Nginx Forum

статика по HTTPS не даёт 304 Not Modified (no replies)

ha.ppy.neko — Wed, 16 May 2012 14:30:00 -0400

Добрый день.

Задача: отдавать nginx'ом статичные html файлы по HTTPS так, чтобы
браузер максимально долго их кэшировал.

Делаю простейший конфиг:

location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|pdf|ppt|txt|bmp|rtf|js|html)$ {
root /www/test;
add_header Cache-Control public;
expires max;
}

и в случае HTTP получаю ожидаемый результат: первый запрос от браузера
200 OK со страницей, на последующие обновления страницы 304 Not
Modified от nginx'а. Стоит только включить HTTPS (ssl on;) как после
каждого рефреша получаю в ответ 200 OK вместе со всей страницей.
Проверял в chrome.

Подскажите, куда смотреть?
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru

systemd and nginx custom script (2 replies)

Jamie Nguyen — Wed, 16 May 2012 16:06:01 -0400

Hi, I am co-maintainer for nginx Fedora package. We would like to
upstream our systemd service file. Could you consider including it in
the nginx tarball?

In other projects (e.g. rsyslog, mpd) the service file is only
installed if "--with-systemdsystemunitdir=/usr/lib/systemd/system" was
passed to the configure script. The service file we currently use
should work universally across systems using systemd:

$ cat /lib/systemd/system/nginx.service
[Unit]
Description=A high performance web server and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/usr/sbin/nginx -s reload
ExecStop=/usr/sbin/nginx -s quit
PrivateTmp=true

[Install]
WantedBy=multi-user.target

Most distributions implement a "zero-downtime upgrade" option in their
initscript. This cannot currently be implemented in systemd, so I
implemented it in a separate script. I paste the script below for
possible inclusion in http://wiki.nginx.org/CommandLine (Perhaps you
might even consider including this script (or something similar) in
the nginx tarball as it would be helpful for systems using systemd.)

#!/bin/sh
[ ! -f /run/nginx.pid ] && exit 1
echo "Start new nginx master..."
/bin/systemctl kill --signal=USR2 nginx.service
sleep 5
[ ! -f /run/nginx.pid.oldbin ] && sleep 5
if [ ! -f /run/nginx.pid.oldbin ]; then
echo "Failed to start new nginx master."
exit 1
fi
echo "Stop old nginx master gracefully..."
oldpid=`cat /run/nginx.pid.oldbin 2>/dev/null`
/bin/kill -s QUIT $oldpid 2>/dev/null

Kind regards,
Jamie

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

nginx 1.2: static file truncated with HTTP status code 200 (2 replies)

mengqy — Wed, 16 May 2012 10:18:01 -0400

We've been running nginx 1.1.18, 1.1.19, 1.2.0, with both HTTP/HTTPS enabled. Our static files are loaded from nginx root, but since 1.1.18 $request_time of static files some times gets 10+ seconds, recardless the actual file size. Various optimizing were tried with little gain, and the problem seems irrelavent to browsers as of access log. With 1.2.0 we just noticed that access log shows file truncating with HTTP status code 200. Looking forward to your help, thank you.

------------------
Log format:
------------------

log_format main '$remote_addr - $remote_user [$time_local] [$request_time] [$upstream_response_time] "$request" $request_length ' ' $status $upstream_addr $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"';

---------------------
access log:
---------------------

27.129.164.208 - - [16/May/2012:06:44:12 +0800] [15.511] [-] "GET /mgt/images/v3/common/f4.gif?v=6 HTTP/1.1" 950 200 - 57756 "http://x.x.x/mgt/frame.jsp?url=RA9" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; 360SE)" "-"
27.129.164.208 - - [16/May/2012:06:45:33 +0800] [11.194] [-] "GET /mgt/images/v3/common/f4.gif?v=6 HTTP/1.1" 950 200 - 106455 "http://x.x.x/mgt/frame.jsp?url=RA9" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; 360SE)" "-"

$ ls -l /var/www/html/mgt/mgt/images/v3/common/f4.gif
-rw-r--r-- 1 root root 106455 2012-04-20 23:09 /var/www/html/mgt/mgt/images/v3/common/f4.gif

Actual file size is 106455 bytes, yet the first log shows 57756 bytes.

-----------------
System info:
-----------------

$ uname -a
Linux debian 2.6.26-1-amd64 #1 SMP Sat Jan 10 17:57:00 UTC 2009 x86_64 GNU/Linux

CPU: Intel(R) Xeon(TM) CPU 3.00GHz * 2, 8 cores.

$ nginx -V
nginx version: nginx/1.2.0
built by gcc 4.3.2 (Debian 4.3.2-1.1)
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx --user=www-data --group=www-data --with-http_ssl_module --with-cpu-opt=CPU --with-http_stub_status_module --with-pcre --add-module=../nginx-sticky-module-1.0

-----------------------
nginx.conf:
-----------------------

user www-data www-data;
worker_processes 16;
error_log /var/log/nginx/error.log error;
pid logs/nginx.pid;
worker_rlimit_nofile 65535;

events {
use epoll;
worker_connections 4096;
epoll_events 1024;
accept_mutex off;
}
http {
include mime.types;
default_type application/octet-stream;
charset utf-8;

server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;

client_max_body_size 300m;
client_body_buffer_size 512k;

open_file_cache max=10000 inactive=300s;
open_file_cache_valid 300s;
open_file_cache_min_uses 1;
open_file_cache_errors on;

gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;

log_format main '$remote_addr - $remote_user [$time_local] [$request_time] [$upstream_response_time] "$request" $request_length ' ' $status $upstream_addr $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;
tcp_nopush on;
tcp_nodelay on;

upstream mgt_tomcats {
sticky path=/;
server 192.168.0.40:8080 max_fails=2 fail_timeout=60s;
server 192.168.0.45:8080 max_fails=2 fail_timeout=60s;
keepalive 64;
}

server {
listen x.x.x.x:80;
include common.conf
}

server {
listen x.x.x.x:443;
ssl on;
ssl_certificate server.crt;
ssl_certificate_key server.key;

ssl_session_timeout 5m;
ssl_session_cache shared:SSL:10m;

ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

include common.conf

# snip, snip, other configurations
}
}
----------------------
common.conf:
----------------------
keepalive_timeout 10;

server_name x.x.x;
root /var/www/html/mgt;

proxy_connect_timeout 60;
proxy_read_timeout 60;
proxy_send_timeout 10;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;

proxy_http_version 1.1;
proxy_set_header Connection "";

proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header User-Agent;

location ~* ^/(mgt|Apps|mgt-system)/(image|styles|scripts)/ {
expires 30d;
if (!-e $request_filename) {
proxy_pass http://mgt_tomcats;
break;
}
}

[nginx] svn commit: r4638 - in trunk/src/http: . modules (no replies)

Anonymous User — Wed, 16 May 2012 09:28:01 -0400

Author: ru
Date: 2012-05-16 13:27:04 +0000 (Wed, 16 May 2012)
New Revision: 4638
URL: http://trac.nginx.org/nginx/changeset/4638/nginx

Log:
Zero padded the returned and logged HTTP status code, and fixed possible
buffer overrun in $status handling.

Modified:
trunk/src/http/modules/ngx_http_log_module.c
trunk/src/http/ngx_http_header_filter_module.c

Modified: trunk/src/http/modules/ngx_http_log_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_log_module.c 2012-05-16 13:22:03 UTC (rev 4637)
+++ trunk/src/http/modules/ngx_http_log_module.c 2012-05-16 13:27:04 UTC (rev 4638)
@@ -205,7 +205,7 @@
{ ngx_string("msec"), NGX_TIME_T_LEN + 4, ngx_http_log_msec },
{ ngx_string("request_time"), NGX_TIME_T_LEN + 4,
ngx_http_log_request_time },
- { ngx_string("status"), 3, ngx_http_log_status },
+ { ngx_string("status"), NGX_INT_T_LEN, ngx_http_log_status },
{ ngx_string("bytes_sent"), NGX_OFF_T_LEN, ngx_http_log_bytes_sent },
{ ngx_string("body_bytes_sent"), NGX_OFF_T_LEN,
ngx_http_log_body_bytes_sent },
@@ -593,7 +593,7 @@
status = 0;
}

- return ngx_sprintf(buf, "%ui", status);
+ return ngx_sprintf(buf, "%03ui", status);
}

Modified: trunk/src/http/ngx_http_header_filter_module.c
===================================================================
--- trunk/src/http/ngx_http_header_filter_module.c 2012-05-16 13:22:03 UTC (rev 4637)
+++ trunk/src/http/ngx_http_header_filter_module.c 2012-05-16 13:27:04 UTC (rev 4638)
@@ -445,7 +445,7 @@
b->last = ngx_copy(b->last, status_line->data, status_line->len);

} else {
- b->last = ngx_sprintf(b->last, "%ui", status);
+ b->last = ngx_sprintf(b->last, "%03ui", status);
}
*b->last++ = CR; *b->last++ = LF;

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

[nginx] svn commit: r4637 - in trunk/src/http: . modules (no replies)

Anonymous User — Wed, 16 May 2012 09:24:01 -0400

Author: ru
Date: 2012-05-16 13:22:03 +0000 (Wed, 16 May 2012)
New Revision: 4637
URL: http://trac.nginx.org/nginx/changeset/4637/nginx

Log:
Capped the status code that may be returned with "return" and "try_files".

Modified:
trunk/src/http/modules/ngx_http_rewrite_module.c
trunk/src/http/ngx_http_core_module.c

Modified: trunk/src/http/modules/ngx_http_rewrite_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_rewrite_module.c 2012-05-16 13:14:53 UTC (rev 4636)
+++ trunk/src/http/modules/ngx_http_rewrite_module.c 2012-05-16 13:22:03 UTC (rev 4637)
@@ -485,6 +485,12 @@

} else {

+ if (ret->status > 999) {
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "invalid return code \"%V\"", &value[1]);
+ return NGX_CONF_ERROR;
+ }
+
if (cf->args->nelts == 2) {
return NGX_CONF_OK;
}

Modified: trunk/src/http/ngx_http_core_module.c
===================================================================
--- trunk/src/http/ngx_http_core_module.c 2012-05-16 13:14:53 UTC (rev 4636)
+++ trunk/src/http/ngx_http_core_module.c 2012-05-16 13:22:03 UTC (rev 4637)
@@ -4662,7 +4662,7 @@

code = ngx_atoi(tf[i - 1].name.data + 1, tf[i - 1].name.len - 2);

- if (code == NGX_ERROR) {
+ if (code == NGX_ERROR || code > 999) {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid code \"%*s\"",
tf[i - 1].name.len - 1, tf[i - 1].name.data);

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

[nginx] svn commit: r4636 - trunk/src/http/modules (no replies)

Anonymous User — Wed, 16 May 2012 09:16:00 -0400

Author: ru
Date: 2012-05-16 13:14:53 +0000 (Wed, 16 May 2012)
New Revision: 4636
URL: http://trac.nginx.org/nginx/changeset/4636/nginx

Log:
Added syntax checking of the second parameter of the "split_clients" directive.

Modified:
trunk/src/http/modules/ngx_http_split_clients_module.c

Modified: trunk/src/http/modules/ngx_http_split_clients_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_split_clients_module.c 2012-05-16 13:09:39 UTC (rev 4635)
+++ trunk/src/http/modules/ngx_http_split_clients_module.c 2012-05-16 13:14:53 UTC (rev 4636)
@@ -138,6 +138,13 @@
}

name = value[2];
+
+ if (name.len < 2 || name.data[0] != '$') {
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "invalid variable name \"%V\"", &name);
+ return NGX_CONF_ERROR;
+ }
+
name.len--;
name.data++;

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

[nginx] svn commit: r4635 - in trunk/src: core http/modules/perl (no replies)

Anonymous User — Wed, 16 May 2012 09:10:01 -0400

Author: ru
Date: 2012-05-16 13:09:39 +0000 (Wed, 16 May 2012)
New Revision: 4635
URL: http://trac.nginx.org/nginx/changeset/4635/nginx

Log:
Version bump.

Modified:
trunk/src/core/nginx.h
trunk/src/http/modules/perl/nginx.pm

Modified: trunk/src/core/nginx.h
===================================================================
--- trunk/src/core/nginx.h 2012-05-15 14:24:09 UTC (rev 4634)
+++ trunk/src/core/nginx.h 2012-05-16 13:09:39 UTC (rev 4635)
@@ -9,8 +9,8 @@
#define _NGINX_H_INCLUDED_

-#define nginx_version 1003000
-#define NGINX_VERSION "1.3.0"
+#define nginx_version 1003001
+#define NGINX_VERSION "1.3.1"
#define NGINX_VER "nginx/" NGINX_VERSION

#define NGINX_VAR "NGINX"

Modified: trunk/src/http/modules/perl/nginx.pm
===================================================================
--- trunk/src/http/modules/perl/nginx.pm 2012-05-15 14:24:09 UTC (rev 4634)
+++ trunk/src/http/modules/perl/nginx.pm 2012-05-16 13:09:39 UTC (rev 4635)
@@ -50,7 +50,7 @@
HTTP_INSUFFICIENT_STORAGE
);

-our $VERSION = '1.3.0';
+our $VERSION = '1.3.1';

require XSLoader;
XSLoader::load('nginx', $VERSION);

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Problems with hotlink (no replies)

vodoley213 — Wed, 16 May 2012 07:05:10 -0400

While fighting with hotlink there is ONE big problem.

Nginx did not always correctly handle the allowed websites (such as feedburner images.google.com, etc.). Sometimes nginx redirects people to "nohotlinking.png" (see the code below) on the allowed websites and even on main website.

Any ideas?

The code:
location ~ \.(gif|png|jpg|jpeg)$ {
valid_referers none blocked server_names ~\.google\. ~\.bing\. ~\.yahoo\.
images.google.com ~\.feedburner.com;

expires 96h;
if ($invalid_referer) {
rewrite .* http://image-hosting.com/nohotlinking.png redirect;
}
}

[ANN] ngx_openresty devel version 1.0.15.5 released (no replies)

agentzh — Wed, 16 May 2012 06:54:01 -0400

Hi, folks!

After three days' active development, I'm happy to announce the new
development release of ngx_openresty, 1.0.15.5:

http://openresty.org/#Download

Below is the change log for this release:

* upgraded LuaJIT to 2.0.0beta10.

* see changes here: http://luajit.org/changes.html

* feature: added the "--with-luajit-xcflags=FLAGS" option to
"./configure" to add more C compiler options to LuaJIT's build
system.

* upgraded LuaNginxModule to 0.5.0rc28.

* bugfix: ngx.req.socket() did not honor the "Expect:
100-continue" request header and could hang. thanks Matthieu
Tourne for the patch in pull request #107.

* bugfix: the ngx.req.socket() object (i.e., the downstream
cosocket object) did not work with HTTP 1.1 pipelined
requests at all.

* bugfix: the ngx.req.socket() object might lose the last part
of the request body when receiving data. this regression had
appeared in v0.5.0rc25. thanks Matthieu Tourne for reporting
it.

* feature: detailed backtraces (Lua callstack) will be
automatically printed to "error.log" when the user Lua code
is interrupted by Lua exceptions. thanks Matthieu Tourne for
the patch in pull request #107.

* optimize: removed dead code found by Simon Liu via
scan-build.

* upgraded RdsCsvNginxModule to 0.05rc2.

* bugfix: the output buffer size would get wrong when the
"affected_rows" field is larger than a single-digit number.
thanks Wendal Chen for reporting this by using clang.

* upgraded LuaRestyStringLibrary to 0.06.

* added new Lua module "resty.random" that implements secure
random and pseudo-random string generators. thanks Chase
Colman for the patch.

* added new Lua module "resty.aes" that exposes the AES
submodule of OpenSSL via LuaJIT FFI. thanks Chase Colman for
the patch.

The HTML version for this change log can be seen here:

http://openresty.org/#ChangeLog1000015

Special thanks go to all our contributors and users for helping make
this happen :)

OpenResty (aka. ngx_openresty) is a full-fledged web application
server by bundling the standard Nginx core, lots of 3rd-party Nginx
modules, as well as most of their external dependencies. See
OpenResty's homepage for more details:

http://openresty.org/

Have fun!
-agentzh

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Preventing hotlinking at "http" level, not server by server.. (no replies)

pk899 — Wed, 16 May 2012 06:22:41 -0400

Hi. There are many code samples on the web for simple hotlinking.

I have some questions on how to do this in a better way, and all my trial code has not worked, so hope some Nginx guru here can help.

Here's what I am looking for:

1. Firstly, I would like the blocking to happen at a server-wide level. Nginx is on a dedicated server, and there are many "server" vhost tags in a folder. I prefer not to have to write the blocking code for every server individually. Is this possible at an "http" level? What's the code for that.

2. Secondly, I have about 35 domains and many subdomains. I don't want them to be in one long line. But all my "vhost" server tags are inside a directory. Can I somehow specify Nginx to allow all those domains whose server definitions are in a folder? (/etc/nginx/vhosts)

3. Will the "IF" condition slow down my Nginx? I remember reading that Nginx does not like IF conditions.

4. I want to allow some additional domains like Google and Facebook and Pinterest. What's a good way to include this in the allowable list.

5. Finally, if I do have to include this directive in each "server" block for each of my domains, can I at least bundle the commands for these type of files as such:

`------
location ~* \.(png|gif|jpg|jpeg|swf|ico|)$ {
expires 7d;
try_files $uri @backend;

valid_referers none blocked site.com mysite.com ~\.google\. ~\.yahoo\. ~\.bing\. ~\.facebook\. ~\.fbcdn\.;
if ($invalid_referer) {
return 403;
}

}
------`

Thanks!

Nginx Reverse Proxy to LAMP server phpmyadmin access (1 reply)

Carlos — Wed, 16 May 2012 08:32:38 -0400

Hi all.

I have been looking for this answer but I have not been able to do so.

I have a server with Nginx as a reverse proxy and want it to redirect my http://domain.com/phpmyadmin to a different LAMP server which host phpmyadmin.

Somehow my configuracion is not working:

server {
listen 80;
server_name DOMAIN.COM;

location / {
proxy_pass http://LAMP;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

location /phpmyadmin {
proxy_pass http://LAMP/phpmyadmin;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

Can anybody please guide me?

Thank you in advance.

alias+ try_files (26 replies)

Дмитрий Жильцов — Wed, 16 May 2012 18:32:01 -0400

Здравствуйте!

Возникла проблема при использовании alias и try_files

Что имеем:
1. Конфиг

location /static/thmb {
location
~^/static/thmb/singer/(?P[^/]+)/(?P[^/]+)$
{
add_header Content-Type "image/png";
alias
/var/www/thmb/singer/$ThumbResolution/$SingerName.png;
#error_page 404 =200 @defaultsinger;
try_files $uri ../../default/mdpi;
}
}

2. в каждом каталоге /var/www/thmb/singer/$ThumbResolution/ лежит
файл default.png который должен отдаваться в случае исли
запрашиваемого файла нету.

Я привёл конечный конфиг, как только не пробывал, но ничего не
выходит. nginx 1.0.14

Спасибо за ранее за ваши советы
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru

Best way to handle preprod server_names (1 reply)

Greg — Wed, 16 May 2012 12:50:01 -0400

Hi,

I'm going to migrate a lots of vhosts from Squid+Apache2 to NginX, step
by step.
First step is to migrate just NginX and few static vhosts.

Actually there is ~600 domains x 5 vhosts + equivalent for preprod. So I
wrote a NginX vhost for ".mydomain1.com .mydomain2.com" and so on with
the 600 domains.

Question is, how the best practices to have this domains for our preprod
which looks like ".preprod.mydomain1.com" for each domains.

Preprod has specific config like gzip disabled (for internals purpose...).

Actually, prod's config looks like :
server {
server_name .mydomain1.com; # main domain
include /etc/nginx/domains.conf;
server_name_in_redirect off;
include common/prod.conf
}

And domains.conf :
server_name
..mydomain1.com
..mydomain2.com
....
;

Preprod could have this config :
server {
server_name .preprod.mydomain1.com; # main domain
include
/etc/nginx/preprod_domains.conf;
server_name_in_redirect off;
include common/preprod.conf
}

Which means (600 x 5 x 2) vhosts...

Is there a better way ?

--
Greg
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Lua Variable access bug? (no replies)

Sirsiwal, Umesh — Tue, 15 May 2012 22:18:01 -0400

Hello,
We are seeing the following problem with nginx variable access from Lua.

I have the following configuration:

set $vv $http_host;
set_by_lua $i ' return ngx.log(ngx.ERR, ngx.var.http_host)';

If I comment out the first line and send SIGHUP to master process the logged variable becomes empty.

#set $vv $http_host;
set_by_lua $i ' return ngx.log(ngx.ERR, ngx.var.http_host)';

Note that if we start nginx with set $vv $http_host; commented there is no issue. The issue only exists if we start off accessing the variable from the configuration file and than remove the variable access.

I think issue exists because of the way ngx_http_variables_init_vars is written. It changes the flags in the static ngx_http_core_variables variable. During the first configuration read cycle where $http_host is indexed, the flag changes to indexed. During the second configuration read cycle where the the $http_host variable should not be indexed, the flags still remain INDEXED. That confuses ngx_http_get_variable later.

Thanks for any help.

-Umesh
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Need to identify blocked requests vs other requests (1 reply)

valor — Wed, 16 May 2012 04:08:00 -0400

Hello there,

As limit_req returns 503 as well other 503 (service unavailable) native
errors I need a way to differentiate them in the access log.

One easy way would be to be able to set the status limit_req returns, would
be that possible?

The main reason I'm asking this it's because we analyze our logs in real
time to alert on certain values, until limit_req I used to hsend alerts if
more than X 503 status were seen in a time range. However, now I've
limit_req legitimate 503 which have nothing to do with the 503 of Service
unavailable which indeed need to take action.

Any ideas?

Thank you!

Guzmán
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Truncated output for css with nginx 1.2 (1 reply)

forforums — Wed, 16 May 2012 04:06:00 -0400

This is on centos and nginx 1.2.

I have a jetty server in the back and it is https all the way thru. Intermittently the browser hangs trying to read a css that the app is using. This file is about 30076 bytes and interestingly it always hangs at 16104 bytes. Now when I chomp the file down to 6k I have not been able to reproduce this problem!!

Jetty server returns a 200OK and 30076 bytes, but the logs in nginx shows

10.23.8.163 - - [15/May/2012:21:53:48 +0000] "GET /app/application.css HTTP/1.1" 200 16104 "https://loginlab.com/somesite" "Mozilla/5.0 (Ubuntu; X11; Linux x86_64; rv:8.0) Gecko/20100101 Firefox/8.0" "-" "RC4-SHA" "-" 0.062 0.062 - OK

when this happens. So I build nginx with debug and turned on debug for the hosts involved and I get this for the case when the file is chopped

2012/05/15 21:33:48 [debug] 31832#0: *216 http copy filter: 0 "/idp/application.css?"
2012/05/15 21:33:48 [debug] 31832#0: *216 event timer: 14, old: 1337119428147, new: 1337119428195
2012/05/15 21:33:48 [debug] 31832#0: *216 http upstream request: "/app/application.css?"
2012/05/15 21:33:48 [debug] 31832#0: *216 http upstream dummy handler
2012/05/15 21:33:48 [debug] 31832#0: *216 http upstream request: "/app/application.css?"
2012/05/15 21:33:48 [debug] 31832#0: *216 http upstream process non buffered upstream
2012/05/15 21:33:48 [debug] 31832#0: *216 SSL_read: 1
2012/05/15 21:33:48 [debug] 31832#0: *216 SSL_read: 0
2012/05/15 21:33:48 [debug] 31832#0: *216 SSL_get_error: 5
2012/05/15 21:33:48 [debug] 31832#0: *216 peer shutdown SSL cleanly

Seems like read gets a SSL_ERROR_SYSCALL. Any pointers to what else I can look at to get to the bottom of this problem is much appreciated.

Thanks
Anand

Script for Nagios (4 replies)

Tio Oscar — Tue, 15 May 2012 17:30:00 -0400

Hi guys, I sant because this is my first email to the list.

I'm a web developer from Argentina, and use nginx ago one year.

In my job, are installing a Negios monitor, and i need a nginx script for
check connections by servers.

Some of you know or have done one?

PD: Sorry my english.

--
El Tio ~ Programador, hacker y filósofo
web: http://blog.exodica.com.ar
Linked'in: http://www.linkedin.com/in/ogentilezza
Twitter: @exos, Indeti.ca: @exos
Tels: [+54 11] 638-LINUX (54689) - [+54 9 11] 6799-4797

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/IT d-- s:++ a- C+++$ UBL+++$ P(-) L+++$ !E--- W+++$ !N !o K-? !w--- !O
!M-- V? PS+++@ !PE Y+(++) PGP++ !t--- !5 X++ R(+) tv--? b- DI D-- G e@ h>++
r+++(-) y+++>+++++
------END GEEK CODE BLOCK------
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

proxy_cache only if custom header is set by upstream (3 replies)

ThomasLohner — Tue, 15 May 2012 12:24:51 -0400

Hi,

i know how to *prevent* caching if custom headers are set by upstream with proxy_cache_bypass and proxy_no_cache.

This time i'd like to do the opposite, i want the response to be cached *only* if a custom header is present.

I tried something like:

set $nocache 1;

proxy_no_cache $nocache;

...

if ($upstream_http_myheader = 1) {

set $nocache 0;

}

But this doesn't work. Any ideas or am i missing something?

cheers

Thomas Lohner

nginx-1.3.0 (5 replies)

Maxim Dounin — Wed, 16 May 2012 05:46:21 -0400

Изменения в nginx 1.3.0 15.05.2012

*) Добавление: директива debug_connection теперь поддерживает
IPv6-адреса и параметр "unix:".

*) Добавление: директива set_real_ip_from и параметр proxy директивы geo
теперь поддерживают IPv6-адреса.

*) Добавление: директивы real_ip_recursive, geoip_proxy и
geoip_proxy_recursive.

*) Добавление: параметр proxy_recursive директивы geo.

*) Исправление: в рабочем процессе мог произойти segmentation fault,
если использовалась директива resolver.

*) Исправление: в рабочем процессе мог произойти segmentation fault,
если использовались директивы fastcgi_pass, scgi_pass или uwsgi_pass
и бэкенд возвращал некорректный ответ.

*) Исправление: в рабочем процессе мог произойти segmentation fault,
если использовалась директива rewrite и в новых аргументах запроса в
строке замены использовались переменные.

*) Исправление: nginx мог нагружать процессор, если было достигнуто
ограничение на количество открытых файлов.

*) Исправление: при использовании директивы proxy_next_upstream с
параметром http_404 nginx мог бесконечно перебирать бэкенды, если в
блоке upstream был хотя бы один сервер с флагом backup.

*) Исправление: при использовании директивы ip_hash установка параметра
down директивы server могла приводить к ненужному перераспределению
клиентов между бэкендами.

*) Исправление: утечки сокетов.
Спасибо Yichun Zhang.

*) Исправление: в модуле ngx_http_fastcgi_module.

Maxim Dounin

_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru

[nginx-ru-announce] nginx-1.3.0 (no replies)

Maxim Dounin — Tue, 15 May 2012 10:42:00 -0400

Изменения в nginx 1.3.0 15.05.2012

*) Добавление: директива debug_connection теперь поддерживает
IPv6-адреса и параметр "unix:".

*) Добавление: директива set_real_ip_from и параметр proxy директивы geo
теперь поддерживают IPv6-адреса.

*) Добавление: директивы real_ip_recursive, geoip_proxy и
geoip_proxy_recursive.

*) Добавление: параметр proxy_recursive директивы geo.

*) Исправление: в рабочем процессе мог произойти segmentation fault,
если использовалась директива resolver.

*) Исправление: в рабочем процессе мог произойти segmentation fault,
если использовались директивы fastcgi_pass, scgi_pass или uwsgi_pass
и бэкенд возвращал некорректный ответ.

*) Исправление: в рабочем процессе мог произойти segmentation fault,
если использовалась директива rewrite и в новых аргументах запроса в
строке замены использовались переменные.

*) Исправление: nginx мог нагружать процессор, если было достигнуто
ограничение на количество открытых файлов.

*) Исправление: при использовании директивы proxy_next_upstream с
параметром http_404 nginx мог бесконечно перебирать бэкенды, если в
блоке upstream был хотя бы один сервер с флагом backup.

*) Исправление: при использовании директивы ip_hash установка параметра
down директивы server могла приводить к ненужному перераспределению
клиентов между бэкендами.

*) Исправление: утечки сокетов.
Спасибо Yichun Zhang.

*) Исправление: в модуле ngx_http_fastcgi_module.

Maxim Dounin

_______________________________________________
nginx-ru-announce mailing list
nginx-ru-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru-announce

nginx-1.3.0 (3 replies)

Maxim Dounin — Wed, 16 May 2012 04:22:00 -0400

Changes with nginx 1.3.0 15 May 2012

*) Feature: the "debug_connection" directive now supports IPv6 addresses
and the "unix:" parameter.

*) Feature: the "set_real_ip_from" directive and the "proxy" parameter
of the "geo" directive now support IPv6 addresses.

*) Feature: the "real_ip_recursive", "geoip_proxy", and
"geoip_proxy_recursive" directives.

*) Feature: the "proxy_recursive" parameter of the "geo" directive.

*) Bugfix: a segmentation fault might occur in a worker process if the
"resolver" directive was used.

*) Bugfix: a segmentation fault might occur in a worker process if the
"fastcgi_pass", "scgi_pass", or "uwsgi_pass" directives were used and
backend returned incorrect response.

*) Bugfix: a segmentation fault might occur in a worker process if the
"rewrite" directive was used and new request arguments in a
replacement used variables.

*) Bugfix: nginx might hog CPU if the open file resource limit was
reached.

*) Bugfix: nginx might loop infinitely over backends if the
"proxy_next_upstream" directive with the "http_404" parameter was
used and there were backup servers specified in an upstream block.

*) Bugfix: adding the "down" parameter of the "server" directive might
cause unneeded client redistribution among backend servers if the
"ip_hash" directive was used.

*) Bugfix: socket leak.
Thanks to Yichun Zhang.

*) Bugfix: in the ngx_http_fastcgi_module.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

[nginx-announce] nginx-1.3.0 (no replies)

Maxim Dounin — Tue, 15 May 2012 10:42:00 -0400

Changes with nginx 1.3.0 15 May 2012

*) Feature: the "debug_connection" directive now supports IPv6 addresses
and the "unix:" parameter.

*) Feature: the "set_real_ip_from" directive and the "proxy" parameter
of the "geo" directive now support IPv6 addresses.

*) Feature: the "real_ip_recursive", "geoip_proxy", and
"geoip_proxy_recursive" directives.

*) Feature: the "proxy_recursive" parameter of the "geo" directive.

*) Bugfix: a segmentation fault might occur in a worker process if the
"resolver" directive was used.

*) Bugfix: a segmentation fault might occur in a worker process if the
"fastcgi_pass", "scgi_pass", or "uwsgi_pass" directives were used and
backend returned incorrect response.

*) Bugfix: a segmentation fault might occur in a worker process if the
"rewrite" directive was used and new request arguments in a
replacement used variables.

*) Bugfix: nginx might hog CPU if the open file resource limit was
reached.

*) Bugfix: nginx might loop infinitely over backends if the
"proxy_next_upstream" directive with the "http_404" parameter was
used and there were backup servers specified in an upstream block.

*) Bugfix: adding the "down" parameter of the "server" directive might
cause unneeded client redistribution among backend servers if the
"ip_hash" directive was used.

*) Bugfix: socket leak.
Thanks to Yichun Zhang.

*) Bugfix: in the ngx_http_fastcgi_module.

Maxim Dounin

_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce

[nginx] svn commit: r4634 - tags (no replies)

Anonymous User — Tue, 15 May 2012 10:26:00 -0400

Author: mdounin
Date: 2012-05-15 14:24:09 +0000 (Tue, 15 May 2012)
New Revision: 4634
URL: http://trac.nginx.org/nginx/changeset/4634/nginx

Log:
release-1.3.0 tag

Added:
tags/release-1.3.0/

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

[nginx] svn commit: r4633 - trunk/docs/xml/nginx (no replies)

Anonymous User — Tue, 15 May 2012 10:24:00 -0400

Author: mdounin
Date: 2012-05-15 14:23:49 +0000 (Tue, 15 May 2012)
New Revision: 4633
URL: http://trac.nginx.org/nginx/changeset/4633/nginx

Log:
nginx-1.3.0-RELEASE

Modified:
trunk/docs/xml/nginx/changes.xml

Modified: trunk/docs/xml/nginx/changes.xml
===================================================================
--- trunk/docs/xml/nginx/changes.xml 2012-05-15 14:20:06 UTC (rev 4632)
+++ trunk/docs/xml/nginx/changes.xml 2012-05-15 14:23:49 UTC (rev 4633)
@@ -9,6 +9,145 @@
nginx changelog

+
+
+
+
+директива debug_connection теперь поддерживает IPv6-адреса
+и параметр "unix:".
+
+
+the "debug_connection" directive now supports IPv6 addresses
+and the "unix:" parameter.
+
+
+
+
+
+директива set_real_ip_from и параметр proxy
+директивы geo теперь поддерживают IPv6-адреса.
+
+
+the "set_real_ip_from" directive and the "proxy" parameter
+of the "geo" directive now support IPv6 addresses.
+
+
+
+
+
+директивы real_ip_recursive, geoip_proxy и geoip_proxy_recursive.
+
+
+the "real_ip_recursive", "geoip_proxy", and "geoip_proxy_recursive" directives.
+
+
+
+
+
+параметр proxy_recursive директивы geo.
+
+
+the "proxy_recursive" parameter of the "geo" directive.
+
+
+
+
+
+в рабочем процессе мог произойти segmentation fault,
+если использовалась директива resolver.
+
+
+a segmentation fault might occur in a worker process
+if the "resolver" directive was used.
+
+
+
+
+
+в рабочем процессе мог произойти segmentation fault,
+если использовались директивы fastcgi_pass, scgi_pass или uwsgi_pass
+и бэкенд возвращал некорректный ответ.
+
+
+a segmentation fault might occur in a worker process
+if the "fastcgi_pass", "scgi_pass", or "uwsgi_pass" directives were used
+and backend returned incorrect response.
+
+
+
+
+
+в рабочем процессе мог произойти segmentation fault,
+если использовалась директива rewrite и в новых аргументах запроса в строке
+замены использовались переменные.
+
+
+a segmentation fault might occur in a worker process
+if the "rewrite" directive was used and new request arguments
+in a replacement used variables.
+
+
+
+
+
+nginx мог нагружать процессор,
+если было достигнуто ограничение на количество открытых файлов.
+
+
+nginx might hog CPU
+if the open file resource limit was reached.
+
+
+
+
+
+при использовании директивы proxy_next_upstream с параметром http_404
+nginx мог бесконечно перебирать бэкенды, если в блоке upstream был
+хотя бы один сервер с флагом backup.
+
+
+nginx might loop infinitely over backends
+if the "proxy_next_upstream" directive with the "http_404" parameter was used
+and there were backup servers specified in an upstream block.
+
+
+
+
+
+при использовании директивы ip_hash
+установка параметра down директивы server
+могла приводить к ненужному перераспределению клиентов между бэкендами.
+
+
+adding the "down" parameter of the "server" directive
+might cause unneeded client redistribution among backend servers
+if the "ip_hash" directive was used.
+
+
+
+
+
+утечки сокетов.

+Спасибо Yichun Zhang.
+
+
+socket leak.

+Thanks to Yichun Zhang.
+
+
+
+
+
+в модуле ngx_http_fastcgi_module.
+
+
+in the ngx_http_fastcgi_module.
+
+
+
+
+
+

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

[nginx] svn commit: r4632 - trunk/misc (no replies)

Anonymous User — Tue, 15 May 2012 10:22:00 -0400

Author: mdounin
Date: 2012-05-15 14:20:06 +0000 (Tue, 15 May 2012)
New Revision: 4632
URL: http://trac.nginx.org/nginx/changeset/4632/nginx

Log:
Updated OpenSSL used for win32 builds.

Modified:
trunk/misc/GNUmakefile

Modified: trunk/misc/GNUmakefile
===================================================================
--- trunk/misc/GNUmakefile 2012-05-15 08:10:59 UTC (rev 4631)
+++ trunk/misc/GNUmakefile 2012-05-15 14:20:06 UTC (rev 4632)
@@ -6,7 +6,7 @@
REPO = $(shell svn info | sed -n 's/^Repository Root: //p')

OBJS = objs.msvc8
-OPENSSL = openssl-1.0.0i
+OPENSSL = openssl-1.0.1c
ZLIB = zlib-1.2.5
PCRE = pcre-8.30

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

php-fpm listen.mode and apache/mod_fastcgi/suexec (no replies)

Matthias Leopold — Tue, 15 May 2012 07:40:01 -0400

hi,

i'm trying to setup php-fpm (5.3.13) with apache 2.2 and mod_fastcgi for
shared hosting.

i want to be as "secure" as possible so i want to have the following in
php-fpm.conf (or included files):

listen = /srv/www/someusershome/php-fpm.sock
listen.owner = someuser
listen.group = somegroup
listen.mode = 0600

now "listen.mode = 0600" seems to be a problem. my apache/fastcgi conf
looks like this:

### server config ###

FastCgiWrapper /usr/lib/apache2/suexec

AddHandler php5-fcgi .php
Action php5-fcgi /fcgi-bin/php5.external
Alias /fcgi-bin/php5.external /php5.external

Order Deny,Allow
Deny from All
Allow from env=REDIRECT_STATUS

### virtual host ###

SuexecUserGroup someuser somegroup

FastCgiExternalServer /php5.external \
-socket /srv/www/someusershome/php-fpm.sock \
-user someuser -group somegroup

as i said, this only works with "listen.mode = 0666", not with
"listen.mode = 0600".

error_log says:
(13)Permission denied: FastCGI: failed to connect to server
"/php5.external": connect() failed, referer: http://www.somedomain.com

in google i can only find tutorials for nginx where "0600" seems to be
possible. i hope i can achieve this with apache/mod_fastcgi too.

thx for any advice
matthias

If-Modified-Since (3 replies)

Fredrik Widlund — Tue, 15 May 2012 10:08:01 -0400

Hi,

I'm obviously losing it somehow. What am I missing here, it must be something obvious that is going to make me look stupid, but I still don't see it. I just can't get If-Modified-Since to work?

Linux poc 3.3.4-2-ARCH #1 SMP PREEMPT Wed May 2 18:28:42 CEST 2012 x86_64 Intel(R) Xeon(R) CPU E5540 @ 2.53GHz GenuineIntel GNU/Linux

Default configure/make/nginx.conf etc directly from the 1.2.0 dist.

I send an IMS header, later than the last-modified, and still get a 200?

x@poc> touch a
x@poc> curl -za -v localhost/index.html
* About to connect() to localhost port 80 (#0)
* Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET /index.html HTTP/1.1
> User-Agent: curl/7.25.0 (x86_64-unknown-linux-gnu) libcurl/7.25.0 OpenSSL/1.0.1b zlib/1.2.7 libssh2/1.4.0
> Host: localhost
> Accept: */*
> If-Modified-Since: Tue, 15 May 2012 11:18:36 GMT
>
< HTTP/1.1 200 OK
< Server: nginx/1.2.0
< Date: Tue, 15 May 2012 11:18:40 GMT
< Content-Type: text/html
< Content-Length: 151
< Last-Modified: Tue, 15 May 2012 11:17:22 GMT
< Connection: keep-alive
< Accept-Ranges: bytes
[...]

Same request against Apache

x@poc> touch a
x@poc> curl -za -v localhost/index.html
* About to connect() to localhost port 80 (#0)
* Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET /index.html HTTP/1.1
> User-Agent: curl/7.25.0 (x86_64-unknown-linux-gnu) libcurl/7.25.0 OpenSSL/1.0.1b zlib/1.2.7 libssh2/1.4.0
> Host: localhost
> Accept: */*
> If-Modified-Since: Tue, 15 May 2012 11:25:13 GMT
>
< HTTP/1.1 304 Not Modified
< Date: Tue, 15 May 2012 11:25:14 GMT
< Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.1b DAV/2
< ETag: "89985-5-4c011747da2b3"

Kind regards,
Fredrik

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

[nginx] svn commit: r4631 - trunk/src/http (no replies)

Anonymous User — Tue, 15 May 2012 04:12:00 -0400

Author: ru
Date: 2012-05-15 08:10:59 +0000 (Tue, 15 May 2012)
New Revision: 4631
URL: http://trac.nginx.org/nginx/changeset/4631/nginx

Log:
Fixed win32 build after changes in r4624.

Modified:
trunk/src/http/ngx_http_core_module.c

Modified: trunk/src/http/ngx_http_core_module.c
===================================================================
--- trunk/src/http/ngx_http_core_module.c 2012-05-14 16:30:33 UTC (rev 4630)
+++ trunk/src/http/ngx_http_core_module.c 2012-05-15 08:10:59 UTC (rev 4631)
@@ -2704,7 +2704,7 @@
u_char *xff, size_t xfflen, ngx_array_t *proxies, int recursive)
{
u_char *p;
- in_addr_t *inaddr;
+ in_addr_t inaddr;
ngx_addr_t paddr;
ngx_cidr_t *cidr;
ngx_uint_t family, i;
@@ -2714,7 +2714,7 @@
#endif

#if (NGX_SUPPRESS_WARN)
- inaddr = NULL;
+ inaddr = 0;
#if (NGX_HAVE_INET6)
inaddr6 = NULL;
#endif
@@ -2723,7 +2723,7 @@
family = addr->sockaddr->sa_family;

if (family == AF_INET) {
- inaddr = &((struct sockaddr_in *) addr->sockaddr)->sin_addr.s_addr;
+ inaddr = ((struct sockaddr_in *) addr->sockaddr)->sin_addr.s_addr;
}

#if (NGX_HAVE_INET6)
@@ -2732,7 +2732,7 @@

if (IN6_IS_ADDR_V4MAPPED(inaddr6)) {
family = AF_INET;
- inaddr = (in_addr_t *) &inaddr6->s6_addr[12];
+ inaddr = *(in_addr_t *) &inaddr6->s6_addr[12];
}
}
#endif
@@ -2762,7 +2762,7 @@
#endif

default: /* AF_INET */
- if ((*inaddr & cidr[i].u.in.mask) != cidr[i].u.in.addr) {
+ if ((inaddr & cidr[i].u.in.mask) != cidr[i].u.in.addr) {
goto next;
}
break;

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Caching not working (2 replies)

Jeff Mitchell — Tue, 15 May 2012 14:10:01 -0400

Hello,

I'm running nginx 1.0.15. I have the following in my http block:

proxy_cache_path /var/tmp/nginx/proxy/cache/quickgit levels=1:2
keys_zone=quickgit:200m;
proxy_temp_path /var/tmp/nginx/proxy/temp;

and in my server block I have (among some other things):

index index.php;

error_page 418 = @feed;

if ( $args ~ a=atom ) {
return 418;
}
if ( $args ~ a=rss ) {
return 418;
}

location @feed {
include /etc/nginx/fastcgi_params;

proxy_cache quickgit;
proxy_hide_header Set-Cookie;
proxy_cache_key "$scheme$host$request_uri";
proxy_cache_use_stale error timeout invalid_header updating;
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
proxy_cache_valid any 1m;
proxy_ignore_headers X-Accel-Redirect X-Accel-Expires Expires
Cache-Control Set-Cookie;

fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_read_timeout 300;
fastcgi_send_timeout 300;
}

I know that the @feed location is being hit at the appropriate time
because if I put a "return 404" in there I get a 404 page when accessing
the atom/rss URLs. Additionally, nginx creates the correct directories
under /var/tmp/nginx/proxy. However, nothing shows up in the
cache...I've tried tweaking all sorts of parameters (including the
proxy_ignore_headers, even though I only see Set-Cookie coming from the
backend) but nothing has helped.

Thanks in advance,
Jeff

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

502 Bad Gateway (3 replies)

captexaj — Tue, 15 May 2012 20:25:12 -0400

Hi, When I attempt to access my Wordpress site, I keep getting NGINX Bad
Gateway errors. I looked in the NGINX error logs and there were no
entries, so after I performed some more research, I found out that
this could be a php-fpm issue, so I looked in the log and sure enough
when I went to my php5-fpm.log file, I saw this:

[14-May-2012 16:39:46] ERROR: unable to bind listening socket for
address '127.0.0.1:9000': Address already in use (98)
[14-May-2012 16:39:46] ERROR: FPM initialization failed

Any ideas on this one? I've already reviewed most of the forum discussions on this and have not had any success with fixing this.

Just a standard NGINX stack install on Ubuntu 10.04 to run Wordpress and Big Blue Button.