<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hello,<br>
<br>
I am trying to use nginx to reverse-proxy a wordpress website. The
wordpress website works fine when being accessed without nginx in
the middle.<br>
<br>
The problem I am having is that when accessing the home page (which
is about 50k of html alone), nginx responds with "503 Service
Temporarily Unavailable" responses. Using wireshark and tcpdump, it
looks like what happens is that the browser starts requesting
elements of the html home page (css, pictures, etc.) while the html
home has not finished downloading yet.<br>
<br>
I can see using tcpdump that while the html home page is
downloading, nginx responds "503 Service Temporarily Unavailable"
and does not forward the subsequent requests to wordpress. The last
item to be requested by the browser is the favicon, which is served
properly because it is requested through the same TCP connection
once the home page has finished downloading. By contrast, the other
elements are requested using other TCP connections.<br>
<br>
So it looks like nginx decides to responds 503 instead of forwarding
requests to wordpress because a request is being served.<br>
<br>
I am using nginx 1.9.12, it is running in a docker container; the
host is Ubuntu 16.04. Please find below the config files. I can
provide the logs as well if necessary. I tried firefox and chrome
with the same results.<br>
<br>
Thanks a lot for any help!<br>
<br>
Fabrice<br>
<br>
<br>
<br>
nginx.conf:<br>
<br>
<blockquote><font size="+1"><tt>user nginx;</tt></font><br>
<font size="+1"><tt>worker_processes auto;</tt></font><br>
<br>
<font size="+1"><tt>error_log /var/log/nginx/error.log debug;</tt></font><br>
<font size="+1"><tt>pid /var/run/nginx.pid;</tt></font><br>
<br>
<font size="+1"><tt>worker_rlimit_nofile 1024;</tt></font><br>
<br>
<font size="+1"><tt>events {</tt></font><br>
<font size="+1"><tt> worker_connections 1024;</tt></font><br>
<font size="+1"><tt>}</tt></font><br>
<br>
<br>
<font size="+1"><tt>http {</tt></font><br>
<font size="+1"><tt> include /etc/nginx/mime.types;</tt></font><br>
<font size="+1"><tt> default_type application/octet-stream;</tt></font><br>
<br>
<font size="+1"><tt> log_format main '$remote_addr -
$remote_user [$time_local] "$request" '</tt></font><br>
<font size="+1"><tt> '$status
$body_bytes_sent "$http_referer" '</tt></font><br>
<font size="+1"><tt> '"$http_user_agent"
"$http_x_forwarded_for"';</tt></font><br>
<br>
<font size="+1"><tt> access_log /var/log/nginx/access.log
main;</tt></font><br>
<br>
<font size="+1"><tt> sendfile on;</tt></font><br>
<font size="+1"><tt> #tcp_nopush on;</tt></font><br>
<br>
<font size="+1"><tt> keepalive_timeout 65;</tt></font><br>
<br>
<font size="+1"><tt> gzip off;</tt></font><br>
<br>
<font size="+1"><tt> include /etc/nginx/conf.d/*.conf;</tt></font><br>
<font size="+1"><tt>}</tt></font><br>
<font size="+1"><tt>daemon off;</tt></font><br>
</blockquote>
<br>
<br>
There is only one file in "conf.d/", which is named "default.conf":<br>
<br>
<blockquote><font size="+1"><tt># If we receive X-Forwarded-Proto,
pass it through; otherwise, pass along the</tt></font><br>
<font size="+1"><tt># scheme used to connect to this server</tt></font><br>
<font size="+1"><tt>map $http_x_forwarded_proto
$proxy_x_forwarded_proto {</tt></font><br>
<font size="+1"><tt> default $http_x_forwarded_proto;</tt></font><br>
<font size="+1"><tt> '' $scheme;</tt></font><br>
<font size="+1"><tt>}</tt></font><br>
<font size="+1"><tt># If we receive X-Forwarded-Port, pass it
through; otherwise, pass along the</tt></font><br>
<font size="+1"><tt># server port the client connected to</tt></font><br>
<font size="+1"><tt>map $http_x_forwarded_port
$proxy_x_forwarded_port {</tt></font><br>
<font size="+1"><tt> default $http_x_forwarded_port;</tt></font><br>
<font size="+1"><tt> '' $server_port;</tt></font><br>
<font size="+1"><tt>}</tt></font><br>
<font size="+1"><tt># If we receive Upgrade, set Connection to
"upgrade"; otherwise, delete any</tt></font><br>
<font size="+1"><tt># Connection header that may have been passed
to this server</tt></font><br>
<font size="+1"><tt>map $http_upgrade $proxy_connection {</tt></font><br>
<font size="+1"><tt> default upgrade;</tt></font><br>
<font size="+1"><tt> '' close;</tt></font><br>
<font size="+1"><tt>}</tt></font><br>
<font size="+1"><tt># Apply fix for very long server names</tt></font><br>
<font size="+1"><tt>server_names_hash_bucket_size 128;</tt></font><br>
<font size="+1"><tt># Default dhparam</tt></font><br>
<font size="+1"><tt>ssl_dhparam /etc/nginx/dhparam/dhparam.pem;</tt></font><br>
<font size="+1"><tt># Set appropriate X-Forwarded-Ssl header</tt></font><br>
<font size="+1"><tt>map $scheme $proxy_x_forwarded_ssl {</tt></font><br>
<font size="+1"><tt> default off;</tt></font><br>
<font size="+1"><tt> https on;</tt></font><br>
<font size="+1"><tt>}</tt></font><br>
<font size="+1"><tt>gzip_types text/plain text/css
application/javascript application/json
application/x-javascript text/xml application/xml
application/xml+rss text/javascript;</tt></font><br>
<font size="+1"><tt>log_format vhost '$host $remote_addr -
$remote_user [$time_local] '</tt></font><br>
<font size="+1"><tt> '"$request" $status
$body_bytes_sent '</tt></font><br>
<font size="+1"><tt> '"$http_referer"
"$http_user_agent"';</tt></font><br>
<font size="+1"><tt>access_log off;</tt></font><br>
<font size="+1"><tt># HTTP 1.1 support</tt></font><br>
<font size="+1"><tt>proxy_http_version 1.1;</tt></font><br>
<font size="+1"><tt>proxy_buffering off;</tt></font><br>
<font size="+1"><tt>proxy_set_header Host $http_host;</tt></font><br>
<font size="+1"><tt>proxy_set_header Upgrade $http_upgrade;</tt></font><br>
<font size="+1"><tt>proxy_set_header Connection $proxy_connection;</tt></font><br>
<font size="+1"><tt>proxy_set_header X-Real-IP $remote_addr;</tt></font><br>
<font size="+1"><tt>proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;</tt></font><br>
<font size="+1"><tt>proxy_set_header X-Forwarded-Proto
$proxy_x_forwarded_proto;</tt></font><br>
<font size="+1"><tt>proxy_set_header X-Forwarded-Ssl
$proxy_x_forwarded_ssl;</tt></font><br>
<font size="+1"><tt>proxy_set_header X-Forwarded-Port
$proxy_x_forwarded_port;</tt></font><br>
<font size="+1"><tt># Mitigate httpoxy attack (see README for
details)</tt></font><br>
<font size="+1"><tt>proxy_set_header Proxy "";</tt></font><br>
<font size="+1"><tt>server {</tt></font><br>
<font size="+1"><tt> server_name _; # This is just an invalid
value which will never trigger on a real hostname.</tt></font><br>
<font size="+1"><tt> listen 80;</tt></font><br>
<font size="+1"><tt> access_log /var/log/nginx/access.log
vhost;</tt></font><br>
<font size="+1"><tt> return 503;</tt></font><br>
<font size="+1"><tt>}</tt></font><br>
<font size="+1"><tt># incise.co</tt></font><br>
<font size="+1"><tt>upstream incise.co {</tt></font><br>
<font size="+1"><tt> ## Can be connect with
"bridge" network</tt></font><br>
<font size="+1"><tt> # wp</tt></font><br>
<font size="+1"><tt> server 172.17.0.4:80;</tt></font><br>
<font size="+1"><tt>}</tt></font><br>
<font size="+1"><tt>server {</tt></font><br>
<font size="+1"><tt> server_name incise.co;</tt></font><br>
<font size="+1"><tt> listen 80 ;</tt></font><br>
<font size="+1"><tt> access_log /var/log/nginx/access.log
vhost;</tt></font><br>
<font size="+1"><tt> location / {</tt></font><br>
<font size="+1"><tt> proxy_pass <a class="moz-txt-link-freetext" href="http://incise.co">http://incise.co</a>;</tt></font><br>
<font size="+1"><tt> }</tt></font><br>
<font size="+1"><tt>}</tt></font><br>
</blockquote>
<br>
</body>
</html>