leaking memory nginx 1.8.0
evgeni22
nginx-forum at nginx.us
Tue Jul 7 20:02:41 UTC 2015
This my hardware server:
Processor Intel Xeon E3 1225v2
Cores/Threads 4 cores/ 4 threads
Frequency 3.2 GHz+
RAM 32GB DDR3
Disks 3 x 120 GB SSD
=========================================
the config is nginx.conf:
#user nginx;
# The number of worker processes is changed automatically by CustomBuild,
according to the number of CPU core$
worker_processes 4;
pid /var/run/nginx.pid;
error_log /var/logs//nginx/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
events {
include /etc/nginx/nginx-events.conf;
}
http {
include /etc/nginx/mime.types;
# access_log /var/log/nginx/access.log main;
# For user configurations not maintained by DirectAdmin. Empty by
default.
include /etc/nginx/nginx-includes.conf;
# Supplemental configuration
include /etc/nginx/nginx-modsecurity-enable.conf;
include /etc/nginx/nginx-defaults.conf;
include /etc/nginx/nginx-gzip.conf;
include /etc/nginx/directadmin-ips.conf;
include /etc/nginx/directadmin-settings.conf;
include /etc/nginx/nginx-vhosts.conf;
include /etc/nginx/directadmin-vhosts.conf;
}
==========================================
config for nginx-defaults.conf:
default_type application/octet-stream;
tcp_nopush on;
tcp_nodelay on;
sendfile on;
log_format bytes '$bytes_sent $request_length';
keepalive_timeout 2;
types_hash_max_size 2048;
disable_symlinks if_not_owner from=$document_root;
server_tokens off;
client_max_body_size 1024m;
client_body_timeout 3m;
client_body_buffer_size 128k;
client_header_timeout 20;
client_header_buffer_size 3m;
large_client_header_buffers 4 256k;
send_timeout 20;
proxy_connect_timeout 600s;
proxy_send_timeout 600s;
proxy_read_timeout 600s;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
fastcgi_send_timeout 600s;
fastcgi_read_timeout 600s;
server_names_hash_bucket_size 128;
server_names_hash_max_size 10240;
ssl_dhparam /etc/nginx/ssl.crt/dhparams.pem;
## Anti ddos
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
================================
config for nginx-gzip.conf
gzip on;
gzip_static on;
gzip_disable "msie6";
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript
text/xml application/xml application$
gzip_buffers 16 8k;
gzip_min_length 10;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
===================================
config for nginx/directadmin-ips.conf:
server {
listen xx.xx.xx.xx:80 default_server; // i hide the ip
server_name _;
root /home/admin/domains/sharedip;
index index.html index.htm index.php;
include /usr/local/directadmin/data/users/admin/nginx_php.conf;
# deny access to apache .htaccess files
location ~ /\.ht
{
deny all;
}
include /etc/nginx/webapps.conf;
}
server {
listen xx.xx.xx.xx:443 default_server; // i hide the ip
server_name _;
ssl on;
ssl_certificate /etc/nginx/ssl.crt/server.crt.combined;
ssl_certificate_key /etc/nginx/ssl.key/server.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
root /home/admin/domains/sharedip;
index index.html index.htm index.php;
include /usr/local/directadmin/data/users/admin/nginx_php.conf;
# deny access to apache .htaccess files
location ~ /\.ht
{
deny all;
}
include /etc/nginx/webapps.conf;
}
===========================
config for directadmin-settings.conf:
empty
===========================
config for nginx-vhosts.conf
server {
listen xx.xx.xx.x:80; // i hide the ip
listen 127.0.0.1:80;
#listen [::1]:80;
server_name $hostname xx.xx.xx.xx; / i hide the ip
root /var/www/html;
index index.html index.htm index.php;
#Support UserDir (~/user/)
location ~^/~(?<userdir_user>.+?)(?<userdir_uri>/.*)?$ {
alias /home/$userdir_user/public_html$userdir_uri;
index index.html index.htm index.php;
autoindex on;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
#try_files does not work after alias directive
if (!-f $request_filename) {
return 404;
}
fastcgi_param DOCUMENT_ROOT
/home/$userdir_user/public_html;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass
unix:/usr/local/php54/sockets/$userdir_user.sock;
}
}
# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
fastcgi_pass unix:/usr/local/php54/sockets/webapps.sock;
}
include /etc/nginx/nginx-info.conf;
include /etc/nginx/webapps.conf;
}
# HTTPS server
#
server {
listen xx.xx.xx.xx:443 ssl; / i hide the ip
listen 127.0.0.1:443 ssl;
#listen [::1]:443 ssl;
server_name $hostname xx.xx.xx.xx; / i hide the ip
ssl on;
ssl_certificate /etc/nginx/ssl.crt/server.crt.combined;
ssl_certificate_key /etc/nginx/ssl.key/server.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
root /var/www/html;
index index.html index.htm index.php;
#Support UserDir (~/user/)
location ~^/~(?<userdir_user>.+?)(?<userdir_uri>/.*)?$ {
alias /home/$userdir_user/private_html$userdir_uri;
index index.html index.htm index.php;
autoindex on;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
#try_files does not work after alias directive
if (!-f $request_filename) {
return 404;
}
fastcgi_param DOCUMENT_ROOT
/home/$userdir_user/private_html;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass
unix:/usr/local/php54/sockets/$userdir_user.sock;
}
}
# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
fastcgi_pass unix:/usr/local/php54/sockets/webapps.sock;
}
include /etc/nginx/nginx-info.conf;
include /etc/nginx/webapps.ssl.conf;
}
====================================
config for directadmin-vhosts.conf:
for individual clients i think not matter it empty there.
=================================
config for: nginx/nginx-info.conf
location /nginx_status {
# Enable nginx status page
stub_status on;
# Disable status page logging in access_log
access_log off;
# Allow access from 127.0.0.1
allow 127.0.0.1;
# Deny all the other connections
deny all;
}
=========================
security_mod disabled now. but the config is nginx-modsecurity-enable.conf:
ModSecurityEnabled on;
ModSecurityConfig /etc/nginx/nginx-modsecurity.conf;
============================
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,260106,260124#msg-260124
More information about the nginx
mailing list