Re: Nginx - Only handles exactly 500 request per second - How to increase the limit?

500 requests max sounds very much like the default max_requests parameter from PHP-FPM process manager. Btw, the configuration snippet you provided is incomplete (include [...]/*.conf). How can people help you? Have a look at nginx -T. --- *B. R.* On Wed, Jan 24, 2018 at 7:08 AM, Payam Chychi

Re: Multiple certificates in one server block?

Jim already replied with his ECDSA+RSA example in a single server block. You can also serve several names from a single server block. However, I never tested serving a certificate for several domains all served by the same virtual server block. I *suppose* nginx might be clever enough to select

Re: HTTP/405

It would be interesting to amend the flawed RFC to adapt to the real world then, wouldn't it? Much like in any languages, specifications/reference and real world offen differ, but that should me a pretext to ignor the specs are here for a reason: make everyone try to speak the same language and

Re: HTTP/405

How was that 405 generated? Show used configuration please. --- *B. R.* On Fri, Aug 4, 2017 at 7:28 AM, Frank Liu wrote: > https://tools.ietf.org/html/rfc7231#page-59 says: > > ... The origin server MUST generate an >Allow header field in a 405 response containing a

Re: session ticket key rotation

nginx configuration is parsed/analyzed by nginx master process by design. Moreover, TLS configuration is kept at this level if I recall well. Thus, the user your master process use needs to have the rights to access the specified file. To reload nginx configuration, you will indeed need to use

Re: When will primary server come back in http upstream module?

1. 'unavailable' means the server will automatically and temporarily be removed from the pool of servers managed by the upstream (same effect as manually parametering it as down) 2. the fail_timeout parameter documentation of the very section you provided a link to is pretty clear:

Re: killed child process

... and you would end up with connections serving different content (as per different configuration) on the long run, leading potentially to an increased number of problems. How would you shut them down, if not gracefully? If you want to keep long-lived connections open, do not make changes

Re: fastcgi cache background update ssi подзапросов

https://mailman.nginx.org/mailman/listinfo/nginx-ru --- *B. R.* 2017-05-10 19:18 GMT+02:00 Roman Arutyunyan : > Добрый день, > > On Wed, May 10, 2017 at 12:04:39PM -0400, metalfm1 wrote: > > Приветствую! > > > > Директива fastcgi_cache_background_update странно ведёт себя при ssi

Re: upstream - behavior on pool exhaustion

not logging the $upstream_status variable, not $upstream_connect_time, thus have limited information. Could that '-' appear anywhere in the list? --- *B. R.* On Thu, Apr 20, 2017 at 2:58 PM, Ruslan Ermilov <r...@nginx.com> wrote: > On Wed, Apr 19, 2017 at 05:26:17PM +0200, B.R. via nginx wrote: &

Re: upstream - behavior on pool exhaustion

On Wed, Apr 19, 2017 at 10:51 AM, Ruslan Ermilov wrote: > And what about the next request when all of servers are either "down" > or "unavailable"? > To me, all the unavailable servers have been 'tried', ie their state has been checked, as the docs

Re: upstream - behavior on pool exhaustion

be specified. ​Does not that seem reasonable? --- *B. R.* On Mon, Apr 17, 2017 at 6:09 PM, Ruslan Ermilov <r...@nginx.com> wrote: > On Sat, Apr 15, 2017 at 03:55:20AM +0200, B.R. via nginx wrote: > > Let me be clear here: > > I got 6 active servers (not marked down), and th

Re: upstream - behavior on pool exhaustion

in the list)? Moreover, it is confusing, since proxy_pass handles domain names and one could believe nginx treated the upstream group name as such. --- *B. R.* On Fri, Apr 14, 2017 at 10:21 AM, Ruslan Ermilov <r...@nginx.com> wrote: > On Fri, Apr 14, 2017 at 09:41:36AM +0200, B.R. via ng

upstream - behavior on pool exhaustion

Hello, Reading from upstream docs, on upstream pool exhaustion, every backend should be tried once, and then if all fail the response should be crafted based on the one from the last server attempt. So far so good. I

Re: weight and balancing in upstream proxy

Please, enlighten us then. --- *B. R.* On Thu, Apr 13, 2017 at 4:34 PM, Maxim Dounin <mdou...@mdounin.ru> wrote: > Hello! > > On Thu, Apr 13, 2017 at 10:09:16AM +0200, B.R. via nginx wrote: > > > That is an interesting questions as intuitively, people could think the >

Re: weight and balancing in upstream proxy

That is an interesting questions as intuitively, people could think the former behavior applies. If I got the source code right, and as the docs

Re: Windows 1024 Connections Limit

Even though using nginx on Windows goes way over my head (even for development) and/or seing WIndows as any kind of server, I read that Windows Vista+ support the poll (well, actually WSAPoll ) system call. Since XP may now

Re: Mechanism to avoid restarting nginx upon every change

a session information > persist with a reload. Needed a restart > > A > On Sun, 9 Apr 2017 at 21:35, B.R. via nginx <nginx@nginx.org> wrote: > >> You could have got your answer yourself by Reading The... Fine? Manual: >> https://nginx.org/en/docs/control.html >> >>

Re: Mechanism to avoid restarting nginx upon every change

You could have got your answer yourself by Reading The... Fine? Manual: https://nginx.org/en/docs/control.html There are tons of interesting pieces of informations there, by the nature of said docs... ​I suggest you take a look at everything: https://nginx.org/en/docs/​ --- *B. R.* On Sun, Apr

Re: Login-Credentials based redirection?

You could use a map to match proxy_pass URI to user names, and then use a single password file for the auth_basic module. ​This removes the need of having specific location URI for each user, although you could still keep doing it if they are part of your requirements. --- *B. R.* On Fri, Apr 7,

Re: Memory issue

Idea coming right out of the blue: have you given a thought on compiling nginx (+ gradually modules) with valgrind? ​You should know pretty quickly if something is wrong.​ ​Note the slowdown, though. Might not be a good idea on production, or if you do not secure some offload to somewhere else if

Re: Nginx cookie map regex remove + character

On Sat, Apr 1, 2017 at 1:57 PM, Francis Daly wrote: > If you want to match "word character or plus", use something like [\w+]. > ​Defining a pattern over a simple assertion is kinda strange​. '[' & ']' are useless here, since you are not matching several symbols. Use (?\w+)

Re: Configuring a subnet in an upstream server

What would be the meaning of that? How do you route traffic to 192.168.0.0? Do you really want to send requests to 192.168.255.255? How would you handle requests sent to some servers (but not all) if some are not responsive? I suspect what you want to use is dynamic IP addresses for your

Re: Question about custom error pages

RTFM? :o) https://nginx.org/en/docs/http/ngx_http_core_module.html#error_page --- *B. R.* On Tue, Mar 21, 2017 at 11:18 PM, Alex Samad wrote: > Hi > > How would I added custom info to the error page. > > Say like for 400 if its a cert error, how can I add that to the page

Re: OAuth Access token validation

nginx can authenticate users based on subrequests to an identity server, yes, RTFM: https://nginx.org/en/docs/http/ngx_http_auth_request_module.html If you want to use JSON Web Tokens, only the non-FOSS version will be able to help you: https://nginx.org/en/docs/http/ngx_http_auth_jwt_module.html

Re: Reverse proxy problem with an application

This clearly looks like an application problem and not a nginx-related one. nginx does not remove cookies nor, as the configuration snippet you shared suggest, handles authentication. If you use DNS, make sure all requests are served by the instance of nginx you quote, including redirects which

Re: keepalive_requests default 100

I suspect nginx' team chose this value for the very reason it was adapted to the use of Apache (remember that nginx is, since its beginning, largely used as a reverse Web proxy in front of Apache farms). I guess the intent here is to probably mimic Apache behavior by default so adoption of that

Re: Nginx Map how to check value if empty

This kind of logic, as you found out, can be handled in nginx with the help of the proper tools, namely the map module. You are one step away: you can actually program what you require to be feeding the realip module with the HTTP header name you ended up with. Rather than having contiguous maps,

Re: Nginx Map how to check value if empty

That is because it is not: your eyes deceived you having a too quick look at the log line. Your 'empty' variables are actually showing the value '-' in this log line. It probably does not help debugging to have static '-' mixed in the format of your log lines where you put them. --- *B. R.* On

Re: nginx stopping abruptly at fix time (2:00 am) repeatedly on Cent OS 7.2

You did not provide any server block configuration. The configuration snippet you provided is incomplete. Old tickets suggest a link to SPDY, then HTTP/2 options: https://trac.nginx.org/nginx/ticket/626. You might want to reproduce the problem on a configuration as minimalist as possible, using

Re: potential null dereference

If you think you spot a bug, You'd better open a ticket on Trac . You could also talk about development matters on the nginx-devel Mailling List. This is the 'users' ML, centered on use cases/configuration/help

Re: Nginx only sends hostname to syslog.

Correct me if I am wrong, since I probably will. >From what I read , 'host name' aka name of the host is a FQDN in the hostname.domain format ( domain being able to have n level-s). Thus, it seems that setting a FQDN as

Re: Where does $remote_addr come from?

I am curious: apart from a training prospective at code digging, what was the goal? In other words, where did you expect the IP address to come from, if not from a system network socket? Have a nice week-end, --- *B. R.* On Sat, Feb 4, 2017 at 12:02 AM, Paul Nickerson

Re: ssl_protocols & SNI

Any help? --- *B. R.* On Thu, Jan 19, 2017 at 7:07 PM, B.R. <reallfqq-ng...@yahoo.fr> wrote: > There is something strange, though. > > I configured cipher suites with ssl_ciphers with suites from TLSv1.0 & > TLSv1.2 (TLSv1.1 having no specific cipher suites but merely

Re: ssl_protocols & SNI

B. R.* On Thu, Jan 19, 2017 at 3:28 PM, B.R. <reallfqq-ng...@yahoo.fr> wrote: > I acknowledge how that works, although OpenSSL providing more flexibility > over SNI for protocols supporting it would have been appreciated. Too bad. > Thanks Maxim for you always concise and straightforward

Re: ssl_protocols & SNI

dou...@mdounin.ru> wrote: > Hello! > > On Thu, Jan 19, 2017 at 10:04:46AM +0100, B.R. via nginx wrote: > > > Hello, > > > > I tried to overload the value of my default ssl_protocols (http block > > level) in a server block. > > It did not seem to apply the other

ssl_protocols & SNI

Hello, I tried to overload the value of my default ssl_protocols (http block level) in a server block. It did not seem to apply the other value in this virtuel server only. Since I use SNI on my OpenSSL implementation, which perfectly works to support multiple virtual servers, I wonder why this

Re: nginx upstream source ip address

You can make nginx listen on 2 IP addresses with 2 listen directives. Or make it listen on all addresses if you wish. For your upstream, configure an upstream block with those 2 IP addresses and make a proxy_pass pinting to it. --- *B. R.* On Sat, Nov 12, 2016 at 4:25 AM, Michael Power

Re: Pre-compressed (gzip) HTML using fastcgi_cache?

$http_accept_encoding gets the value of the HTTP Accept-Encoding header. This might vary depending on the client being used, unless you control them and their value. Thus, the same request being made with a different (set of) value(s) in this header will generate another key. If you simply want

Re: Dynamically Reload Map

nginx parses configuration as a whole, either on start or on HUP signal. Your map is part of the configuration (separating it in multiple files does not change the fast everything is being merged before being statically interpreted/compiled), thus you need to signal the master process whenever

Re: Nginx old worker process not exiting on reload

RTFM? http://nginx.org/en/docs/control.html --- *B. R.* On Sat, Oct 8, 2016 at 7:34 AM, Sharan J wrote: > Hi, > > Is there a way to prevent this? Is there any other way to kill such > process without the need for rebooting the machine. > > Thanks, > Santhakumari > > On Wed,

Re: How to enable OCSP stapling when default server is self-signed?

