shahzaib.cb at gmail.com Mon Jun 9 07:46:58 2014 From: shahzaib.cb at gmail.com (shahzaib shahzaib) Date: Mon, 9 Jun 2014 12:46:58 +0500 Subject: http_geo_module invalid option during compile !! In-Reply-To: <20140609073021.GI16942@daoine.org> References: <20140609073021.GI16942@daoine.org> Message-ID: ./configure --help | grep geo --with-http_geoip_module enable ngx_http_geoip_module --without-http_geo_module disable ngx_http_geo_module Alright, its enabled by default. Thanks On Mon, Jun 9, 2014 at 12:30 PM, Francis Daly wrote: > On Mon, Jun 09, 2014 at 11:45:22AM +0500, shahzaib shahzaib wrote: > > Does nginx Geo module work on nginx ? I am getting the following error > > during compiling nginx-1.4.7 with it : > > > > ./configure --with-http_mp4_module --with-http_flv_module > > --with-http_geoip_module --with-http_geo_module > --sbin-path=/usr/local/sbin > > --with-debug > > ./configure: error: invalid option "--with-http_geo_module" > > ./configure --help | grep geo > > Some modules are default-excluded, and must be added with "--with-"; > some are default-included, and must be removed with "--without-". > > f > -- > Francis Daly francis at daoine.org > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From om.brahmana at gmail.com Mon Jun 9 11:05:31 2014 From: om.brahmana at gmail.com (Srirang Doddihal) Date: Mon, 9 Jun 2014 16:35:31 +0530 Subject: CORS headers not being set for a 401 response from upstream. Message-ID: Hi, I am trying to setup CORS headers in my nginx config. My config is here : http://pastie.org/private/eevpeyy6uwu25rl5qsgzyq The upstream is defined separately. It responds fine to OPTIONS request. It also adds the "Access-Control-Allow-Origin *" header to responses from the upstream (pm_puma_cluster) when the response status is 200. But if the response status from the upstream is 401 it is not adding the CORS header. Is it expected? Or am I missing something in the config? P.S : The upstream is a Rails app and I would prefer to deal with the CORS headers in the nginx and not mess with them in the Rails app. -- Regards, Srirang G Doddihal Brahmana. The LIGHT shows the way. The WISE see it. The BRAVE walk it. The PERSISTENT endure and complete it. I want to do it all ALONE. -------------- next part -------------- An HTML attachment was scrubbed... URL: From reallfqq-nginx at yahoo.fr Mon Jun 9 15:00:00 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Mon, 9 Jun 2014 17:00:00 +0200 Subject: Default host is being ignored? In-Reply-To: References: Message-ID: 1?) Ensure the config files are all included (starting with main nginx.conf files, then following all 'include' logic). The 'sites-available' logic is due to some distributions packaging and is not there in the official nginx one. Usually this is OK, but checking cannot hurt. :o) 2?) Ensure your configuration is *loaded*, ie the syntax is correct and nginx is actually applying it. - use nginx -t to check the available config does not contain errors - send SIGHUP to nginx master to reload the configuration (and check logs for messages regarding it) ... or use the probably available 'reload' command from your system management script which does both steps, knowing what you are doing 3?) Ensure the reply you see in your client is the one sent by the server (ie take care about any intermediate cache). One way of effectively doing that is monitoring the access.log file (which exists in the default nginx configuration , though commented). Another (complementary) way of doing the same is using cURL on the command-line, querying your server on the right interface If you are still experiencing difficulties, please provide details about your problem and your attempts (and their result aswell) to solve it. --- *B. R.* -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Mon Jun 9 17:53:11 2014 From: nginx-forum at nginx.us (paulg1981) Date: Mon, 09 Jun 2014 13:53:11 -0400 Subject: Proxy_Pass to another vhost on same machine Message-ID: <0d183d30598727b37cd7354f37b11f36.NginxMailingListEnglish@forum.nginx.org> Hello, I am attempting to use ca.mydomain.com with client certificate auth as a springboard for other sites on the same server. I am using client certs with my iphone (and other browsers) to skip the password auth and be more secure. The first two proxy_pass statements work fine (sickbeard and couchpotato) but the next (munin) gives the error 400 Bad Request No required SSL certificate was sent. If I put the address (https://tools.mydomain.com/munin) in my address bar it works fine? I don't understand why it is requesting the client cert for the subdomain that doesn't use client auth. The tools.mydomain.com uses basic auth. Secondly I want to access the tools.mydomain.com from ca.mydomain.com and not be prompted for the basic auth password. So I want to include the authorization in the proxying. Any help you all can provide would be great. I hope I explained my issue well enough! server { listen my.ip.address:80; server_name ca.mydomain.com; rewrite ^ https://$server_name$request_uri? permanent; } server { listen my.ip.address:443 ssl spdy; ssl_certificate /etc/ssl/certs/my.pem; ssl_certificate_key /etc/ssl/private/my.key; root /var/www/ca.thefamilygarrison; index index.php index.html index.htm; server_name ca.mydomain.com; pagespeed off; ssl_client_certificate /etc/nginx/clientauth/ca.crt; ssl_verify_client on; location ~ \.php$ { fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include fastcgi_params; } location /sickbeard { proxy_pass http://my.ip.address:65007/sickbeard; } location /couchpotato { proxy_pass http://my.ip.address:65005/couchpotato; } location /munin { proxy_pass https://tools.mydomain.com/munin; } } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250747,250747#msg-250747 From rvrv7575 at yahoo.com Mon Jun 9 18:09:13 2014 From: rvrv7575 at yahoo.com (Rv Rv) Date: Tue, 10 Jun 2014 02:09:13 +0800 (SGT) Subject: Accessing the location configuration of module 2 during post configuration processing of module 1 for a particular server Message-ID: <1402337353.2224.YahooMailNeo@web193506.mail.sg3.yahoo.com> How do we access the configuration of a an unrelated module in a given module. This may be required for example to check if the directives pertaining to module 2 were specified in location for a particular server that has directives for module 1 in its configuration. From what I understand, code similar to this can be used? /* Get http main configuration */ ? ? cmcf = ctx->main_conf[ngx_http_core_module.ctx_index];? /* Get the list of servers */ ? ? cscfp = cmcf->servers.elts; /* Iterate through the list */ ? ? for (s = 0; s < cmcf->servers.nelts; s++) { ? /* Problem : how to get the configuration of module 2*/ ? ? ? ? ? ? ? ? ? cscfp[s]->ctx->loc_conf[module2.ctx_index];-------------> does not yield the correct location struct of module 2 I did not find any documentation on how the configuration is stored within nginx using these structs? typedef struct { ............. ?/* server ctx */ ngx_http_conf_ctx_t *ctx;?............ } ngx_http_core_srv_conf_t; typedef struct { ? ? void ? ? ? ?**main_conf; ? ? void ? ? ? ?**srv_conf; ? ? void ? ? ? ?**loc_conf; } ngx_http_conf_ctx_t; -------------- next part -------------- An HTML attachment was scrubbed... URL: From amikamsnir at gmail.com Mon Jun 9 18:19:34 2014 From: amikamsnir at gmail.com (Amikam Snir) Date: Mon, 9 Jun 2014 21:19:34 +0300 Subject: how to get response headers from internal-requests? Message-ID: Hi all, Is there a way to get the response headers from internal-requests? p.s. I am using ngx.location.capture(uri) for the internal requests. Thanks in advance. -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Tue Jun 10 01:30:06 2014 From: nginx-forum at nginx.us (arteomp) Date: Mon, 09 Jun 2014 21:30:06 -0400 Subject: how to get response headers from internal-requests? In-Reply-To: References: Message-ID: <6dfc8473e7791d3db65f09216884159d.NginxMailingListEnglish@forum.nginx.org> Hello, http://wiki.nginx.org/HttpLuaModule#ngx.location.capture res.header holds all the response headers of the subrequest and it is a normal Lua table. For multi-value response headers, the value is a Lua (array) table that holds all the values in the order that they appear. For instance, if the subrequest response headers contain the following lines: Set-Cookie: a=3 Set-Cookie: foo=bar Set-Cookie: baz=blah Then res.header["Set-Cookie"] will be evaluated to the table value {"a=3", "foo=bar", "baz=blah"}. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250749,250751#msg-250751 From nginx-forum at nginx.us Tue Jun 10 02:53:49 2014 From: nginx-forum at nginx.us (spch2008) Date: Mon, 09 Jun 2014 22:53:49 -0400 Subject: input body filer Message-ID: <926af5434a56406820126465fce99617.NginxMailingListEnglish@forum.nginx.org> Now I want to do some security testing for input body, but I find nginx doesn't have the detection mechanism for input body. anyone who can tell me why? Thanks! Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250752,250752#msg-250752 From mdounin at mdounin.ru Tue Jun 10 11:33:43 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 10 Jun 2014 15:33:43 +0400 Subject: CORS headers not being set for a 401 response from upstream. In-Reply-To: References: Message-ID: <20140610113343.GS1849@mdounin.ru> Hello! On Mon, Jun 09, 2014 at 04:35:31PM +0530, Srirang Doddihal wrote: > Hi, > > I am trying to setup CORS headers in my nginx config. My config is here : > http://pastie.org/private/eevpeyy6uwu25rl5qsgzyq > > The upstream is defined separately. > > It responds fine to OPTIONS request. It also adds the > "Access-Control-Allow-Origin *" header to responses from the upstream > (pm_puma_cluster) when the response status is 200. > > But if the response status from the upstream is 401 it is not adding the > CORS header. > > Is it expected? Or am I missing something in the config? Quote from http://nginx.org/r/add_header: "Adds the specified field to a response header provided that the response code equals 200, 201, 204, 206, 301, 302, 303, 304, or 307." -- Maxim Dounin http://nginx.org/ From mdounin at mdounin.ru Tue Jun 10 12:03:48 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 10 Jun 2014 16:03:48 +0400 Subject: Proxy_Pass to another vhost on same machine In-Reply-To: <0d183d30598727b37cd7354f37b11f36.NginxMailingListEnglish@forum.nginx.org> References: <0d183d30598727b37cd7354f37b11f36.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140610120348.GU1849@mdounin.ru> Hello! On Mon, Jun 09, 2014 at 01:53:11PM -0400, paulg1981 wrote: > Hello, > I am attempting to use ca.mydomain.com with client certificate auth as a > springboard for other sites on the same server. I am using client certs with > my iphone (and other browsers) to skip the password auth and be more secure. > The first two proxy_pass statements work fine (sickbeard and couchpotato) > but the next (munin) gives the error 400 Bad Request No required SSL > certificate was sent. If I put the address > (https://tools.mydomain.com/munin) in my address bar it works fine? I don't > understand why it is requesting the client cert for the subdomain that > doesn't use client auth. The tools.mydomain.com uses basic auth. In no particular order: - Make sure that "s" in the "https://tools..." isn't a typo and you actually mean to use encrypted connection between nginx and this backend. - Make sure the "tools.mydomain.com" https backend actually don't have client cert auth switched on. In particular, make sure it's either uses separate ip:port, or you've enabled SNI in nginx proxy (http://nginx.org/r/proxy_ssl_server_name). > Secondly I want to access the tools.mydomain.com from ca.mydomain.com and > not be prompted for the basic auth password. So I want to include the > authorization in the proxying. Instead of providing a password, you may consider configuring access from a fixed set of ip addresses, using the access module and "satisfy any", see http://nginx.org/r/satisfy for an example. If you want nginx to send a password, you may do so by adding the Authorization header with proxy_set_header, see http://nginx.org/r/proxy_set_header and http://tools.ietf.org/html/rfc2617#section-2. -- Maxim Dounin http://nginx.org/ From luciano at vespaperitivo.it Tue Jun 10 13:38:49 2014 From: luciano at vespaperitivo.it (Luciano Mannucci) Date: Tue, 10 Jun 2014 15:38:49 +0200 Subject: Switching to nginx: php and rewrite rules from apache In-Reply-To: <20140607103955.GF16942@daoine.org> References: <20140607085016.E94C83FA26A@mail.nginx.com> <20140607090854.GE16942@daoine.org> <20140607100815.9D0C73FA281@mail.nginx.com> <20140607103955.GF16942@daoine.org> Message-ID: On Sat, 7 Jun 2014 11:39:55 +0100 Francis Daly wrote: > add something like > > location ~ \.php$ { > fastcgi_pass 127.0.0.1:9004; > } > > so that nginx knows to handle this request the way you want it to. Works! :-) :) I had to add few other things (it was looking for index.html instead of .php) and now it seems fine. Maaaany thanks, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster at sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From mdounin at mdounin.ru Tue Jun 10 14:52:33 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 10 Jun 2014 18:52:33 +0400 Subject: Accessing the location configuration of module 2 during post configuration processing of module 1 for a particular server In-Reply-To: <1402337353.2224.YahooMailNeo@web193506.mail.sg3.yahoo.com> References: <1402337353.2224.YahooMailNeo@web193506.mail.sg3.yahoo.com> Message-ID: <20140610145233.GW1849@mdounin.ru> Hello! On Tue, Jun 10, 2014 at 02:09:13AM +0800, Rv Rv wrote: > How do we access the configuration of a an unrelated module in a > given module. This may be required for example to check if the > directives pertaining to module 2 were specified in location for > a particular server that has directives for module 1 in its > configuration. I don't think it's something you should do at postconfiguration - location structure is complex and not easily accessible. There are location configuration merge callbacks where you are expected to work with location configs and, in particular, can use ngx_http_conf_get_module_loc_conf() macro to access a configuration of other modules (note though, that order of modules may be important in this case). [...] > I did not find any documentation on how the configuration is stored within nginx using these structs? It's under src/, in C language. I would rather say it's not a part of the API, and you'd better avoid using it directly. -- Maxim Dounin http://nginx.org/ From mdounin at mdounin.ru Tue Jun 10 14:55:19 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 10 Jun 2014 18:55:19 +0400 Subject: input body filer In-Reply-To: <926af5434a56406820126465fce99617.NginxMailingListEnglish@forum.nginx.org> References: <926af5434a56406820126465fce99617.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140610145519.GX1849@mdounin.ru> Hello! On Mon, Jun 09, 2014 at 10:53:49PM -0400, spch2008 wrote: > Now I want to do some security testing for input body, but I find nginx > doesn't have the detection mechanism for input body. > anyone who can tell me why? Thanks! http://mailman.nginx.org/pipermail/nginx-devel/2013-March/003492.html -- Maxim Dounin http://nginx.org/ From nginx-forum at nginx.us Tue Jun 10 15:14:35 2014 From: nginx-forum at nginx.us (khine) Date: Tue, 10 Jun 2014 11:14:35 -0400 Subject: Unable to complete secure transaction Message-ID: <30a5f6f5fa17e399b8b34f83130f0149.NginxMailingListEnglish@forum.nginx.org> Hello, I am using the following nginx.conf https://gist.github.com/nkhine/f620f8bdc0fb613b7b59 and have an EV Multi-Domain certificate from COMODO for my company. This works on Chrome and Firefox, but I am having difficulties on Safari and Opera. My server is FreeBSD 10 with ZFS, with Nginx running inside a jailed environment. Nginx is used as a front end to a Node.js application. There two issues that happen, on Safari, if i try to login using federated login, i get 'Too many redirects occurred' and on Opera i get 'Secure connection: fatal error (40) from server.' Any advise much appreciated Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250765,250765#msg-250765 From luciano at vespaperitivo.it Tue Jun 10 16:00:13 2014 From: luciano at vespaperitivo.it (Luciano Mannucci) Date: Tue, 10 Jun 2014 18:00:13 +0200 Subject: Rewrite rules from Apache again Message-ID: I'm still trying to move everything from apache to nginx. I've successfully translated some rules from the .htaccess: RewriteRule ^(.*)_k(.*)\.htm$ pagina.php?k=$2 works pretty weff if turned into: rewrite ^/(.*)_k(.*).htm$ /pagina.php?k=$2 ; while RewriteRule ^privacy.php$ pagina.php?k=privacy does not work if translated as: rewrite ^/privacy.php$ /pagina.php?k=privacy ; the request is passed unchanged and I get a 404 error for the /privacy.php page does'nt exist. What did I miss? AdvThanksAnce, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster at sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From nginx-forum at nginx.us Tue Jun 10 16:30:18 2014 From: nginx-forum at nginx.us (khine) Date: Tue, 10 Jun 2014 12:30:18 -0400 Subject: Unable to complete secure transaction In-Reply-To: <30a5f6f5fa17e399b8b34f83130f0149.NginxMailingListEnglish@forum.nginx.org> References: <30a5f6f5fa17e399b8b34f83130f0149.NginxMailingListEnglish@forum.nginx.org> Message-ID: the site in question is https://dev.continentalclothing.com/ Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250765,250767#msg-250767 From nginx-forum at nginx.us Tue Jun 10 16:31:25 2014 From: nginx-forum at nginx.us (grd2345) Date: Tue, 10 Jun 2014 12:31:25 -0400 Subject: location uri wildcard Message-ID: I recently converted my website from asp.net and have the following links out there that I would like to permanent redirect to my new url, but I seem to not be able to create this. My goal is to create one rewrite or something that can handle all of these. The old urls are as follows. http://www.mysite.com/(X(1)S(kt54xgv5mfifsmkgxo5eqk2m))/ClassScheduler.aspx?AspxAutoDetectCookieSupport=1 http://www.mysite.com/(X(1)S(kt54xgv5mfifsmkgxo5eqk2m))/ClassScheduler.aspx http://www.mysite.com/ClassScheduler.aspx ----------------------------------------- I basically need a wild card to detect ClassScheduler.aspx from the above old urls and redirect to http://www.mysite.com/classScheduler Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250768,250768#msg-250768 From reallfqq-nginx at yahoo.fr Tue Jun 10 17:25:29 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Tue, 10 Jun 2014 19:25:29 +0200 Subject: location uri wildcard In-Reply-To: References: Message-ID: What have your tried? What do your access logs show? What did you expect? --- *B. R.* -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Tue Jun 10 17:33:52 2014 From: nginx-forum at nginx.us (grd2345) Date: Tue, 10 Jun 2014 13:33:52 -0400 Subject: location uri wildcard In-Reply-To: References: Message-ID: I havent tried anything yet. All I ever did was redirect a single domain. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250768,250770#msg-250770 From reallfqq-nginx at yahoo.fr Tue Jun 10 17:33:40 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Tue, 10 Jun 2014 19:33:40 +0200 Subject: Unable to complete secure transaction In-Reply-To: References: <30a5f6f5fa17e399b8b34f83130f0149.NginxMailingListEnglish@forum.nginx.org> Message-ID: >From the error message on Safari, one could determine the problem does not come from the certificate but from looping (internal?) redirections. Where does the loop occur? nginx or NodeJS? (ie is the request correctly forwarded or not) If nginx, what does the error log says? Same questions for Opera. --- *B. R.* -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Tue Jun 10 18:49:58 2014 From: nginx-forum at nginx.us (Thaxll) Date: Tue, 10 Jun 2014 14:49:58 -0400 Subject: 400 bad requests now returning http headers? ( crossdomain.xml ) Message-ID: <4facfdcd4b4254c2bec97c6d5ed9c74b.NginxMailingListEnglish@forum.nginx.org> Hi, I'm using Nginx to serve a file called crossdomain.xml, that file is used by Flash client to allow socket crossdomain Policy. It's a trick that many people are using instead of having a dedicated app to server that file. The trick is to return that xml file when nginx get a bad request. Since a recent version ( 1.4.7+ ) it seems that a bad request replies include HTTP headers and therefore breaking the Flash client ( instead of returning only the data without headers ). Is there a way to remove those headers? Also I searched in the changelog and didn't find any hints about that change? Example: perl -e 'printf "%c",0' | nc test.com 843 HTTP/1.1 400 Bad Request Server: nginx Date: Tue, 10 Jun 2014 18:44:00 GMT Content-Type: text/xml Content-Length: 308 Connection: close ETag: "5385f727-134"

Regards, Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250772,250772#msg-250772 From reallfqq-nginx at yahoo.fr Tue Jun 10 19:07:21 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Tue, 10 Jun 2014 21:07:21 +0200 Subject: location uri wildcard In-Reply-To: References: Message-ID: Well, that is maybe why you have not received any help and might not receive some. No effort, no problem, no help. http://www.catb.org/esr/faqs/smart-questions.html#before If you wanna learn about configuring nginx, a good head start is the official documentation: http://nginx.org/en/docs --- *B. R.* -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Tue Jun 10 19:13:48 2014 From: nginx-forum at nginx.us (grd2345) Date: Tue, 10 Jun 2014 15:13:48 -0400 Subject: location uri wildcard In-Reply-To: References: Message-ID: Ah, gotcha, I am new to this and thanks for the link to this documentation. I will close this thread. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250768,250774#msg-250774 From mdounin at mdounin.ru Tue Jun 10 19:36:24 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 10 Jun 2014 23:36:24 +0400 Subject: 400 bad requests now returning http headers? ( crossdomain.xml ) In-Reply-To: <4facfdcd4b4254c2bec97c6d5ed9c74b.NginxMailingListEnglish@forum.nginx.org> References: <4facfdcd4b4254c2bec97c6d5ed9c74b.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140610193624.GA1849@mdounin.ru> Hello! On Tue, Jun 10, 2014 at 02:49:58PM -0400, Thaxll wrote: > Hi, > > I'm using Nginx to serve a file called crossdomain.xml, that file is used by > Flash client to allow socket crossdomain Policy. It's a trick that many > people are using instead of having a dedicated app to server that file. The > trick is to return that xml file when nginx get a bad request. Since a > recent version ( 1.4.7+ ) it seems that a bad request replies include HTTP > headers and therefore breaking the Flash client ( instead of returning only > the data without headers ). Is there a way to remove those headers? Also I > searched in the changelog and didn't find any hints about that change? Quote from http://nginx.org/en/CHANGES, changes with nginx 1.5.5: *) Change: now nginx assumes HTTP/1.0 by default if it is not able to detect protocol reliably. -- Maxim Dounin http://nginx.org/ From nginx-forum at nginx.us Tue Jun 10 20:07:28 2014 From: nginx-forum at nginx.us (Thaxll) Date: Tue, 10 Jun 2014 16:07:28 -0400 Subject: 400 bad requests now returning http headers? ( crossdomain.xml ) In-Reply-To: <20140610193624.GA1849@mdounin.ru> References: <20140610193624.GA1849@mdounin.ru> Message-ID: Hi Maxim, Thank you for the quick reply, I guess there is no workaround for that problem? It isn't possible to remove headers or specify a dummy protocol for Nginx? Thank you, Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250772,250776#msg-250776 From francis at daoine.org Tue Jun 10 21:43:05 2014 From: francis at daoine.org (Francis Daly) Date: Tue, 10 Jun 2014 22:43:05 +0100 Subject: Rewrite rules from Apache again In-Reply-To: <20140610160019.670733F9F4A@mail.nginx.com> References: <20140610160019.670733F9F4A@mail.nginx.com> Message-ID: <20140610214305.GL16942@daoine.org> On Tue, Jun 10, 2014 at 06:00:13PM +0200, Luciano Mannucci wrote: Hi there, > works pretty weff if turned into: > > rewrite ^/(.*)_k(.*).htm$ /pagina.php?k=$2 ; > does not work if translated as: > > rewrite ^/privacy.php$ /pagina.php?k=privacy ; > > the request is passed unchanged and I get a 404 error for the > /privacy.php page does'nt exist. > > What did I miss? The rest of the config? == server { rewrite ^/(.*)_k(.*).htm$ /pagina.php?k=$2 ; rewrite ^/privacy.php$ /pagina.php?k=privacy ; location = /pagina.php { return 200 "I got $uri$is_args$args from $request_uri\n"; } } == seems to work as expected for me, for requests like /privacy.php and /a_k_b.htm?key=value. What do you have that is different? f -- Francis Daly francis at daoine.org From nginx-forum at nginx.us Wed Jun 11 03:13:07 2014 From: nginx-forum at nginx.us (xinster8192) Date: Tue, 10 Jun 2014 23:13:07 -0400 Subject: nginx gunzip memcached data , xss_callback failed Message-ID: Hi, I use nginx to read mecached data and write to memcached by java XmemcachedClient . Xmemcached compress data that larger than 256kB before write . So nginx i use ngx_gunzip_module and memcached_gzip_flag to unzip data from mecached to be sure unzip is Ok . the problem is xss_callback_arg is failed . when i delete memcached_gzip_flag , the xss_callback_arg is Ok ,but the result is conrupted . Is there good way to gunzip the memcached data first , then xss_callback_arg second . this is part of nginx.conf location ^~ /api/2/topic/nodejs { set_unescape_uri $topicurl $arg_topicurl; set_unescape_uri $topicurl $topicurl; set_md5 $md5_key $arg_client_id$topicurl$arg_topicsid; set $memcached_key '/topic/nodejs?$md5_key'; memcached_gzip_flag 2; memcached_pass memcached-cluster; error_page 404 501 502 = @miss; xss_get on; xss_callback_arg 'callback'; xss_input_types 'application/json text/plain'; } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250779,250779#msg-250779 From es12b1001 at iith.ac.in Wed Jun 11 06:56:03 2014 From: es12b1001 at iith.ac.in (Adarsh Pugalia) Date: Wed, 11 Jun 2014 12:26:03 +0530 Subject: Life of objects allocated using the request pool? Message-ID: What is the life of objects allocated using the request pool? If I allocate memory from the r->pool in a request handler, what would be the life of the object? Will the objects be freed if the request is over of will it sustain over multiple requests? -------------- next part -------------- An HTML attachment was scrubbed... URL: From kunalvjti at gmail.com Wed Jun 11 07:46:41 2014 From: kunalvjti at gmail.com (Kunal Pariani) Date: Wed, 11 Jun 2014 00:46:41 -0700 Subject: proxy_pass to different upstreams based on a cookie in the http request header Message-ID: Hello, Am wondering if there is a way to proxy (i.e proxy_pass inside location directive) to different set of upstreams based on whether a particular cookie is present or not in a http request header. Thanks -Kunal -------------- next part -------------- An HTML attachment was scrubbed... URL: From reallfqq-nginx at yahoo.fr Wed Jun 11 14:00:48 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Wed, 11 Jun 2014 16:00:48 +0200 Subject: location uri wildcard In-Reply-To: References: Message-ID: Keep in mind this ML (and other places such as StackOverfflow or whatever fora are still open to help you if you are struggling on anything. People are usually glad to help others who demonstrated efforts in thinking about it and who provided details about their approach of the problem. That is, based on the docs, try to make a solution on your own. Once you hit the wall, and if all the docs you could find (nginx docs, Web search are a start) do not help you further, please come back with details of the process you followed. Doors might open this time. :o) --- *B. R.* On Tue, Jun 10, 2014 at 9:13 PM, grd2345 wrote: > Ah, gotcha, I am new to this and thanks for the link to this documentation. > I will close this thread. > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,250768,250774#msg-250774 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Wed Jun 11 14:58:47 2014 From: nginx-forum at nginx.us (Tatonka) Date: Wed, 11 Jun 2014 10:58:47 -0400 Subject: tmp directory filling up Message-ID: <076e6438b60e67a46bf809df89178bcf.NginxMailingListEnglish@forum.nginx.org> Hi, I have a rails application that is hosted through nginx and passenger. In this application I want provide very large files for the users to download (>2GB) using send_file .. which is working just fine on the development and staging system. On the production system however the system tmp directory is limited to 1GB (separately mounted disk). When triggering a download, the tmp folder quickly fills up and the download breaks once it is completely full. I already moved passengers /tmp directory to a new location but could find how to do the same for nginx (I did set $tmp and $tmpdir with no effect). When looking into the /tmp directory however, I cannot find any large files that would explain what is happening, nevertheless, df reports it is filling up at the same time .. Lastly .. I also specified the proxy_temp_path directive in the nginx config. Again with no effect. Is there any way to specify which directory nginx uses for its tmp data? Is nginx even the culprit here? Thanks .. any help is greatly appreciated. Thanks Tim Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250795,250795#msg-250795 From nginx-forum at nginx.us Wed Jun 11 15:06:39 2014 From: nginx-forum at nginx.us (grd2345) Date: Wed, 11 Jun 2014 11:06:39 -0400 Subject: location uri wildcard In-Reply-To: References: Message-ID: <61674a2573756842a8ca5ee9f56e3c74.NginxMailingListEnglish@forum.nginx.org> I actually was looking around on google for the solution, but I lazied out and came here, but I ended up finding the solution for this, buy getting myself familiar with regex. I used the following command to do this to maybe help someone else needing this. location ~* "\bClassScheduler.aspx\b" { rewrite ^ http://www.mysite.com/classScheduler/? permanent; } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250768,250796#msg-250796 From luciano at vespaperitivo.it Wed Jun 11 16:20:50 2014 From: luciano at vespaperitivo.it (Luciano Mannucci) Date: Wed, 11 Jun 2014 18:20:50 +0200 Subject: Rewrite rules from Apache again In-Reply-To: <20140610214305.GL16942@daoine.org> References: <20140610160019.670733F9F4A@mail.nginx.com> <20140610214305.GL16942@daoine.org> Message-ID: On Tue, 10 Jun 2014 22:43:05 +0100 Francis Daly wrote: > The rest of the config? :) Well, I've posted it in my previous request for help. Beeing longish I tried to spare some bandwith... :) > > == > server { > rewrite ^/(.*)_k(.*).htm$ /pagina.php?k=$2 ; > rewrite ^/privacy.php$ /pagina.php?k=privacy ; Wow! I had it under "location /" Moving it to "server" level and adding a "break" seems to make it work! > location = /pagina.php { > return 200 "I got $uri$is_args$args from $request_uri\n"; > } Many thanks for this elegant way of debugging this kind of configuration problems. > What do you have that is different? Another problem :( If I try the same thing in a subdirectory, it doesn't work. In the error log I get: 2014/06/11 17:51:46 [error] 602#0: *264 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 212.121.88.183, server: new.assirm.it, request: "GET /en/privacy.