Reverse proxy is caching php pages?

nano nginx-forum at nginx.us
Fri Aug 31 11:32:49 UTC 2012


I setup a reverse proxy on my forum and everything is working okay. (I
think?).

http {
...
    proxy_cache_path              /usr/local/nginx/cache  levels=1:2
keys_zone=STATIC:10m inactive=24h max_size=1g;
...
}
  server {
        listen                    80;
       #listen                    [::]:80 ipv6only=on;
        return                    301 https://$host$request_uri;
    }

    server {
        listen                    ssl.xxx.yyy:443 ssl spdy;
       #listen                    [::]:443 ipv6only=on ssl;

        server_name               ssl.xxx.yyy;

        ssl                       on;
        ssl_session_cache         shared:SSL:10m;
        ssl_session_timeout       10m;
        ssl_ciphers              
ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM;
        ssl_protocols             SSLv3 TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_certificate           /usr/local/nginx/ssl/server.pem;
        ssl_certificate_key       /usr/local/nginx/ssl/ssl.key;
        ssl_ecdh_curve            secp521r1;

        keepalive_timeout         300;

        add_header Strict-Transport-Security "max-age=7776000;
includeSubdomains";

        error_page 502 504         /offline.html;

        location / {
            proxy_pass             http://xxx.xxx.xxx.xxx/;
            proxy_set_header       Host xxx.yyy;
            proxy_set_header       CF-Connecting-IP $remote_addr;
            proxy_set_header       X-Forwarded-Proto https;
            proxy_cache            STATIC;
            proxy_cache_valid      200  7d;
            proxy_cache_use_stale  error timeout invalid_header updating
http_500 http_502 http_503 http_504;
        }

        location = /offline.html {
            root html;
        }
    }

[small note: Do I really even need ssl_ecdh_curve? fine without? I can't
find documentation on it so idk why I'm using it]


Config on my main site:


  server {
        listen [::]:80 ipv6only=on; # listen for IPv6 only traffic on IPv6
sockets
        listen 80; # listen also for IPv4 traffic on "regular" IPv4 sockets

        server_name  xxx.yyy;

        client_max_body_size 30M; #for large file uploads

        access_log  /home/web/logs/access.log  main;
        error_log /home/web/logs/error.log;
        
        root   /home/web/site;

        error_page  404 403    /404.html;

        location ~ /\.ht {
            deny   all;
            return 404;
        }

        location ~ /(addons|data|attachments) {
            deny   all;
            return 404;
        }

        location ~ \.php$ {
            try_files          $uri = 404;
            fastcgi_pass       unix:/tmp/php-fpm.sock;
            fastcgi_index      index.php;
            fastcgi_param      SCRIPT_FILENAME 
$document_root$fastcgi_script_name;
            include            fastcgi_params;
        }

        location ~ \.(?:ico|css|js|gif|jpe?g|png)$ {
            expires         90d;
            add_header      Cache-Control public;
        }

        location ~ \.(?:html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml)$ {
            expires 180s;
            add_header Cache-Control "public, must-revalidate";
        }
    }

When I have scripts that should not be cached they get cached. For example
if I have a script that displays my IP address, visiting that page on the
reverse proxy it gets cached and is publicly viewable to everyone. How can I
prevent the reverse proxy from caching PHP pages or pages ending in .php?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,230385,230385#msg-230385



More information about the nginx mailing list