Considering your rather old version of nginx coming from Ubuntu packages, I suggest you use the lastest stable, officially available on nginx.org . Not related to your issue, but should not hurt (except with regressions ofc ;) ). --- *B. R.* On

Re: 444 return code and rate limiting

If you are to quote what you call documentation, please use some real one: http://nginx.org/en/docs/http/request_processing.html#how_to_prevent_undefined_server_names What I said before remains valid: accepting connection, reading request & writing response use resources, by design, even if you

Re: 444 return code and rate limiting

Responding 444 is... a response. It is not anything else than a (non-standard, thus 'unknown', just like 499 nginx chose to illustrate client-side premature disconnection) HTTP status code as any other. Some speedup might come from using return instead of doing further processing, but there is

Re: nginx reverse proxy causing TCP queuing spikes

It is most probably a question more suitable to some Odoo ML. --- *B. R.* On Sun, Sep 25, 2016 at 2:50 AM, Grant wrote: > > I've been struggling with http response time slowdowns and > > corresponding spikes in my TCP Queuing graph in munin. I'm using > > nginx as a

Re: how to get common name from client cert in TLS connection instead of HTTPS

It seems the variable you are refering to belongs to the ngx_http_ssl_module, suitable for HTTPS, not in the ngx_stream_ssl_module, suitable for generic TLS. --- *B. R.* On Fri, Sep 16, 2016 at 5:19 AM, Albert Zhang wrote: > how to get common name from client cert in TLS

Re: How to disable request pipelining on nginx upstream

On Thu, Sep 15, 2016 at 11:12 PM, hkahlouche wrote: > Can you please confirm, if no new request is sent to the upstream before > the > entire response is received for the ongoing request (ongoing request > finished)? > In other words, is possible that upstream module

Re: Keeping your Nginx limit_* Anti-DDoS behind CloudFlare's servers

On Wed, Sep 14, 2016 at 2:23 PM, c0nw0nk wrote: > Yeah the reason it does not work behind CloudFlare is because the > limit_conn > and limit_req is blocking the CloudFlare server IP for making to many > requests. So that is why i am reciving the DOS output "503

Re: Keeping your Nginx limit_* Anti-DDoS behind CloudFlare's servers

You were just told the best way to get a meaningful $binary_remote_addr variable using CloudFlare, with the added bonus of a list of network ranges to use with set_real_ip_from to only filter out CloudFlare's IP addresses as sources to be repalced and avoid false positives. Using the

Re: nginx not returning updated headers from origin server on conditional GET

>From what I understand, 304 answers should not try to modify headers, as the cache having made the conditional request to check the correctness of its entry will not necessarily update it: https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.5. The last sentence sums it all: '*If* a

Re: limit-req and greedy UAs

You could also generate 304 responses for content you won't provide (cf. return). nginx is good at dealing with loads of requests, no problem on that side. And since return generates an in-memory answer by default, you won't be hammering your resources. If yo uare CPU or RAM-limited because of

Re: add_header Set-Cookie The difference between Max-Age and Expires

I just hope that code won't be used by the owner of wwwooowww.wtf for example. --- *B. R.* On Sat, Sep 10, 2016 at 2:46 PM, c0nw0nk wrote: > Just fixed my problem completely now :) > > For anyone who also uses Lua and wants to overcome this cross browser >

Re: multi server addresses appear in variable $upstream_addr which was not supposed to

The docs say multiple servers might be contacted: $upstream_addr Upstream groups are used to tolerate errors on some responses (and replay the request somewhere else): upstream

Re: No HTTPS on nginx.org by default

. R.* On Thu, Aug 25, 2016 at 10:44 AM, Maxim Konovalov <ma...@nginx.com> wrote: > On 8/24/16 10:59 PM, B.R. wrote: > > HTTPS was supported, but internal links were systematically served > > over HTTP. > > Right -- this happens because long time nginx.org was HTTP

Re: how to completely disable request body buffering

fastcgi_request_buffering does deactivate request buffering from what I understand from the docs. client_body_buffer_size is said to be useful/used only when the previous directive is activated. >From what I read it seems your configuration attempts failed to load or to be activated where needed.

Re: keep-alive to backend + non-idempotent requests = race condition?

What about marking the upstream servers you want to update as 'down' in their pool, reloading the configuration (HUP signal, gracefully shutting down old workers), and waiting for the links to those servers to be clear of any activity? ​Then upgrade and reintegrate updated servers in the pool

Re: No HTTPS on nginx.org by default

HTTPS was supported, but internal links were systematically served over HTTP. Without considering any religion, this problem is now fixed. As per your political decision on serving content (un)encrypted, it is *in fine* your choice and it has been noted. Power users already knew about HTTPS

Re: Too many open files when reloading - Debian Jessie

... or get rid of systemd and its habit of doing everything in-house and being often not compatible with 3rd-party mechanisms. ​Not​ nginx-relatedn though. --- *B. R.* On Wed, Aug 24, 2016 at 1:36 PM, beatnut wrote: > I've just found a solution described here >

Re: No HTTPS on nginx.org by default

> > On Mon, Aug 22, 2016 at 6:49 PM, Maxim Konovalov <ma...@nginx.com> wrote: > On 8/22/16 7:41 PM, B.R. wrote: > > In 2016, stating that content served over HTTP is 'secure' blows my > > mind and kills your credibility. > > > Who did that? What's his name

Re: Return proper status codes (404, 302) from client-side Single Page Application

Sending 404 allows providing body content, and displaying beautiful pages is not restricted to 200. Thus, I do not get the 200 status sent to clients. My suggestion would be sending the same HTTP status code to everyone, choosing the most semantically correct in doing so. We are drifting away

Re: Return proper status codes (404, 302) from client-side Single Page Application

I find it strange you oppose HTTP 404 with 'a proper status code': 404 is a 'proper' status code. I find it even stranger you want to lie to search engines crawlers about the existence of your resource. That said, you can craft/modify upstream requests in the proxy module with directives such as:

Re: Configuring nginx for both static pages and fcgi simultaneously

I disagree: it is a good feature to check for script file existence before calling PHP on it with something like: try_files [...] =404; It helps mitigating attacks by avoiding to pave the way to undue files being interpreted. That only works if the filesystem containing PHP scripts is accessible

Re: Nginx static file serving - Some files are 404, some not

location / only means 'a location which starts with /'. Basically, this catches every single request, and is the least specific way (lowest precedence ever) to do so. When choosing the most suitable location block, nginx will most of the time use a more specific one. That is why this is called

Re: Order of execution of nginx filters

AFAIK you do not control the order of filters, and when you are building a filter, you deal with data on-the-fly, which means your filter might be invoked with a partial response coming from other filters. Moreover, the module needs to 'win' its selection on a specific event. I suggest you read

Re: Understanding caching

To add to Francis' answer, browsers might not respect server specification for expiration. must-revalidate however forces the browser to check the expiration of the resource before attempting of really load it again from the server. Read:

Re: Master process on reload

Thanks Maxim! Helpful and concise as always. :o) --- *B. R.* On Wed, Jun 29, 2016 at 7:38 PM, Maxim Dounin <mdou...@mdounin.ru> wrote: > Hello! > > On Wed, Jun 29, 2016 at 07:04:48PM +0200, B.R. wrote: > > > Kind of basic question about nginx behavior here. >

Re: Differing ocsp responses

nginx workers are recreated on reload (read http://nginx.org/en/docs/control.html#reconfiguration), nothing can thus remains from past cache at this level. --- *B. R.* On Wed, Jun 29, 2016 at 6:26 PM, itpp2012 wrote: > CJ Ess Wrote: >

Master process on reload

Hello, Kind of basic question about nginx behavior here. On the docs page http://nginx.org/en/docs/control.html, it is said : > HUP -> changing configuration, keeping up with a changed time zone (only > for FreeBSD and Linux), starting new worker processes with a new > configuration, graceful

Re: Is there an original source linking Qualys report codes to codes in nginx configuration?

nginx deals with an underlying library to manage TLS-ciphered content. The webserver merely sends configuration data to it on startup/reload and uses this library to do the actual (en/de)ciphering job. The one officially supported is OpenSSL, for which cipher strings and cipher suites are listed

Re: Why set keepalive_timeout to a short period when Nginx is great at handling them?

There is no downside on the server application I suppose, especially since, as you recalled, nginx got no trouble for it. One big problem is, there might be socket exhaustion on the TCP stack of your front-end machine(s). Remember a socket is defined by a triple and the

Re: error log truncates important infos

PHP-FPM allows generating its own log files. The default behavior of having errors sent back the FastCGI tube can be overridden with proper error logging on PHP-FPM side. 2048 bytes for each line of log is more than enough on the web server side. Do your homework: read the PHP docs. If you are

Re: Mapping non-empty $query_string

Are you sure your requests are processed by the right block? Are you sure the configuration is being loaded? Since v1.9.2, you can use the -T command-line parameter to show loaded configuration. On reloading configuration by sending the HUP signal, ensure there is no error message popping up in

Re: Reverse proxy tuning

RTFM: - upstream module (specifically the server directive) - *_next_upstream & *_*_timeout directives, for each backend communication module and type of timeout ​The

Re: Issue with HTTP/2 and async file upload from Safari on iOS

The problem is, if (s)he is using the official packages, he will get the updates of the mainline channel, thus differing more and more from the stable channel which is supposed to be cheaper on features but with usable ones. My 2 cents, --- *B. R.* On Mon, Jun 6, 2016 at 12:05 PM, Maxim

Re: Problem

xD Maxim. I would have put 'hopefully' along with 'surprisingly' though... just to convince myself such dumbness is marginal. To li...@lazygranch.com, nginx version can already be removed with the help of the server_tokens

Re: forward data from orginal IP to a new IP

It seems the lock lies in the fact there is no generic way for the listen directive to specify multiple ports, so you are stuck with that much server blocks. Now, you could use the $server_port variable in the proxy_pass directive, but that brings no real improvement. You could use configuration

Re: HTTP not working / downloads 57 byte small file

There is little to nothing anyone can do with such a message. Details? Version? Configuration? Leanest example possible to reproduce the problem? Anything allowing people to help you... and encouraging them to get the the will to do so. http://www.catb.org/esr/faqs/smart-questions.html --- *B.

Re: Поддерживает ли Nginx прозрачный прокси?

Hello, This Mailing List is intended to be written to in english. You have a russian ML available dedicated for its use: http://nginx.org/en/support.html ​Have a nice day,​ --- *B. R.* 2016-05-09 11:40 GMT+02:00 Yuriy Medvedev : > Конечно умеет, Вам нужно настроить nginx

Re: Replace apache with nginx

There is plenty of information around here for you to start. Instead of coming here for pre-cooked recipes, you should show you at least tried... You could read the docs

Re: Trailing Slash redirection poblem

So these opposite redirection rules are fighting each other and are the source of your problem, which Francis helped you to alleviate. Sit back, grab an erasable whiteboard, scratch your head and think about your website's design: both rules probably have their use in their own corner, but you

Re: Redirect /login to /

location = / { proxy_pass $scheme://$host/login; } ? --- *B. R.* On Thu, Apr 21, 2016 at 2:56 PM, Geo P.C. wrote: > I have a wordpress site in which be default while accessing wp.geo.com it > goes to login page wp.geo.com/login/ . > > But what i need when i access

Re: load balancing % available

As per the docs, I do not see a mean of doing what you wish directly in an upstream block. That cut-off might be a feature request you could post on their bug tracker. In the meanwhile, you might parse data about servers from an upstream group on a status page you would have configured. However,

Re: upstream member liveness

Waow. I am off-topic, but Valentin I shall note you are showing a great deal of patience. Without any doubt your interlocutor will be glad and thankful for it, and will demonstrate it as good as when he (quickly) becomes upset. Btw, I do not know any Captain Evidence, only Captain Obvious. ---

Re: Does "include" use the "configuration prefix" or the "path prefix"?

I found some bits: prefix is explained on the command-line parameters docs page and, in a little more vebose fashion, in an nginx.com tutorial , probably thanks to Rick Nelson.

Re: TLS/SSL Cache Automatic Purge

d I guess the docs <http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_timeout> have all your answers. --- *B. R.* On Mon, Apr 11, 2016 at 3:31 PM, Maxim Dounin <mdou...@mdounin.ru> wrote: > Hello! > > On Mon, Apr 11, 2016 at 01:23:02PM +0200, B.R. wrote: > &

Re: Error 404 if url contains "star"

The only way to know would have been to have a look at the processes table before killing everyone and restarting. If you nginx through the package management of your distribution and service scripts to manage nginx processus, there is little-to-no chance you got multiplt nginx masters running. It

Re: proxy_read_timeout vs proxy_next_upstream_timeout

Those directives works at very different levels. proxy_next_upstream_timeout allocates a time for nginx to find a proper upstream (configured with proxy_next_upstream

limit_req_status & limit_conn_status code

Following RFC 6585 , there is a HTTP status code for 'too many requests', which applies well to the nginx module limiting requests, and by extension to the module limiting connections. Having in mind changing default values is somewhat tricky regarding

Re: mod_rewrite with Nginx?