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9004", host: "new.assirm.it", referrer: "http://new.assirm.it/en/history_khistory.htm" It seems that the "location =" that I've put to intercept the rewrite doesn't match. My configuration, now looks like this: server { listen 212.45.144.216:80 default_server; server_name new.assirm.it test.assirm.it; access_log /dati/log/http/assirm/access.log; error_log /dati/log/http/assirm/error_new.log; rewrite_log on; rewrite ^/ultime-news.php$ /archivio-news.php?last=1 ; rewrite ^/(.*)_news(.*).htm$ /news.php?id=$2 ; rewrite ^/(.*)_ev(.*).htm$ /evento.php?id=$2 ; rewrite ^/(.*)_att(.*).htm$ /attivita.php?id=$2 ; rewrite ^/(.*)_k(.*).htm$ /pagina.php?k=$2 ; rewrite ^/(.*)_sk(.*).htm$ /stampa-contenuto.php?k=$2 ; rewrite ^/(.*)_sn(.*).htm$ /stampa-news.php?id=$2 ; rewrite ^/(.*)_a(.*).htm$ /associato.php?id=$2&$args ; rewrite ^/(.*)_p(.*).htm$ /mypost.php?id=$2&$args ; rewrite ^/ricerca-(.*).htm$ /risultati.php?s=$1&goo=1 ; rewrite ^/privacy.php$ /pagina.php?k=privacy break; location ~ \.php$ { root /dati/httpd/web_assirm/sito_nginx; fastcgi_pass 127.0.0.1:9004; fastcgi_index index.php; include /etc/nginx/fastcgi.conf; } location / { root /dati/httpd/web_assirm/sito_nginx; index index.html index.htm index.php home.html welcome.html; } location ^~ /en/ { root /dati/httpd/web_assirm/sito_nginx; index index.html index.htm index.php home.html; rewrite ^/en/ultime-news.php$ /en/archivio-news.php?last=1 ; rewrite ^/en/(.*)_news(.*).htm$ /en/news.php?id=$2 ; rewrite ^/en/(.*)_ev(.*).htm$ /en/evento.php?id=$2 ; rewrite ^/en/(.*)_att(.*).htm$ /en/attivita.php?id=$2 ; rewrite ^/en/(.*)_k(.*).htm$ /en/pagina.php?k=$2 ; rewrite ^/en/(.*)_sk(.*).htm$ /en/stampa-contenuto.php?k=$2 ; rewrite ^/en/(.*)_sn(.*).htm$ /en/stampa-news.php?id=$2 ; rewrite ^/en/(.*)_a(.*).htm$ /en/associato.php?id=$2&$args ; rewrite ^/en/(.*)_p(.*).htm$ /en/mypost.php?id=$2&$args ; rewrite ^/en/(.*)_wit(.*).htm$ /en/wit.php?c=$2&$args ; rewrite ^/en/ricerca-(.*).htm$ /en/risultati.php?s=$1&goo=1 ; rewrite ^/en/privacy.php /en/pagina.php?k=privacy ; location = /en/pagina.php { return 200 "I got $uri$is_args$args from $request_uri\n"; } location ~ \.php$ { index index.html index.htm index.php home.html; fastcgi_pass 127.0.0.1:9004; fastcgi_index index.php; include /etc/nginx/fastcgi.conf; } } } -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster at sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From francis at daoine.org Wed Jun 11 17:05:50 2014 From: francis at daoine.org (Francis Daly) Date: Wed, 11 Jun 2014 18:05:50 +0100 Subject: Rewrite rules from Apache again In-Reply-To: <20140611162101.B48E13F9FD7@mail.nginx.com> References: <20140610160019.670733F9F4A@mail.nginx.com> <20140610214305.GL16942@daoine.org> <20140611162101.B48E13F9FD7@mail.nginx.com> Message-ID: <20140611170550.GN16942@daoine.org> On Wed, Jun 11, 2014 at 06:20:50PM +0200, Luciano Mannucci wrote: > On Tue, 10 Jun 2014 22:43:05 +0100 > Francis Daly wrote: Hi there, > > The rest of the config? > :) > Well, I've posted it in my previous request for help. Beeing > longish I tried to spare some bandwith... :) No worries. It can be useful to have a minimal test case that shows the problem. > I had it under "location /" > Moving it to "server" level and adding a "break" seems to make it work! Very approximately, the order is: choose the server{} run the rewrite directives choose the location{} run the rewrite directives, looping back as necessary handle the request So your non-server-level rewrites will only apply if they are in the location{} that is chosen. > > location = /pagina.php { > > return 200 "I got $uri$is_args$args from $request_uri\n"; > > } > Many thanks for this elegant way of debugging this kind of > configuration problems. You're welcome. You may also find it useful to enable debug logging for your test client, such as by putting something like debug_connection 127.0.0.10; within the events{} block, and then looking in error_log. > If I try the same thing in a subdirectory, it doesn't work. Put the rewrites at server{} level, or in the location{} that is chosen. > It seems that the "location =" that I've put to intercept the rewrite > doesn't match. No. The rewrite that you want doesn't happen, because the request /en/privacy.php is handled in: > location ~ \.php$ { > location / { > location ^~ /en/ { > location = /en/pagina.php { > location ~ \.php$ { ...that location, and not in the one two above it. Good luck with it, f -- Francis Daly francis at daoine.org From francis at daoine.org Wed Jun 11 17:10:08 2014 From: francis at daoine.org (Francis Daly) Date: Wed, 11 Jun 2014 18:10:08 +0100 Subject: proxy_pass to different upstreams based on a cookie in the http request header In-Reply-To: References: Message-ID: <20140611171008.GO16942@daoine.org> On Wed, Jun 11, 2014 at 12:46:41AM -0700, Kunal Pariani wrote: Hi there, > Am wondering if there is a way to proxy (i.e proxy_pass inside location > directive) to different set of upstreams based on whether a particular > cookie is present or not in a http request header. You can use a map (http://nginx.org/r/map) to set a variable based on a cookie (http://nginx.org/en/docs/http/ngx_http_core_module.html#variables), and you can use a variable in your proxy_pass directive (http://nginx.org/r/proxy_pass). So it looks like it should Just Work. f -- Francis Daly francis at daoine.org From contact at jpluscplusm.com Wed Jun 11 17:10:10 2014 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Wed, 11 Jun 2014 18:10:10 +0100 Subject: location uri wildcard In-Reply-To: References: Message-ID: On 10 June 2014 17:31, grd2345 wrote: > http://www.mysite.com/ClassScheduler.aspx [snip] > I basically need a wild card to detect ClassScheduler.aspx from the above > old urls This assumption looks wrong. Check out how location stanzas work: http://nginx.org/r/location Hint: locations in their simplest state just match path *prefixes* ... Also check the first parameter that a "rewrite" takes ... consider if you could use this functionality to avoid specifying a location /entirely/: http://nginx.org/r/rewrite J From mdounin at mdounin.ru Wed Jun 11 19:23:30 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Wed, 11 Jun 2014 23:23:30 +0400 Subject: tmp directory filling up In-Reply-To: <076e6438b60e67a46bf809df89178bcf.NginxMailingListEnglish@forum.nginx.org> References: <076e6438b60e67a46bf809df89178bcf.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20140611192330.GC1849@mdounin.ru> Hello! On Wed, Jun 11, 2014 at 10:58:47AM -0400, Tatonka wrote: > Hi, > > I have a rails application that is hosted through nginx and passenger. In > this application I want provide very large files for the users to download > (>2GB) using send_file .. which is working just fine on the development and > staging system. On the production system however the system tmp directory is > limited to 1GB (separately mounted disk). > > When triggering a download, the tmp folder quickly fills up and the download > breaks once it is completely full. I already moved passengers /tmp directory > to a new location but could find how to do the same for nginx (I did set > $tmp and $tmpdir with no effect). > > When looking into the /tmp directory however, I cannot find any large files > that would explain what is happening, nevertheless, df reports it is filling > up at the same time .. > > Lastly .. I also specified the proxy_temp_path directive in the nginx > config. Again with no effect. The proxy_temp_path is related to the problem, but it's for proxy, not for passenger, and it's expected that it has no effect in your case. > Is there any way to specify which directory nginx uses for its tmp data? Is > nginx even the culprit here? That's not about nginx, but rather about passenger module for nginx. Last