Re: AW: AW: AW: RE: slow https performance compared to http

2016-11-14 Thread adrhc
Lukas Tribus Wrote: --- > > 4 threads and 4 CPU (both for apache and nginx) with 100% CPU load > on test > > So, what's the answer now about the http/https (4600/550) ratio for > the > > specific case I presented? > > It should perform the same

Re: AW: AW: RE: slow https performance compared to http

2016-11-14 Thread adrhc
Lukas Tribus Wrote: --- > That depends: how many nginx workers do you have compared to > how many apache threads and how does your per-core CPU load > look like when benchmarking? > ___ > nginx mailing

Re: listen proxy_protocol and rewrite redirect scheme

2016-09-22 Thread adrhc
I'm just a bit surprised that "port_in_redirect off" does not also work. But that's ok -- I'm often surprised. There's a "if" in src/http/ngx_http_header_filter_module.c which changes port's value from 443 to 0 when on ssl + port initially 443 so https://adrhc.go.ro/ffp_0.7_armv5 would redirect to

Re: Transmission remote GUI proxy_protocol broken header

2016-09-22 Thread adrhc
Hi, here's some clarifications: What is the thing writing to nginx? (stunnel, I think) stunnel according to the setup: Transmission remote GUI:443 -> sshttp:443 -> stunnel:1443 -> nginx:127.0.0.1:443 (no ssl, with listen ... proxy_protocol, port_in_redirect on) How is it configured? [tls] accept

Re: Transmission remote GUI proxy_protocol broken header

2016-09-21 Thread adrhc
Hi, the log come from nginx error log. I simply start the Transmission remote GUI and I get only this in error log: 2016/09/21 10:32:13 [error] 3909#0: *327 broken header: "> :  X,u \kc ; J=ޛXfoVr_<0 , ( $  k j i h 9 8 7 6 2 . * &   = 5 / + ' # 

Re: listen proxy_protocol and rewrite redirect scheme

2016-09-21 Thread adrhc
Indeed the solution might look strange but it works (test it with e.g. https or http ://adrhc.go.ro/ffp). Would be nicer if would exists a variable like let's say $override_ssl which to force nginx consider it run a ssl request with all the consequences. Again I thank you for your support. Posted

Transmission remote GUI proxy_protocol broken header

2016-09-19 Thread adrhc
Hi, while having this setup: nginx-1.11.3 Linux utg353l 4.4.0-36-generic #55-Ubuntu SMP Thu Aug 11 18:01:55 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux Transmission remote GUI:443 -> sshttp:443 -> stunnel:1443 -> nginx:127.0.0.1:443 (no ssl, with listen ... proxy_protocol, port_in_redirect on)

Re: listen proxy_protocol and rewrite redirect scheme

2016-09-17 Thread adrhc
I'm sorry for the babble above but the source of errors are too many. The previous post the problem was php (e.g. phpMyAdmin). The final working setup: src/http/ngx_http_header_filter_module.c: #if (NGX_HTTP_SSL) if (c->ssl || port == 443) { *b->last++ ='s'; } #endif

Re: listen proxy_protocol and rewrite redirect scheme

2016-09-17 Thread adrhc
Hi, I'm sorry for the babble above but there are so many point of failure and the setup is so complex. Last problem was php (e.g. phpMyAdmin). Anyway now really works this way: src/http/ngx_http_header_filter_module.c: #if (NGX_HTTP_SSL) if (c->ssl || port == 443) { *b->last++ ='s'; }

Re: listen proxy_protocol and rewrite redirect scheme

2016-09-17 Thread adrhc
Hi, I'm sorry but I mistakenly claimed to work the patch: #if (NGX_HTTP_SSL) if (c->ssl || port == 443) { *b->last++ ='s'; } #endif In order to work nginx needs this config: server { listen 127.0.0.1:443proxy_protocol; port_in_redirect

Re: listen proxy_protocol and rewrite redirect scheme

2016-09-17 Thread adrhc
Hi, thank you for the hints. Starting from you suggestion I modified src/http/ngx_http_header_filter_module.c like this: #if (NGX_HTTP_SSL) if (c->ssl || port == 443) { *b->last++ ='s'; } #endif and it works! But works hand in hand with this nginx configuration (in

Re: listen proxy_protocol and rewrite redirect scheme

2016-09-17 Thread adrhc
Oh, and I only want this change to apply to servers with "listen ... proxy_protocol" but not otherwise ... Posted at Nginx Forum: https://forum.nginx.org/read.php?2,269623,269640#msg-269640 ___ nginx mailing list nginx@nginx.org

Re: listen proxy_protocol and rewrite redirect scheme

2016-09-17 Thread adrhc
yep, that's exactly my problem: "... but that will not help internally-generated things like the trailing-slash redirect for directories." I'll check your solution though I'm very open for other too :D PS: I do compile my own custom nginx Posted at Nginx Forum:

listen proxy_protocol and rewrite redirect scheme

2016-09-16 Thread adrhc
Hi, I have this setup: the browser request (https on 443) is received by sshttp which sends it to stunnel:1443 which proxy it to nginx:1080. When nginx receives the request it has $scheme = "http"; so, for any rewrite with "permanent" or "redirect" the Location header uses "http" while I really