Copy-pasting configuration of using pre-cooked one is always a bad idea since you do not understand what you are dealing with. The same applies to automatic conversion tools since the paradigm behind the Apache Web server is totally different from the one from nginx: there is no one-to-one

Re: Homepage cache and cookies

Make sure you test this unexpected behavior with a minimal, reproducible configuration. If you succeed, please share it or (even better!) fill a bug report . Otherwise, that meant you probably did something Wrong. ​You were previously saying proxy_hise_headers did not

Re: simple auth question for nested sections

Thanks Maxim for your lights! Please discard all the crap I wrote before and apologies to Jonathan, then. :oP --- *B. R.* On Thu, Mar 24, 2016 at 6:27 PM, Maxim Dounin <mdou...@mdounin.ru> wrote: > Hello! > > On Thu, Mar 24, 2016 at 06:17:44PM +0100, B.R. wrote: > > >

Re: How do I install module Rate Limit

The ngx_http_limit_req_module module is built as part of nginx core: every nginx binay has it. You thus do not need to do anything. --- *B. R.* On Thu, Mar 24, 2016 at 4:47 AM, roslui12 wrote: > Hello

Re: nginx seems to just be serving default page

Have you checked your configuration has been loaded properly? Most probably, either: - your configuration is not loaded: check it with the -t nginx option, then check your error log on reload to spot any message there - your configuration file is not used, the default one is (you might ensure you

Re: sites overlap in a EC2 server

Looks good, although you did not provide the whole configuration file (or chain if there are some include directives). You can test your configuration with nginx -t. On reload command, check the error logfile for errors. How do you 'enable' or 'disable' a domain? What tests are you doing? What

Re: Nginx proxy_path key zone

I suppose you are talking about the proxy_cache_path directive. Its docs state you are defining the size of a *shared memory zone*, most probably allocated by the master process at configuration loading time and then

Re: nginx 1.9.12 proxy_cache always returns MISS

Although you stated you problem was resolved, you need to understand what you are configuring/testing. In the first message you posted, the first response URL using the cache (starting with '/kuriyamacache') did not correspond to the alleged request headers' URL ('thumbnail_0' vs 'thumbnail_1'),

Re: HTTP/2 and HTTPS

RTFM (listen directive)? :o) --- *B. R.* On Tue, Mar 15, 2016 at 12:39 AM, Roswebnet wrote: > Thank you for your fast response. > > However, could you please provide an example of "IP on the listen >

Re: HTTP/2 roadmap

On Sat, Mar 12, 2016 at 2:09 PM, Phil Lello wrote: > > Given that the current state of HTTP/2 support in browsers seems to be > forcing the use of TLS, it seems that the opportunity for proxies to kick > in is relatively limited. > ​Why could not proxies​ ​be used with

Re: Is there a length limitation on file extensions?

Are you sure this configuration gets loaded (nginx -t OK, no error on configuration -re-loading)? You could try to replace your types block with an empty one (to override defaults if they are defined at upper level, or simply remove them) and add the following directive: default_type

Re: TCP Connection

You have been told to use the info error_log level, which is not set (defaults to error). ​Make sure no other error_log directive might overwrite this one.​ --- *B. R.* On Fri, Mar 4, 2016 at 7:12 PM, Giulio Loffreda wrote: > Still having no luck. > No log is generated.

Re: TLS session resumption (identifier)

On Fri, Mar 4, 2016 at 11:19 AM, Igor Sysoev wrote: > Sorry, I meant there is no performance difference between “none” and “off” > settings. > ​Well, the client believes he should remember every session ID and store it somewhere for nothing, reading/resending/writing it on every

  1   2   3   4   >