time I checked, passenger module for nginx implemented its own protocol for the upstream module (like proxy/fastcgi/etc), and should have its own "..._temp_path" directive, as well as "..._max_temp_file_size" and so on. -- Maxim Dounin http://nginx.org/ From mdounin at mdounin.ru Wed Jun 11 20:21:29 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 12 Jun 2014 00:21:29 +0400 Subject: 400 bad requests now returning http headers? ( crossdomain.xml ) In-Reply-To: References: <20140610193624.GA1849@mdounin.ru> Message-ID: <20140611202129.GF1849@mdounin.ru> Hello! On Tue, Jun 10, 2014 at 04:07:28PM -0400, Thaxll wrote: > Hi Maxim, > > Thank you for the quick reply, I guess there is no workaround for that > problem? It isn't possible to remove headers or specify a dummy protocol for > Nginx? I don't think there is anything that can be done at the configuration level. On the other hand, it should be more or less trivial to write a module to force nginx to think the protocol was HTTP/0.9 and to respond accordingly. -- Maxim Dounin http://nginx.org/ From mdounin at mdounin.ru Wed Jun 11 22:07:12 2014 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 12 Jun 2014 02:07:12 +0400 Subject: Life of objects allocated using the request pool? In-Reply-To: References: Message-ID: <20140611220712.GH1849@mdounin.ru> Hello! On Wed, Jun 11, 2014 at 12:26:03PM +0530, Adarsh Pugalia wrote: > What is the life of objects allocated using the request pool? If I allocate > memory from the r->pool in a request handler, what would be the life of the > object? Will the objects be freed if the request is over of will it sustain > over multiple requests? The request pool is destroyed with the request, and no objects allocated from the pool can be used after this. That's actually the whole point: allocations from a pool don't need to be freed individually, it's enough to destroy the pool itself. -- Maxim Dounin http://nginx.org/ From rvrv7575 at yahoo.com Thu Jun 12 05:46:58 2014 From: rvrv7575 at yahoo.com (Rv Rv) Date: Thu, 12 Jun 2014 13:46:58 +0800 (SGT) Subject: Accessing the location configuration of module 2 during post configuration processing of module 1 for a particular server In-Reply-To: <1402337353.2224.YahooMailNeo@web193506.mail.sg3.yahoo.com> References: <1402337353.2224.YahooMailNeo@web193506.mail.sg3.yahoo.com> Message-ID: <1402552018.84107.YahooMailNeo@web193505.mail.sg3.yahoo.com> Hello Maxim Thanks for your response. Here is a related query. Say in module 1 I have a ?typedef struct ?{ int flag; ngx_str somestring; }?module1; flag gets initialized with the following code? ? ? { ngx_string("module1_directive"), ? ? ? NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, ? ? ? ngx_conf_set_flag_slot, ? ? ? NGX_HTTP_LOC_CONF_OFFSET, ? ? ? offsetof(module1,configured), ? ? ? NULL }, somestring gets iniitialized with a handler written in the module (i.e ?not ngx_conf_set_flag_slot or any inbuilt handler). In the post configuration, I see that flag is not properly set but somestring is. Flag is properly set during request processing though. Are the values set during processing of a directive in location struct guaranteed to be set by the time post configuration is executed? When is the time that one can check for the values set during configuration. I need to test these values to ensure that they are sane when nginx is executed with -t option Thanks Hello! On Tue, Jun 10, 2014 at 02:09:13AM +0800, Rv Rv wrote: > How do we access the configuration of a an unrelated module in a? > given module. This may be required for example to check if the? > directives pertaining to module 2 were specified in location for? > a particular server that has directives for module 1 in its? > configuration. I don't think it's something you should do at postconfiguration -? location structure is complex and not easily accessible.? There? are location configuration merge callbacks where you are expected? to work with location configs and, in particular, can use? ngx_http_conf_get_module_loc_conf() macro to access a? configuration of other modules (note though, that order of modules? may be important in this case). [...] > I did not find any documentation on how the configuration is stored within nginx using these structs? It's under src/, in C language. I would rather say it's not a part of the API, and you'd better? avoid using it directly. --? Maxim Dounin http://nginx.org/ ------------------------------ On Monday, 9 June 2014 11:39 PM, Rv Rv wrote: How do we access the configuration of a an unrelated module in a given module. This may be required for example to check if the directives pertaining to module 2 were specified in location for a particular server that has directives for module 1 in its configuration. From what I understand, code similar to this can be used? /* Get http main configuration */ ? ? cmcf = ctx->main_conf[ngx_http_core_module.ctx_index];? /* Get the list of servers */ ? ? cscfp = cmcf->servers.elts; /* Iterate through the list */ ? ? for (s = 0; s < cmcf->servers.nelts; s++) { ? /* Problem : how to get the configuration of module 2*/ ? ? ? ? ? ? ? ? ? cscfp[s]->ctx->loc_conf[module2.ctx_index];-------------> does not yield the correct location struct of module 2 I did not find any documentation on how the configuration is stored within nginx using these structs? typedef struct { ............. ?/* server ctx */ ngx_http_conf_ctx_t *ctx;?............ } ngx_http_core_srv_conf_t; typedef struct { ? ? void ? ? ? ?**main_conf; ? ? void ? ? ? ?**srv_conf; ? ? void ? ? ? ?**loc_conf; } ngx_http_conf_ctx_t; -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Thu Jun 12 06:57:35 2014 From: nginx-forum at nginx.us (Tatonka) Date: Thu, 12 Jun 2014 02:57:35 -0400 Subject: tmp directory filling up In-Reply-To: <20140611192330.GC1849@mdounin.ru> References: <20140611192330.GC1849@mdounin.ru> Message-ID: <38ca2a8ab941e12bf0b0209c155dc2d0.NginxMailingListEnglish@forum.nginx.org> Hi Maxim, thanks for your answer. I tried redirecting passengers tmp dir as well using the tmp_dir directive as well as using the env variables. For the "regular" passenger tmp files, this seems to work fine (they appear in the new location). My main problem is that I can't even see the file that is using up so much space in the /tmp dir and am quite frankly at a loss how that is even possible. Anyways. Thanks for your help. I'll try to dig into the passenger config a little more. Tim Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250795,250813#msg-250813 From kunalvjti at gmail.com Thu Jun 12 07:00:47 2014 From: kunalvjti at gmail.com (Kunal Pariani) Date: Thu, 12 Jun 2014 00:00:47 -0700 Subject: proxy_pass to different upstreams based on a cookie in the http request header In-Reply-To: <20140611171008.GO16942@daoine.org> References: <20140611171008.GO16942@daoine.org> Message-ID: Thanks for your answer. Worked great for me.. On Wed, Jun 11, 2014 at 10:10 AM, Francis Daly wrote: > On Wed, Jun 11, 2014 at 12:46:41AM -0700, Kunal Pariani wrote: > > Hi there, > > > Am wondering if there is a way to proxy (i.e proxy_pass inside location > > directive) to different set of upstreams based on whether a particular > > cookie is present or not in a http request header. > > You can use a map (http://nginx.org/r/map) > to set a variable based on a cookie > (http://nginx.org/en/docs/http/ngx_http_core_module.html#variables), > and you can use a variable in your proxy_pass directive > (http://nginx.org/r/proxy_pass). > > So it looks like it should Just Work. > > f > -- > Francis Daly francis at daoine.org > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From xmirya at gmail.com Thu Jun 12 12:14:14 2014 From: xmirya at gmail.com (m irya) Date: Thu, 12 Jun 2014 15:14:14 +0300 Subject: proxy_redirect vs. relative URLs from upstream Message-ID: Hi, I'm trying to create a sinle proxying configuration as following: location = /proxy { resolver 8.8.8.8; proxy_pass $args; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_redirect "" $uri?; } e.g. http://example.com/proxy?http://example2.com/ would deliver the contents/headers of http://example2.com/ . If http://example2.com/ replies with Location: http://example3.com/ , the client gets Location: http://example.com/proxy?http://example3.com/ , so it works as expected. However, i've got example2.com replying with relative Location, e.g.: Location: /some/path This results in client getting: Location: http://example.com/proxy?/some/path , something that won't work. Is there any way to make it work for client to get Location: http://example.com/proxy?http://example2.com/some/path ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Thu Jun 12 12:51:32 2014 From: nginx-forum at nginx.us (Khmelevsky) Date: Thu, 12 Jun 2014 08:51:32 -0400 Subject: Nginx location for not exists php files Message-ID: I have config(minimal): server { listen test.local:80; server_name test.local; server_name_in_redirect off; location / { root /data/www/test/public; try_files $uri $uri/ /index.php?route=$uri&$args; index index.html index.php; } location ~ \.php$ { root /data/www/test/public; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/www/test/public$fastcgi_script_name; fastcgi_param ... ... } } Thats work file for urls /help/ or /contacts/ etc(all redirect to index.php with get variabled). But if url, for example, /help.php or contacts.php, and this files not exists, i have output File not found. How update my nginx config? I need urls, for example: /help.php => /index.php?route=/help.php /contacts.php?foo=bar... => /index.php?route=/contacts.php&args=... Thanks a lot! Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250818,250818#msg-250818 From luciano at vespaperitivo.it Thu Jun 12 13:24:45 2014 From: luciano at vespaperitivo.it (Luciano Mannucci) Date: Thu, 12 Jun 2014 15:24:45 +0200 Subject: Rewrite rules from Apache again In-Reply-To: <20140611170550.GN16942@daoine.org> References: <20140610160019.670733F9F4A@mail.nginx.com> <20140610214305.GL16942@daoine.org> <20140611162101.B48E13F9FD7@mail.nginx.com> <20140611170550.GN16942@daoine.org> Message-ID: On Wed, 11 Jun 2014 18:05:50 +0100 Francis Daly wrote: On Wed, 11 Jun 2014 18:05:50 +0100 Francis Daly wrote: > The rewrite that you want doesn't happen, because the request > /en/privacy.php is handled in: > > > location ~ \.php$ { > > location / { > > location ^~ /en/ { > > location = /en/pagina.php { > > location ~ \.php$ { > > ...that location, and not in the one two above it. > > Good luck with it, Solved! Moving all the rewrite rules outside the "location" to the "server" section makes them work as expected. The regexp takes care of the different rewritings to be done. Maaany thanks again, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster at sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From nginx-forum at nginx.us Thu Jun 12 16:36:48 2014 From: nginx-forum at nginx.us (Keyur) Date: Thu, 12 Jun 2014 12:36:48 -0400 Subject: GeoIP FirstNonPrivateXForwardedForIP Message-ID: Hi, My website does country based redirection based on result obtained from GeoIP against IP. I am facing a problem where GeoIP does not work as first IP in the X-Forwarded-For has Private network address. (Say 192.168.1.1) I know GeoIP on private network would fail but the X-Forwarded-For also has the public IP along with Private IP. Eg : 192.168.1.1, 115.97.213.63 - - [Timezone] ...... In some cases where multiple proxies are involved it would show : 192.168.1.1, 115.97.213.63, 115.97.213.12 - - I want GeoIP should be done on the first non private ip. I could achieve this in apache using GeoIP module directive called "FirstNonPrivateXForwardedForIP" How to do this in nginx ? Kindly suggest Regards, Keyur Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250823,250823#msg-250823 From luky-37 at hotmail.com Thu Jun 12 17:10:20 2014 From: luky-37 at hotmail.com (Lukas Tribus) Date: Thu, 12 Jun 2014 19:10:20 +0200 Subject: GeoIP FirstNonPrivateXForwardedForIP In-Reply-To: References: Message-ID: > Hi, > > My website does country based redirection based on result obtained from > GeoIP against IP. > > I am facing a problem where GeoIP does not work as first IP in the > X-Forwarded-For has Private network address. (Say 192.168.1.1) > > I know GeoIP on private network would fail but the X-Forwarded-For also has > the public IP along with Private IP. > > Eg : 192.168.1.1, 115.97.213.63 - - [Timezone] ...... > > In some cases where multiple proxies are involved it would show : > > 192.168.1.1, 115.97.213.63, 115.97.213.12 - - > > I want GeoIP should be done on the first non private ip. I could achieve > this in apache using GeoIP module directive called > "FirstNonPrivateXForwardedForIP" > > How to do this in nginx ? > > Kindly suggest http://nginx.org/en/docs/http/ngx_http_geoip_module.html#geoip_proxy Lukas From francis at daoine.org Thu Jun 12 18:50:27 2014 From: francis at daoine.org (Francis Daly) Date: Thu, 12 Jun 2014 19:50:27 +0100 Subject: Nginx location for not exists php files In-Reply-To: References: Message-ID: <20140612185027.GP16942@daoine.org> On Thu, Jun 12, 2014 at 08:51:32AM -0400, Khmelevsky wrote: Hi there, > But if url, for example, /help.php or contacts.php, and this files not > exists, i have output > > File not found. > How update my nginx config? I need urls, for example: Untested, but: put try_files $uri /index.php?route=$uri&$args; inside the php location, and see if that changes anything. f -- Francis Daly francis at daoine.org From lists at ruby-forum.com Fri Jun 13 10:08:14 2014 From: lists at ruby-forum.com (Chong Flechsig) Date: Fri, 13 Jun 2014 12:08:14 +0200 Subject: buy beautiful oil paintings at low price In-Reply-To: References: Message-ID: Leonardo Da Vinci Last Supper Paintings for sale -- Posted via http://www.ruby-forum.com/. From nginx-forum at nginx.us Fri Jun 13 11:37:56 2014 From: nginx-forum at nginx.us (MrDaniel) Date: Fri, 13 Jun 2014 07:37:56 -0400 Subject: Rtmp Module and LibRtmp Message-ID: Hello. I am seeking advice and suggestions for this issue with nginx and the rtmp module I have been working with RTMP. Previously i have worked with cRtmpServer, however nginx seems better for extending the service later on, further down the line. I am using nginx from this source, which works with my flash player. http://nginx-win.ecsds.eu/ It seem Nginx and libRtmp can work together. http://stackoverflow.com/questions/23629913/capture-camera-and-publish-video-with-librtmp Nginx config, this works with my flash test player for both applications. http://pastebin.com/j2eVWzEg I wish to connect with librtmp, and i am using the setopt functions so that librtmp has a url, port, app, playpath. Currently, my code connects and also connects to the stream. However, only about 9bytes are returned when reading a packet. Here is my libRtmp C++ code. https://groups.google.com/forum/#!topic/c-rtmp-server/HMYfrrs0Bus LibRTMP page with param list. http://rtmpdump.mplayerhq.hu/librtmp.3.html So that's the first issue. Connecting properly, so that we can read a file. Now, for the next part... recording. The solution to the first part, may result in both working. I would also like to record to the server with librtmp. The first link, above, shows how to record using libRtmp to nginx when the params are correct for connecting. How do i configure the server to publish a live stream, so that many clients can access it?? Ideally, we don't want to record video to the server just transport it. Any help moving forward would be good. Suggestions, advice, anything that anyone can recommend trying. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250839,250839#msg-250839 From 627571 at qq.com Fri Jun 13 14:14:51 2014 From: 627571 at qq.com (=?gb18030?B?0qbvvw==?=) Date: Fri, 13 Jun 2014 22:14:51 +0800 Subject: How could I forbid outside visits without response 403 Message-ID: Hi Buddy, I am a newer to Nginx world, now I have a project to link the varnish HTTP server and nginx together, nginx is the back end. I want to allow the connections only by varnish, so I use deny all ,this kind of stuff to archieve this. But if there is a way to compeletely forbid the connections, at present, even the outside connections is forbidden, but I think it still waste some resourses, "RETURN A 403 STATIC PAGE".. I will not use a iptables.. Thank you everyone !!!!!! I would appreciate very much.. -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Fri Jun 13 14:26:20 2014 From: nginx-forum at nginx.us (MrDaniel) Date: Fri, 13 Jun 2014 10:26:20 -0400 Subject: Rtmp Module and LibRtmp In-Reply-To: References: Message-ID: <365b6c0db05bd5158b40f33707239ab1.NginxMailingListEnglish@forum.nginx.org> Further to this..... Here is the log for working swf and not working libRTMP Flash.swf 127.0.0.1 [06/Jun/2014:12:28:23 -0700] PLAY "vod" "bunny.flv" "" - 1037 400014 "http://dl.dropboxusercontent.com/u/2918563/flvplayback.swf" "WIN 13,0,0,214" (1m 34s) LibRTMP 127.0.0.1 [07/Jun/2014:12:44:39 -0700] PLAY "vod" "bunny.flv" "" - 306 25553 "" "" (1m 5s) Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250839,250842#msg-250842 From nginx-forum at nginx.us Fri Jun 13 14:49:25 2014 From: nginx-forum at nginx.us (itpp2012) Date: Fri, 13 Jun 2014 10:49:25 -0400 Subject: Rtmp Module and LibRtmp In-Reply-To: <365b6c0db05bd5158b40f33707239ab1.NginxMailingListEnglish@forum.nginx.org> References: <365b6c0db05bd5158b40f33707239ab1.NginxMailingListEnglish@forum.nginx.org> Message-ID: <0b7751eae390157dcf0eaaf25fe84633.NginxMailingListEnglish@forum.nginx.org> Specific rtmp issues are better placed here: https://groups.google.com/forum/#!forum/nginx-rtmp Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250839,250843#msg-250843 From reallfqq-nginx at yahoo.fr Fri Jun 13 14:57:10 2014 From: reallfqq-nginx at yahoo.fr (B.R.) Date: Fri, 13 Jun 2014 16:57:10 +0200 Subject: How could I forbid outside visits without response 403 In-Reply-To: References: Message-ID: What you describe is by design the job of firewalls... in your case dropping unwanted connections rather that rejecting them. 1 tool = 1 task --- *B. R.* On Fri, Jun 13, 2014 at 4:14 PM, ?? <627571 at qq.com> wrote: > Hi Buddy, > I am a newer to Nginx world, now I have a project to link the varnish HTTP > server and nginx together, nginx is the back end. > > I want to allow the connections only by varnish, so I use deny all ,this > kind of stuff to archieve this. > > But if there is a way to compeletely forbid the connections, at present, > even the outside connections is forbidden, but I think it still waste some > resourses, "RETURN A 403 STATIC PAGE".. > > I will not use a iptables.. > > > Thank you everyone !!!!!! > > I would appreciate very much.. > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From contact at jpluscplusm.com Fri Jun 13 21:54:56 2014 From: contact at jpluscplusm.com (Jonathan Matthews) Date: Fri, 13 Jun 2014 22:54:56 +0100 Subject: How could I forbid outside visits without response 403 In-Reply-To: References: Message-ID: On 13 Jun 2014 15:15, "??" <627571 at qq.com> wrote: > I think it still waste some resourses, "RETURN A 403 STATIC PAGE".. I think you're probably wrong. You're almost certainly prematurely optimising the wrong thing. Just 403 the unwanted requests and move on with your job/life/project. I mean this sincerely, J -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists-nginx at swsystem.co.uk Fri Jun 13 23:19:25 2014 From: lists-nginx at swsystem.co.uk (Steve Wilson) Date: Sat, 14 Jun 2014 00:19:25 +0100 Subject: How could I forbid outside visits without response 403 In-Reply-To: References: Message-ID: <539B86FD.4090201@swsystem.co.uk> On 13/06/14 15:14, ?? wrote: > Hi Buddy, > I am a newer to Nginx world, now I have a project to link the varnish > HTTP server and nginx together, nginx is the back end. > > I want to allow the connections only by varnish, so I use deny all > ,this kind of stuff to archieve this. > > But if there is a way to compeletely forbid the connections, at > present, even the outside connections is forbidden, but I think it > still waste some resourses, "RETURN A 403 STATIC PAGE".. > > I will not use a iptables.. > If varnish and nginx are on the same machine, you could configure nginx listen to listen on loopback (127.0.0.1:8080 say) and varnish to connect to that ip:port. This will stop all external direct access to nginx. I'm guessing you've some conditional check in nginx that's currently denying external access, you could look at the 444 return code. A quick google came up with Steve. From ahmetselmi at gmail.com Sat Jun 14 14:16:14 2014 From: ahmetselmi at gmail.com (Ahmet Selami) Date: Sat, 14 Jun 2014 17:16:14 +0300 Subject: Apache To Nginx Web Server Message-ID: Hello, I want to change my Web Server from Apache to Nginx, but i have a configuration error with this server. I want to change the rewrite module inside .htaccess, shown below, as nginx configuration rewrite module. Can you help me how i change this module as nginx rewrite module? What is the converted nginx module of this apache rewrite module? Thanks, Have a good day. Options -MultiViews RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.+)/$ http://%{HTTP_HOST}/$1 [R=301,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^ index.php [L] -------------- next part -------------- An HTML attachment was scrubbed... URL: From ahmetselmi at gmail.com Sat Jun 14 14:33:11 2014 From: ahmetselmi at gmail.com (Ahmet Selami) Date: Sat, 14 Jun 2014 17:33:11 +0300 Subject: Apache To Nginx Web Server Message-ID: Hello, I want to change my Web Server from Apache to Nginx, but i have a configuration error with this server. I want to change the rewrite module inside .htaccess, shown below, as nginx configuration rewrite module. Can you help me how i change this module as nginx rewrite module? What is the converted nginx module of this apache rewrite module? Thanks, Have a good day. Options -MultiViews RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.+)/$ http://%{HTTP_HOST}/$1 [R=301,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^ index.php [L] -------------- next part -------------- An HTML attachment was scrubbed... URL: From ahmetselmi at gmail.com Sat Jun 14 14:35:14 2014 From: ahmetselmi at gmail.com (Ahmet Selami) Date: Sat, 14 Jun 2014 17:35:14 +0300 Subject: Apache To Nginx Web Server Message-ID: Hello, I want to change my Web Server from Apache to Nginx, but i have a configuration error with this server. I want to change the rewrite module inside .htaccess, shown below, as nginx configuration rewrite module. Can you help me how i change this module as nginx rewrite module? What is the converted nginx module of this apache rewrite module? Thanks, Have a good day. Options -MultiViews RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.+)/$ http://%{HTTP_HOST}/$1 [R=301,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^ index.php [L] -------------- next part -------------- An HTML attachment was scrubbed... URL: From roy at xdam.com Sat Jun 14 14:38:29 2014 From: roy at xdam.com (Roy Phillips) Date: Sat, 14 Jun 2014 10:38:29 -0400 Subject: nginx error after trying to upload images Message-ID: Hi all, Anyone have an idea why we would get this error when trying to upload image? I am stumped as to why nginx erro would be mixed in with this. Is the customers ISP using nginx and blocking our upload? Thank you, Roy Phillips XDAM Support roy at xdam.com http://www.xdam.com -------------- next part -------------- An HTML attachment was scrubbed... URL: