Welcome! Log In Create A New Profile

Advanced

NGINX SSL Reverse Proxy Cache Caching Content only for individual clients

Posted by ryanrbftp 
NGINX SSL Reverse Proxy Cache Caching Content only for individual clients
June 21, 2015 08:01AM
We are having some trouble setting up NGINX as a reverse SSL proxy cache.

We have successfully got everything working except the content caching feature.

The caching feature works, and displays a "X-Cache: HIT" header for the second request for a single client - but if a different client tries to access the same resource, they get a "X-Cache: MISS" on their first request.

How can we enable caching globally and not just on a per client basis?

Thank you for your help in advance.

Code on NGINX Proxy:

http {
server_tokens off;
include mime.types;
default_type application/octet-stream;

#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';

#access_log logs/access.log main;

sendfile on;
#tcp_nopush on;

#keepalive_timeout 0;
keepalive_timeout 65;

#gzip on;
proxy_cache_path /cache keys_zone=one:10m
loader_threshold=300 loader_files=200
max_size=200m;
server {

proxy_cache one;

listen 195.224.144.000:443 ssl spdy;
server_name www.mydomain.net;

ssl_certificate /certificates/mydomain.cer;
ssl_certificate_key /certificates/mydomain.key;

ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;


location / {
ModSecurityEnabled on;
ModSecurityConfig modsecurity.conf;
add_header X-Cache $upstream_cache_status;
proxy_set_header Host $host;
proxy_force_ranges on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://195.224.144.000;
proxy_read_timeout 180s;

}
}
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 315
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready