Welcome! Log In Create A New Profile

Advanced

Re: Nginx with Varnish as a proxy. Phantom Port 80

April 01, 2016 01:38AM
OK, was trying to keep the post relevant and succinct, but here goes with the config. Its a newly set up server, so pretty much standard.
=============================
# cat nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
worker_connections 768;
# multi_accept on;
}

http {
# required for letsencrypt verification
server {

location ~ /.well-known/acme-challenge/(.*) {
default_type text/plain;
}
}

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;
gzip_disable "msie6";

# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

===========================
nothing at all in ./conf.d/
===========================
> cat sites-enabled/default
# Default server configuration
#
server {
# handles anything going to numeric IP address.
listen 80 default_server;

root /var/www/html;

# Add index.php to the list if you are using PHP
index index.html index.php index.htm index.nginx-debian.html;

server_name localhost 16.17.18.19;

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}


error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}

}

=======================================================
$> cat sites-enabled/domain1.com.

server {
listen 80;

server_name www.domain1.com domain1.com;
root /home/user/domains/domain1.com/public_html/public;
access_log /home/user/domains/domain1.com/logs/access.log;
error_log /home/user/domains/domain1.com/logs/error.log;

index index.php index.html index.htm;
error_page 404 /404.html;

location / {
try_files $uri $uri/ /index.php?$args;
}

# Pass PHP scripts to PHP-FPM
location ~ \.php$ {
try_files $uri =403;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm-user.sock;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}


# Enable browser cache for CSS / JS
location ~* \.(?:css|js)$ {
expires 2d;
add_header Pragma "public";
add_header Cache-Control "public";
add_header Vary "Accept-Encoding";
}

# Enable browser cache for static files
location ~* \.(?:ico|jpg|jpeg|gif|png|bmp|webp|tiff|svg|svgz|pdf|mp3|flac|ogg|mid|midi|wav|mp4|webm|mkv|ogv|wmv|eot|otf|woff|ttf|rss|atom|zip|7z|tgz|gz|rar|bz2|tar|exe|doc|docx|xls|xlsx|ppt|pptx|rtf|odt|ods|odp)$ {
expires 5d;
add_header Pragma "public";
add_header Cache-Control "public";
}

# Prevent logging of favicon and robot request errors
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; }
}


server {
listen 443;
server_name www.domain1.com domain1.com;
root /home/user/domains/domain1.com/public_html;
access_log /home/user/domains/domain1.com/logs/access.log;
error_log /home/user/domains/domain1.com/logs/error.log;

index index.php index.html index.htm;
error_page 404 /404.html;

ssl on;
ssl_certificate /etc/letsencrypt/live/domain1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain1.com/privkey.pem;

ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
index index.php index.html index.htm;
error_page 404 /404.html;

location / {
try_files $uri $uri/ /index.php?$args;
}

# Pass PHP scripts to PHP-FPM
location ~ \.php$ {
try_files $uri =403;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm-user.sock;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}

# Enable browser cache for CSS / JS
location ~* \.(?:css|js)$ {
expires 2d;
add_header Pragma "public";
add_header Cache-Control "public";
add_header Vary "Accept-Encoding";
}

# Enable browser cache for static files
location ~* \.(?:ico|jpg|jpeg|gif|png|bmp|webp|tiff|svg|svgz|pdf|mp3|flac|ogg|mid|midi|wav|mp4|webm|mkv|ogv|wmv|eot|otf|woff|ttf|rss|atom|zip|7z|tgz|gz|rar|bz2|tar|exe|doc|docx|xls|xlsx|ppt|pptx|rtf|odt|ods|odp)$ {
expires 5d;
add_header Pragma "public";
add_header Cache-Control "public";
}

# Prevent logging of favicon and robot request errors
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; }

}

===========
There are three other domains in this directory, all created by copying and editing the domain1 file. So nothing extra in there. You'll just have to take my word for it that the listen directives are all the same.
Subject Author Posted

Nginx with Varnish as a proxy. Phantom Port 80

plutocrat April 01, 2016 12:29AM

Re: Nginx with Varnish as a proxy. Phantom Port 80

Robert Paprocki April 01, 2016 12:34AM

Re: Nginx with Varnish as a proxy. Phantom Port 80

plutocrat April 01, 2016 12:42AM

Re: Nginx with Varnish as a proxy. Phantom Port 80

Robert Paprocki April 01, 2016 12:48AM

Re: Nginx with Varnish as a proxy. Phantom Port 80

plutocrat April 01, 2016 01:38AM

Re: Nginx with Varnish as a proxy. Phantom Port 80

plutocrat April 01, 2016 01:41AM

Re: Nginx with Varnish as a proxy. Phantom Port 80

Francis Daly April 01, 2016 03:14AM

Re: Nginx with Varnish as a proxy. Phantom Port 80

Francis Daly April 01, 2016 03:18AM

Re: Nginx with Varnish as a proxy. Phantom Port 80

plutocrat April 01, 2016 06:33AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 83
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready