fastcgi causing 502 errors? [was: alternating 404 and 200]
Nuno Magalhães
nunomagalhaes at eu.ipp.pt
Mon Sep 7 18:13:02 MSD 2009
Since this seemed to be php-related i've installed apache 2.2.12. It
didn't give me nearly as many errors as nginx but it did send unparsed
pages from time to time (i.e. with both php and html code...). I had
child processes segfaulting in the log all the time and this error:
[error] [client xx.xx.xx.xx] ALERT - canary mismatch on efree() - heap
overflow detected (attacker 'xx.xx.xx.xx', file '/home/xxx\
After digging some more i ended up upgrading to apache 2.2.13 and
setting suhosin.session.encrypt = off in apache's php/suhosin
configuration. This solved the issue.
However, the general /etc/php5/conf.d/suhosin.ini and
/etc/php5/cgi/conf.d/suhosin.ini both already have
suhosin.session.encrypt = off, so i can't really test this against
nginx+FastCGI. I'll try and upgrade to 5.3 later (and to nginx 0.8.14)
and see if it helps.
This issue happens with PHP's start_session() function, and is being
discussed in a few distros[1][2].
HTH whoever's facing the same issues.
Nuno Magalhães
[1] https://bugs.launchpad.net/ubuntu/+source/php5/+bug/424789
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542514
--
() ascii-rubanda kampajno - kontraŭ html-a retpoŝto
/\ ascii ribbon campaign - against html e-mail
More information about the nginx
mailing list