esponse; that response content may lead to more
requests for css and jpg and the like content.
If the initial response is 404, there is unlikely to be a follow-up
request.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
ngi
On Mon, Nov 23, 2015 at 10:23:20AM +1100, Sylvain BERTRAND wrote:
> On Sun, Nov 22, 2015 at 05:25:11PM +0000, Francis Daly wrote:
Hi there,
> > Probably they have configured their servers to deny any request that
> > includes "libwww" in the User-Agent.
>
> I'm
s followed by two hexadecimal
characters, which should mean "it is correctly encoded".
If you wanted nginx to be this front-end web service, I think that you
would need code-level changes in your version to get it to accept the
broken input. It is not "
o that it believes that its base url is
/nas/ and not /, on the local server.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
e handled by processing *this* file through *that*
fastcgi server (or whatever is appropriate).
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
wn system which does the equivalent of
./passwordscript > passwordfile
service nginx start
echo random > passwordfile
at the appropriate times.
I don't see how your system security is enhanced, if you do anything
other than manually type in the password each time it is needed.
Good luck
On Mon, Nov 16, 2015 at 04:51:29PM +0300, Maxim Dounin wrote:
> On Sun, Nov 15, 2015 at 12:51:56PM +0000, Francis Daly wrote:
> > On Fri, Nov 13, 2015 at 03:37:28PM +0100, Joó Ádám wrote:
Hi there,
> > > I would like to terminate TLS connections arriving at the default
> >
xpires;
(in the right parts of the config file) might do some of what you want.
Probably you will have to adjust some of those numbers to match "local
midnight" or "UTC midnight"; and possibly you will want to adjust the
regex to allow for the local timezone offset -- see the $time_i
ist can do about it.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On Tue, May 31, 2016 at 12:33:56PM -0400, Larry Martell wrote:
> On Tue, May 31, 2016 at 11:38 AM, Francis Daly <fran...@daoine.org> wrote:
> > On Tue, May 31, 2016 at 10:26:26AM -0400, Larry Martell wrote:
Hi there,
> >> The C++ app sends the request directly to po
reviously, and show all
historical answers.
Perhaps builtwith.com uses heuristics which are wrong for your site.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On Tue, May 31, 2016 at 04:48:19PM -0400, Larry Martell wrote:
> On Tue, May 31, 2016 at 4:19 PM, Francis Daly <fran...@daoine.org> wrote:
> > On Tue, May 31, 2016 at 12:33:56PM -0400, Larry Martell wrote:
Hi there,
> > It sounds like your design is that your client
heck.
http://nginx.org/r/$http_
http://nginx.org/r/$sent_http_
http://nginx.org/r/$upstream_http_
are three different families of variables set within nginx.
Possibly one of them covers what you want?
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On Tue, May 31, 2016 at 10:26:26AM -0400, Larry Martell wrote:
> On Tue, May 31, 2016 at 9:45 AM, Francis Daly <fran...@daoine.org> wrote:
Hi there,
> > Possibly one of them covers what you want?
>
> There are 2 ways requests get to port 8000, which is the port I wa
ailable.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
. That might lead to a smaller or less-frequently-updated
nginx.conf.
But if you have the option to reorganise at least one of the "upstream"
url hierarchies, I'd suggest doing that instead.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
_
cause this message? How to debug it?
I think that this message (can|does) mean that the far side did not like
something about your certificate.
If that is the case - are there any logs on the thing connecting to
nginx about what it thinks happened in the TLS negotiation?
Cheers,
://nginx.org/r/add_header
That suggests that you can use an "always" parameter.
Is that appropriate in this case?
If not, then possibly the third-party "headers more" module may be useful.
f
--
Francis Dalyfran...@daoine.org
__
ited
into, that location counts.
What is "root" set to here? What file on your filesystem do you want
nginx to return?
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
e what config you want, and make that happen. Perhaps the fix is
to completely remove the first such block. Perhaps it is something else.
Cheers,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.or
(sub)request?
The page at
https://www.nginx.com/resources/wiki/start/topics/examples/phpfcgi/
comes up when I search for "php nginx path_info". It has an example
configuration that may be worth examining.
Good luck with it,
f
--
Fran
the end. Your nginx rewrite does
not. Possibly you want "break" -- http://nginx.org/r/rewrite
Your apache RewriteRule is protected by RewriteCond. Your nginx rewrite
is not. Possibly something involving try_files or error_page and a named
location for fallback could achieve the sam
> Can someone tell what is wrong in my configuration?
Possibly nothing.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
x-age=10800
If you get different output, it may be worth investigating properly what
is happening.
But it may be simpler to just deploy your tested-working version.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mai
will involve
"curl -x" with the nginx host:port. As far as any client is concerned,
nginx is a web server.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
/clientcert/ is all handled by an external process,
then possibly it could do its own validation or verification using values
provided by nginx.)
http://nginx.org/r/$ssl_client_verify for some details.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
What value do you see for that? Is it exactly the filename that you want
your fastcgi server to process?
If not, what file do you want your fastcgi server to process?
After that, you can decide whether you want to use a try_files directive
in this location{} block, and if so, what exactly you
y option.
Failing that: what is the small configuration that does not do what you
want in 1.9.2?
Copy-paste enough so that someone else can reproduce the problem that
you are reporting.
Cheers,
f
--
Francis Dalyfran...@daoine.org
___
nginx
t;zone=off", for example.)
Then in your nested location, use
limit_req zone=off;
and that should stop the outer value from being inherited.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mail
pp/app.php"
or something else instead?
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
te: in the above I have assumed that the source and destination
hostnames are the same. If they really are not, and the number of x's is
intentionally different, then you would need to include the full http://
url in the return directive.)
Good luck with it,
st of the system use that value for an
"unknown" account.
The alternative approach would be to have a separate server{} block
for each account, with lots of duplication that is handled by your
config-generator-from-template system. But f you want a single server{}
block, the above is p
t; > excess: 10.200 in above log means that the requests are being limited as
> > they are averaging at 10.2 requests / second .
...more than the configured limit.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
r directive that you want?
If this is a public web server without any special authentications,
then the curl response contains no secrets.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
* Public-Key-Pins header found, but with invalid formatting
* valid Public-Key-Pins header found, but without the sha256 of the
current certificate
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
cate and key in the name of your backend, and
use that on nginx.
(nginx is a reverse proxy. You reverse-proxy services you control.)
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mail
}
could work.
If the applet knows the upstream it came from, and tries to access that
directly, then nginx is probably not involved.
The best way to understand how to proxy this service (if it is even
possible), is to know what it wants to do, at the network level.
Good luck with it,
f
--
On Tue, Mar 15, 2016 at 08:20:25PM -0400, miky wrote:
Hi there,
> I use a nginx server in front of it as a reverse proxy and use a virtual
> host. When I access http://portal, I want it to display the page as if it
> was http://virt1
http://nginx.org/r/proxy_set_header
f
--
> When I try the following in a map:
> ~^/(?.)(?.) $a$b;
You can use $a and $b outside the map; but where you have "$a$b", you
must instead have exactly one string or one variable.
f
--
Francis Dalyfran...@daoine.org
___
On Thu, Apr 07, 2016 at 10:31:31AM +0100, Robin Becker wrote:
> On 06/04/2016 23:14, Francis Daly wrote:
Hi there,
> >>Is there a way to customize my error page for this case?
> >
> >What you have done should work. Depending on the rest of your config,
> >of cou
the proxy_pass directive, you could probably drop
the "/static" part of the argument since it matches the request prefix.
But until the proxy_pass is actually used, changing it will make no
difference.
f
--
Francis Dalyfran...@daoine.org
to override nginx's 404 page so it
> doesn't reveal the server.
Patch the code and recompile.
You probably don't want to do that.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
any* answer to
your question? (Including this one.)
And, by extension, why would you even ask a question?
Read The Fine Source.
It's the only way to be sure.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx maili
On Fri, Apr 08, 2016 at 05:06:19AM -0400, JoakimR wrote:
Hi there,
> Hi Francis Daly thank you very much for your reply
You're welcome.
> Let's brake this down one by one. I followed you suggestion and added
> fastcgi_connect_timeout 600s; to the conf, however the pages still time ou
is used for that
subrequest; then possibly enabling the debug log on a test server will
help you track it.
Note - the debug log contains lots of information, most of which probably
counts as "noise" for the one specific thing you are trying to find.
o index.php.
http://nginx.org/r/location
Your rule does not redirect *all* requests.
> Any ideas?!
There's a missing backslash "\" on the "location ~*" line, just before
the ".(".
f
--
Francis Dalyfran...@daoine.org
e browser (client) and
> remote server.
In that case, nginx is not involved, no?
How does the browser know to talk to the remote server?
> Thank you. Will you help me if I got more information?
If you have enough information, it may be clear what is needed.
So long as it remains ngi
quot;,
and there is no immediate benefit to nesting.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
ter.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
behaviour do you want that you are not seeing?
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
pg|jpeg|gif|css|png|js|ico|xml)$ {
> location = /50x.html {
> location ~ \.php$ {
> location ~ /\.ht {
For each test request that you make, which location block have you
configured nginx to use to handle it? Is that the one that you want
nginx to use to handle it?
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
non-root).
Your "letsencrypt" server{} block does not have any listen directive.
So add one there -- and to any other similar blocks -- or do not start
nginx as root (and therefore be unable to listen to any port below 1024).
f
--
Francis Dalyfran...@daoine.org
___
specific thing you want to do?
Do you have it working? If not, what do you have, what do you do, what
response do you get, what response do you want?
Repeat, for each other specific thing that you want to do.
Good luck with it,
f
--
Francis Dalyfran...@daoine.or
On Mon, Apr 04, 2016 at 08:54:12PM +0100, Francis Daly wrote:
> On Mon, Apr 04, 2016 at 09:36:36PM +0200, B.R. wrote:
Hi there,
> > -> Error page HTTP 404 (???)
>
> I only get 404 if error_page.html does not exist. If it does exist,
> I get it with http 200.
>
>
ace" is replaced with "ip", this can work with two
server{} blocks.
> When I did the server{} per IP approach nginx complained about duplicate
> listen settings for the second IP even though both server stanzas were
> bound to a specific port/interface. Is this a bug p
quot;curl" output you show seems to show your own http headers being
successfully written.
So it looks like what you have shown, is working.
That's good.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
e simplest possible method to print it somewhere you can read
it. Usually, that means logging, since that should not have a complex
data structure.
> test_val->hash = ngx_crc32_long(test_val->lowcase_key, test_val->key.len);
> }
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
on is usually a very good idea if "/live"
is to be served from the filesystem and corresponds to a directory.
So: why do you want to remove the trailing slash, in the shown
configuration?
If you want /live to redirect to /live/, then you should configure thing
such that /live/ does not
option too, perhaps you could make a policy of only setting them in
that server{}?
You'd still have the issue of multiple bind()s; but that is presumably
"change your config design or change your OS".
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
lse that is repeatable when there is no
extra caching in the browser, for example, then the curl command that
shows the request and response will be helpful.
Cheers,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.o
doing
everything you want.
The other should have "server_name old-name;" and "return 301
http://new-name$request_uri;; and not a lot more.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
h
copied it wrong, or the example code is wrong.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
sticket".
Cheers,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
from the one example
you have given.
> I can write a perl script and run that url through its regex and it does
> change them.
>
> So what does the nginx regex do different from perl regex with regard to %
> signs.
With regard to % signs, nginx regex uses the %-unencoded version. Wi
THOD:POST|ACCEPT:application/json;
HTTPMETHOD there is $upstream_method, which is not (by default) what
the client sent to nginx.
I think that there's not enough information here to allow someone else
discover the problem. If you can make a reproducible failure case,
that will probably mak
oosing not to send it "chunked" even though it normally would.
This problem seems to be nginx reading a request from a client, where
the request is malformed.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
ngin
m?
When you know that, it may be more obvious what proxy_pass configuration
to use.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
g something odd, then there is
a conflict to investigate. Otherwise, it should says something about the
connections that it is closing.
If the site is opening fine, maybe there is no problem to worry about.
f
--
Francis Dalyfran...@daoine.org
__
currently does.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
k control device.)
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
ers_out
data structure, as the examples show.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
udio-file.html, what response should I get?
Or alternatively: what request should I make, in order to be sent the
content of the file /usr/local/nginx/html/audio-file.html?
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
everse proxy for things
you control, change your policy so that nginx can talk to your external
web server without going through the proxy.
I don't think that there is a "good" answer.
f
--
Francis Dalyfran...@daoine.org
__
simultaneous users at peak times.
How many requests, or requests per second, corresponds to one user,
on this site?
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
e third question.
Alternatively, if Apache or nginx change their response based on the
User-Agent, you can try using "curl" to make the requests, using varying
User-Agent headers.
> Do you know any solutions?
Not yet; I don't know what the problem is.
Good luck with it,
f
--
config like the one previously posted?
Cheers,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
ablished, you do your own control.
