nginx November 2021

nginx@nginx.org

23 participants
33 discussions

by Chinmay Pendharkar

Hello, Is there a way to log individual websocket messages going through a nginx server setup to proxy websocket as explained here https://nginx.org/en/docs/http/websocket.html ? -Chinmay

1 week, 4 days

Wordpress RSS pages dont work with Nginx

by rahmanusta

I had a wordpress blog and was working on Apache. I migrated the blog to Nginx + php-fpm. But i have a problem with this. My blog has RSS with example.com/feed URL , and i could see the feeds with paged like this example -> http://www.kodcu.com/feed/?paged=45. But in Nginx, this paged RSS urls dont work with my config. /feed and /feed/?paged=X URLs shows top 10 content. My nginx.conf same as below. How can i handle this problem? user root root; worker_processes 2; pid /var/run/nginx.pid; events { worker_connections 1024; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 2; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; error_log /var/log/nginx/error.log; access_log off; gzip on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_buffers 16 8k; gzip_http_version 1.1; gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## index index.php index.html index.htm; ## See here: http://wiki.nginx.org/WordPress server { server_name example.com www.example.com; root /var/www/example.com; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location / { # This is cool because no php is touched for static content try_files $uri $uri/ /index.php?$args; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { expires max; log_not_found off; } } } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,238692,238692#msg-238692

2 weeks, 1 day

need help reverse-proxy config

by Thierry

Dear, I have a reverse-proxy in front of my two servers: web (apache2) and email (nginx-iredmail). The proxy-reverse is perfectly working with my web server running Apache2, but I am not able to make it working for my email server. The reverse-proxy and the email server are both running with the same version of Nginx (1.9). I have tried many configs without any success. My last one: *********************************************************************** server { listen 446; server_name email.domain.ltd; location / { proxy_pass https://email_server_ip:446; proxy_ssl_certificate /etc/ssl/certs/cert.chained.crt; proxy_ssl_certificate_key /etc/ssl/private/private.key; proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2; proxy_ssl_ciphers HIGH:!aNULL:!MD5; proxy_ssl_trusted_certificate /etc/ssl/certs/cert.chained.crt; proxy_ssl_verify on; proxy_ssl_verify_depth 2; proxy_ssl_session_reuse on; error_log /var/log/nginx/error-proxy.log; access_log /var/log/nginx/access-proxy.log; } } Can I please have some help ?? Thx -- Cordialement, Thierry e-mail : lenaigst(a)maelenn.org PGP Key: 0xB7E3B9CD

2 months, 3 weeks

Priority of cache-control, expires, x-accel-expires

by brianmercer

How does nginx caching handle multiple cache control headers sent from a backend? I had a situation where I was sending both expires and cache-control and it seemed that the order in which they were sent controlled. I solved that problem by ignoring the expires header. I thought I recalled that x-accel-expires would override any other headers regardless of order, but that doesn't seem to be the case. Is there a priority, or does order control? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,219520,219520#msg-219520

6 months, 2 weeks

Alert: ignore long locked inactive cache entry

by anish10dec

Hi Team, Intermittently there are multiple below errors reported in error.log file. [alert] 41456#41456: ignore long locked inactive cache entry efcd5613750302a2657fca63c07fc777, count:1 This comes momentarily with a spike of 50-90 K such errors in a minute time span. During this period server load and cpu utilization increases to Maximum dropping all the traffic with 0% Idle CPU and Load rising to more than 100. This happens for 5 min after which server comes back into normal state. Please help What causes this alert and how to avoid this scenario Posted at Nginx Forum: https://forum.nginx.org/read.php?2,291199,291199#msg-291199

7 months

proxy_cache_bypass: How to make "Cache-Control: no-cache" clear old cached response?

by Gabriel Finkelstein

Triggering proxy_cache_bypass on a request that was previously cached, will serve a fresh response from upstream. But if that response now returns a Cache-Control: no-cache header, the old cached response is not replaced nor cleared. Which means that subsequent requests that do not trigger proxy_cache_bypass will keep serving an old response. I guess this is an intended behavior, because proxy_cache_bypass only *replaces* cached responses by storing a fresh one, and a no-cache response means there is nothing to store? Is this what's happening? Is there a way to work around this? I'm running nginx/1.14.2 . Relevant settings: proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my-cache:70m max_size=28g inactive=1d; proxy_temp_path /var/cache/nginx/tmp; proxy_cache my-cache; proxy_cache_key $remote_user$scheme$host$request_uri; proxy_cache_use_stale error timeout invalid_header http_500 http_502 http_503 http_504 http_429; proxy_cache_bypass $http_cache_control; proxy_read_timeout 90; add_header X-Cache-Status $upstream_cache_status; etag off; Thanks _______________________________________________ nginx mailing list nginx(a)nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

8 months, 1 week

Internal Error

by andrescala

Hi everyone, I've installed in docker the NGINX and I'm trying to add the certificate but I get everytime a internal errror!! Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-2" --agree-tos --authenticator webroot --email "xxx(a)gmail.com" --preferred-challenges "dns,http" --domains "xxx.xxx.xxx" Saving debug log to /var/log/letsencrypt/letsencrypt.log Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. at ChildProcess.exithandler (child_process.js:308:12) at ChildProcess.emit (events.js:314:20) at maybeClose (internal/child_process.js:1022:16) at Process.ChildProcess._handle.onexit (internal/child_process.js:287:5) What I'm doing wrong? I have already the subdomain pointing to the ip ! Thanks Posted at Nginx Forum: https://forum.nginx.org/read.php?2,292939,292939#msg-292939 _______________________________________________ nginx mailing list nginx(a)nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

8 months, 1 week

how Can I Cross Compile nginx web server for arm linux?

by vrezaei

hi I need to do Cross Compile Nginx Web Server to use on my target board. I follow instructions on this tutorial https://programmer.help/blogs/cross-compiling-nginx-used-on-hi3536.html but it wasn't successful. ps. my goal is to set up an Nginx webserver with pcre , OpenSSL and rtmp-module on the Hi3521dv100 development board. best regard. Posted at Nginx Forum: https://forum.nginx.org/read.php?2,292907,292907#msg-292907 _______________________________________________ nginx mailing list nginx(a)nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

8 months, 2 weeks

Enabling lua in Nginx 1.18.0

by BELUCHE Yannick

Hello, I installed Nginx and Nginx-extra on an Ubuntu Focal 20.04.2 LTS server. I wanted to use access_by_lua directive and I got an error : $> nginx -t nginx: [emerg] unknown directive "access_by_lua" in /etc/nginx/nginx-lua-headers.conf:91 However it seems by typing nginx -V that the http-lua module is installed : $> nginx -V 2>1& | tr ' ' '\n' nginx version: nginx/1.18.0 (Ubuntu) built with OpenSSL 1.1.1f 31 Mar 2020 TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-KTLRnK/nginx-1.18.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-compat --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_flv_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_mp4_module --with-http_perl_module=dynamic --with-http_random_index_module --with-http_secure_link_module --with-http_sub_module --with-http_xslt_module=dynamic --with-mail=dynamic --with-mail_ssl_module --with-stream=dynamic --with-stream_ssl_module --with-stream_ssl_preread_module --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-headers-more-filter --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-auth-pam --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-cache-purge --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-dav-ext --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-ndk --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-echo --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-fancyindex --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/nchan --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-lua --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/rtmp --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-uploadprogress --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-upstream-fair --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-subs-filter --add-dynamic-module=/build/nginx-KTLRnK/nginx-1.18.0/debian/modules/http-geoip2 the weird thing is that I did the same thing on an older version of Ubuntu (Xenial - 16.04.2 LTS) (ie: apt install nginx nginx-extras) and the directive "access_by_lua" works out of the box on it... Can someone please help me with that ? Thanks in advance! Regards, Yannick _______________________________________________ nginx mailing list nginx(a)nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

8 months, 2 weeks

How does Nginx multiplex gRPC connections

by Tal Kapon

Hi, We have been experimented with nginx as reverse proxy for gRPC connections. We create thousands of simultaneous gRPC connections (simulating many agents). When using unary RPC call from the gRPC client, Nginx multiplexes the connections and creates small number of connections to the backend. When using client streaming gRPC, Nginx creates a connection to the backend per each incoming connection. Can you explain how Nginx decides how to multiplex http2 connections and if there is a way to control it? Thanks _______________________________________________ nginx mailing list nginx(a)nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

8 months, 2 weeks

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

nginx November 2021