not intrusive basic reverse proxy.. how to know of these limits are bouncing users?

David Taveras d3taveras38d3 at gmail.com
Sun Feb 14 08:03:29 MSK 2010


Hello


I have a working version of a basic reverse proxy with SSL without
caching, and without compression. The idea is to make a config that is
conservative in the way it should not affect legitimate users. My
backend server is 100ms away from this proxy.

My biggest concern is to set options so low that it will kick off
legitimate users without me knowing:


In general Id like to ask if this config serves that purpose or if
there is anything I should remove?

Iam having a hard time understanding the Size limits from clients,
even though I looked at the faq i interpret that

 ## Size Limits from Clients
  client_body_buffer_size     128K;
  client_header_buffer_size   128K;
  client_max_body_size          1M;
  large_client_header_buffers 1 1k;

This would set the maximum amount of uplaod to 1mb, however the 128Kb
is the limit accepted without having the input sent to a temporary
buffer file?

Also, in regards to the header size. Iam just recieving some form
POST, and some basic GET vars. Should these parameters be lowered?

If they are lowered and they trigger will I know based on the logs/an
error in the users screen?


 ## Timeouts from Clients
  client_body_timeout   60;
  client_header_timeout 60;
  keepalive_timeout     60 60;
  send_timeout          60;

The same for these, Iam guessing all of these generate an error to the
user in case they trigger? Are these values conservative?



More information about the nginx mailing list