Possibly doing the backend validation check more frequently will help? Or
whatever it is that decides that the cookie has expired, could let the
backend know to close the connection now (or could invite the backend
to do a validation check now)?
f
--
Fra
.224.128.52862: 37996 1/0/0 A
93.184.216.34 (49)
===
Now, I don't control the google name server, and I can't make
www.example.net get an updated address at will; but the above does seem
to show that the nginx resolver is making a fresh dns request when it
is supposed to.
Do you see something el
nse you get,
or what response you want. So I'll let someone else get involved.
Cheers,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
"POST / HTTP/1.1", upstream:
> "fastcgi://127.0.0.1:9000", host: "10.50.x.x", referrer: "http://10.50.x.x;
And that message is that the fasctcgi server broke the connection.
It is probably worth investigating what the fastcgi server thinks is
happe
t; or, most likely here, "uwsgi_pass".
"the next server" is the upstream, in this context.
And the directive is whichever *_pass you use here.
Cheers,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
d=swfupload.
If you don't want the request body logged, don't log the request body.
If you don't want the request body logged for one $request_uri only,
you can finish handling that in a specific location{} and use a different
access_log there.
f
--
Francis Dalyfran...@daoine.org
need the trailing slash -- or you will need to change
the content to be of the form "catagory/post1.html". That should all be
configurable within wordpress, if anywhere.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
__
ing $fastcgi_script_name without the
> /php-fpm prefix.
That's because your fastcgi_split_path_info pattern does not match -
.php is not followed by / in your rewritten url.
Because of the location{} you are in, it is probably simplest to just
replace the second capture part of that pat
ndition correctly handles all the
> non-existing files.
There is more than one possible try_files configuration; but that does not
matter: if you have a system that works for you, you can keep using it.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
es, but anything that compresses down
to some tens of kB is usually quite quick and easy.
Cheers,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
on the container and was albe to "cat" the "default.conf"
> and the "nginx.conf" files.
Do you do that as the same user/group that you run nginx as?
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
root$fastcgi_script_name) {
> set $fastcgi_script_name_custom "/cms/index.php";
> }
I suspect that it should be possible to do what you want to do there,
with a "try_files". But I do not know the details.
Good luck with it,
f
--
Francis Daly
y this is a requirement from my client.
Sometimes, the correct response to a client requirement is "no".
It is not yet clear to me whether this is one of those times.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
ed
in the redirections.
> could this be related to wordpress?
It could be.
If the "curl" responses show that PHP is involved, then it probably is.
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
your full requirements are much more detailed.
It is worth making sure that you are very clear on what you are trying
to do; otherwise you won't be able to know when you've done it.
Good luck with it,
f
--
Francis Dalyfran...@d
val = ngx_string("http_cookie");
And one final thing - I suspect that the request header "Cookie" will
be presented in the header_in structure under the name "cookie", not
the name "http_cookie". Possibly just making that change will cause your
code to
nfigured correctly, changing name resolution (dns)
so that the FQDN corresponds to the nginx IP address instead of the
tomcat IP address will be a necessary step.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing l
n directive "proxy_ssl" in /home/devel/nginx.conf:14
>
> I’m under the impression that this module is included in the core, but I
> might be wrong. How should go about compiling with the corresponding module
> included?
./configure --help | grep stream
Then add the bits that you
proxy_pass http://haproxy;
}
}
}
===
seems to suggest that nginx does what you want.
So - have you a different config; or is your haproxy not issuing a
"clean" 403, or is something else happening on the wire?
f
--
Francis Dalyfran...@daoine.org
__
quot;
data structure. So the "type" variable is probably NULL, and your code
should do something sensible with that value.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
second argument, allowing for scheme://host to be
added later.)
If you can do without the "proxy_set_header Host" line, then you can
possibly do without proxy_redirect altogether (as in: use "proxy_redirect
default;" implicitly).
f
--
Francis Dalyfran...@d
on fail?
If you can describe that, perhaps someone here will be able to offer
some more direct help.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On Mon, Apr 18, 2016 at 06:37:59PM +0500, Muhammad Yousuf Khan wrote:
Hi there,
> Thanks alot Francis Daly :). the try_file option worked for me and location
> tip also worked but try_file seems more better approach.
I'm glad you got it working for you.
> Btw, can you pleas
g to see, or otherwise work out,
what you have asked nginx to do". Then compare that with what you want
nginx to do.
Good luck with it,
f
--
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
501 - 600 of 1614 matches
Mail list logo