Welcome! Log In Create A New Profile


Random rewrite/proxy_pass timeouts

March 10, 2017 10:41PM
I'm seeing some strange behavior with nginx. I using it to proxy requests from one domain to another. What I'm seeing is at times requests to help.example.com start hanging. In order to fix it I need to either reload or restart the nginx service, which makes me think it's a resource issue but thought I'd check here first. Has anyone experienced anything like this before?

Here are a few technical details:
- nginx version: nginx/1.10.1
- t2.small in AWS
- Fronted by a classic ELB

I've also attached my nginx.conf and site.conf for reference. I have a few other sites in use that also use proxy_pass and it works just fine. So I'm thinking it may have something to do with the rewrite, but not 100% sure.

include /usr/share/nginx/modules/*;

# nginx Configuration File
# http://wiki.nginx.org/Configuration

# Run as a less privileged user for security reasons.
user www-data;

# How many worker threads to run;
# "auto" sets it to the number of CPU cores available in the system, and
# offers the best performance. Don't set it higher than the number of CPU
# cores if changing this parameter.

# The maximum number of connections for Nginx is calculated by:
# max_clients = worker_processes * worker_connections
worker_processes 1;

# Maximum open file descriptors per process;
# should be > worker_connections.
worker_rlimit_nofile 8192;

events {
# When you need > 8000 * cpu_cores connections, you start optimizing your OS,
# and this is probably the point at which you hire people who are smarter than
# you, as this is *a lot* of requests.
worker_connections 8000;

# Default error log file
# (this is only used when you don't override error_log on a server{} level)
# options are also notice and info
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

http {

# Hide nginx version information.
server_tokens off;

# Define the MIME types for files.
include /etc/nginx/mime.types;
default_type application/octet-stream;

# Update charset_types due to updated mime.types
charset_types text/xml text/plain text/vnd.wap.wml application/x-javascript application/rss+xml text/css application/javascript application/json;

# Format to use in log files
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

# Default log file
# (this is only used when you don't override access_log on a server{} level)
access_log /var/log/nginx/access.log main;

# How long to allow each connection to stay idle; longer values are better
# for each individual client, particularly for SSL, but means that worker
# connections are tied up longer. (Default: 65)
keepalive_timeout 35;

# Speed up file transfers by using sendfile() to copy directly
# between descriptors rather than using read()/write().
sendfile on;

# Tell Nginx not to send out partial frames; this increases throughput
# since TCP frames are filled up before being sent out. (adds TCP_CORK)
tcp_nopush on;

# Compression
# Enable Gzip compressed.
gzip on;

# Compression level (1-9).
# 5 is a perfect compromise between size and cpu usage, offering about
# 75% reduction for most ascii files (almost identical to level 9).
gzip_comp_level 5;

# Don't compress anything that's already small and unlikely to shrink much
# if at all (the default is 20 bytes, which is bad as that usually leads to
# larger files after gzipping).
gzip_min_length 256;

# Compress data even for clients that are connecting to us via proxies,
# identified by the "Via" header (required for CloudFront).
gzip_proxied any;

# Tell proxies to cache both the gzipped and regular version of a resource
# whenever the client's Accept-Encoding capabilities header varies;
# Avoids the issue where a non-gzip capable client (which is extremely rare
# today) would display gibberish if their proxy gave them the gzipped version.
gzip_vary on;

# Compress all output labeled with one of the following MIME-types.
# text/html is always compressed by HttpGzipModule

# This should be turned on if you are going to have pre-compressed copies (.gz) of
# static files available. If not it should be left off as it will cause extra I/O
# for the check. It is best if you enable this in a location{} block for
# a specific directory, or on an individual server{} level.
# gzip_static on;

# For behind a load balancer
real_ip_header X-Forwarded-For;

client_max_body_size 100m;

# default blank catch-all
server {
listen 80 default_server;
root /var/www/html/default;
index index.html;

# Include files in the sites-enabled folder. server{} configuration files should be
# placed in the sites-available folder, and then the configuration should be enabled
# by creating a symlink to it in the sites-available folder.
# See doc/sites-enabled.md for more info.
include /etc/nginx/sites-enabled/*;

server {
listen 80;

server_name help.example.com;

access_log /var/log/nginx/access.log access;
error_log /var/log/nginx/error.log error;

location /assets/ {
proxy_pass https://site.help/assets/;
proxy_set_header Host site.help;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Scheme https;

location /_api/ {
proxy_pass https://site.help/_api/;
proxy_set_header Host site.help;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Scheme https;

location / {
rewrite ^/(.*)/$ /example/$1/ permanent;
proxy_pass https://site.help;
proxy_set_header Host help.site.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;

# Deny config files
location ~* \.(sh|lock|json)$ {
deny all;

# Deny any hidden and old version of files
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~ ~$ { access_log off; log_not_found off; deny all; }
Subject Author Posted

Random rewrite/proxy_pass timeouts

patweb99 March 10, 2017 10:41PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 49
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready