Hi,
On 03/03/17 03:40, polder_trash wrote:
Hi,
I already tried adding both IP addresses to the DNS. But this, rather
predictably, only sent a handful of users to the secondary node.
This should not be the case ( well, for bind anyway ), as it should be
delivering them in a round robin fashi
I read the code of ssl module, the directive ssl_session_timeout seems only
used for ssl session cache, not for ssl session ticket.
the document describes the directive as 'Specifies a time during which a
client may reuse the session parameters.' Is it not exactly?
Is there any timeout for ssl se
So I have a few different thoughts:
1. Yes nginx does support SSL pass through . You can configure nginx to stream
your request to your SSL backend. I do this when I don't have control of the
backend and it has to be SSL. I don't think that's your situation.
2. I suspect that there's something
Hi
Firstly, I am fairly new to nginx.
>From what I understand you have a standard sort of setup.
2 nodes (vm's) with haproxy, allowing nginx to be active / passive.
You have SSL requests which once nginx terminates the SSL, it injects a
security header / token and then I presume it passes thi
Thank's for the info :)
But why is $remote_addr outputting a hyphen instead of the users IP...
I still expect to see the client's IP address.
B.R. via nginx Wrote:
---
> That is because it is not: your eyes deceived you having a too quick
> loo
That is because it is not: your eyes deceived you having a too quick look
at the log line.
Your 'empty' variables are actually showing the value '-' in this log line.
It probably does not help debugging to have static '-' mixed in the format
of your log lines where you put them.
---
*B. R.*
On Su
Francis Daly Wrote:
---
> On Fri, Mar 03, 2017 at 10:47:26AM -0500, c0nw0nk wrote:
>
> Hi there,
>
> > map $http_cf_connecting_ip $client_ip_from_cf {
> > default $http_cf_connecting_ip;
> > }
> >
> > How can I make it so if the client did not
Works for me (so far):
map $query_string $bad_query {
"~[^&;]+([&;][^&;]*){1,}" 1; # deny two or more
parameters
"~emailaddress=[^@]+%40[^@]+" 0; # allow Thunderbird autoconf
"~.+=.+"1; # deny any other
query
defau
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello!
I tried to use "stale-if-error=864000" and
"stale-while-revalidate=864000" co-exist with "expires max;"
directive. Is it possible? My configurations looks like :
... snip ...
expires max;
add_header Cache-Control "stale-while-revalidate=8640