Hi all, I've faced with the next issue and need some help. When I send a large request with json content (the request size is above 10kB), Nginx returns "500 Internal Server Error". But, when I send the same request with less size, it works fine.
My steps: 1. I enabled "debug" logging for error.log, but I don't see any errors. 2. Also, I added '$upstream_response_length $upstream_response_time $upstream_status $request_body' parameters for logging for access.log. Once "500 Internal Server Error" error happens, I can see these parameters are empty. This is an example of my log in access.log: "POST /report/exportreport HTTP/1.1" 500 186 9216 "-" - - - - "PostmanRuntime/7.25.0" "-" But I can see these parameters for other successful requests. 3. Also, I tried to use 'client_max_body_size' parameters in config file, but it doesn't work for me. It seems that Nginx trims large request. Please, could any help me? Thank you in advance. Version of Nginx: 1.14.1 Config Nginx: user centos; worker_processes auto; error_log /var/log/nginx/error.log debug; pid /run/nginx.pid; # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent $request_length "$http_referer" ' '$upstream_response_length $upstream_response_time $upstream_status ' '$request_body ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; access_log on; error_log on; client_max_body_size 1m; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # don't send the nginx version number in error pages and Server header server_tokens off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; # enable session resumption to improve https performance # http://vincent.bernat.im/en/blog/2011-ssl-session-reuse-rfc5077.html ssl_session_cache shared:SSL:50m; ssl_session_timeout 1d; ssl_session_tickets off; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; # frontnend server { if ($request_method !~ ^(GET|POST)$ ) { return 405; } server_name www.fcs.navitrack.com.ua fcs.navitrack.com.ua; listen 443 ssl; listen [::]:443 ssl; root /home/centos/navitrack/navitrack-fcs/frontend; index index.html; ssl_certificate "/etc/letsencrypt/live/www.fcs.navitrack.com.ua/fullchain.pem"; ssl_certificate_key "/etc/letsencrypt/live/www.fcs.navitrack.com.ua/privkey.pem"; ssl_trusted_certificate "/etc/letsencrypt/live/www.fcs.navitrack.com.ua/fullchain.pem"; client_max_body_size 1m; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { add_header 'X-XSS-Protection' '1; mode=block' always; add_header 'X-Content-Type-Option' 'nosniff' always; add_header 'X-Frame-Options' 'SAMEORIGIN' always; add_header 'Content-Security-Policy' "default-src 'self'; script-src 'self' https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://maps.googleapis.com https://maps.gstatic.com data:; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://api.fcs.navitrack.com.ua https://maps.googleapis.com"; } location /login { alias /home/centos/navitrack/navitrack-fcs/frontend; add_header 'X-XSS-Protection' '1; mode=block' always; add_header 'X-Content-Type-Option' 'nosniff' always; add_header 'X-Frame-Options' 'SAMEORIGIN' always; add_header 'Content-Security-Policy' "default-src 'self'; script-src 'self' https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://maps.googleapis.com https://maps.gstatic.com data:; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://api.fcs.navitrack.com.ua https://maps.googleapis.com"; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } # backend server { if ($request_method !~ ^(GET|POST|OPTIONS)$ ) { return 405; } server_name api.fcs.navitrack.com.ua; listen 443 ssl; listen [::]:443 ssl; ssl_certificate "/etc/letsencrypt/live/api.fcs.navitrack.com.ua/fullchain.pem"; ssl_certificate_key "/etc/letsencrypt/live/api.fcs.navitrack.com.ua/privkey.pem"; ssl_trusted_certificate "/etc/letsencrypt/live/api.fcs.navitrack.com.ua/fullchain.pem"; client_max_body_size 1m; location / { #add CORS if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' 'https://fcs.navitrack.com.ua' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; add_header 'Access-Control-Max-Age' 86400 always; add_header 'Content-Type' 'text/plain; charset=utf-8' always; add_header 'Content-Length' 0 always; return 204; } if ($request_method = 'GET') { add_header 'Access-Control-Allow-Origin' 'https://fcs.navitrack.com.ua' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; } if ($request_method = 'POST') { add_header 'Access-Control-Allow-Origin' 'https://fcs.navitrack.com.ua' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; } proxy_pass http://localhost:18745; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection keep-alive; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_buffer_size 20k; proxy_buffers 16 256k; proxy_busy_buffers_size 512k; } } } Posted at Nginx Forum: https://forum.nginx.org/read.php?2,288137,288137#msg-288137 _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx