Lukas, you're of course right! My mistake, I see so many times the "ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY" error that I forgot there was another one which is completely different. Shahzaib, I'm very sorry, I can't help you :-( As said by Lukas, have you tried others files than the mp4 we see in your capture? Like images or just plain text. And also have you tried compiling nginx wby Alt - Nginx Mailing List - English
Hello! This issue often happens when a cipher is missing in your cipher list and Chrome tries to use another cipher forbidden in the HTTP/2 spec. Using SSL Labs would normally display such error (in the "Handshake Simulation" part of thei results). And yes, Chrome sucks for displaying an error related to SPDY, even when you don't have any SPDY and are using HTTP/2.by Alt - Nginx Mailing List - English
You're welcome! Glad you solved it :-)by Alt - Nginx Mailing List - English
Hello, In your first message you said you enabled SSL. But in the configuration you posted, there's nothing related to SSL (no listen 443, nothing about certificate,...). Did you enabled SSL in another .conf file and forgot to include it in nginx.conf? Best Regards.by Alt - Nginx Mailing List - English
Hello, Have you reloaded your configuration with "service nginx reload"? You can first check if there's no error with "service nginx configtest". If you need more help, post us your nginx configuration (the output of "nginx -T" would be best). Best Regards.by Alt - Nginx Mailing List - English
Hey! abrogard Wrote: ------------------------------------------------------- > Astounding. I'm told MS did this to stop it being used as a server. > But hell that's what it is supposed to be isn't it? You have a Windows for desktop and IIS is present for development purposes. If you don't want limits, you should get a Windows Server which is more expensive, or use nginx on your cby Alt - Nginx Mailing List - English
Hello :-) Maxim Dounin Wrote: ------------------------------------------------------- > Yes, but there isn't much difference: as long as httpready sees > something different from a HTTP request, it just passes the > connection to nginx. > > Quoting accf_http(9): > > If something other than a HTTP/1.0 or HTTP/1.1 HEAD or GET > request is > receiby Alt - Nginx Mailing List - English
Hello ! steveh Wrote: ------------------------------------------------------- > listen 443 default_server accept_filter=httpready ssl; > listen 80 default_server accept_filter=httpready; Not related to your problem: I think you'll want "accept_filter=dataready" for your SSL configuration. Best Regards.by Alt - Nginx Mailing List - English
Hello, Andrei Wrote: ------------------------------------------------------- > does not support HTTP/2 with "Server Push" (which most consider the > primary > boost in HTTP/2), however it is available in Nginx Plus (paid No, parallel requests are the primary boost of HTTP/2. Personally I'm very happy with the current implementation of HTTP/2 in nginx, I've no use ofby Alt - Nginx Mailing List - English
Hello, You just need fail2ban and no need to know Perl. But you'll probably need to know regular expressions. Fail2ban can be adapted to most log format, but nginx logs format is the same as apache, so it's easy :-) I'm sure you can find many tutorials to explain how to install and configure it by searching "fail2ban apache" or "fail2ban nginx".by Alt - Nginx Mailing List - English
Hello, Not sure if it can help you, because only some bots respect it and not in the same way, but you could look at the "crawl-delay" directive in the robots.txt file: https://en.wikipedia.org/wiki/Robots_exclusion_standard#Crawl-delay_directiveby Alt - Nginx Mailing List - English
Hello, I don't agree with Robert Paprocki: adding modules like naxsi or modsecurity to nginx is not a solution. They have bugs, performance hits, need patch when there's new versions of nginx,... gariac, you say you send 444 to hackers then use a script to display those. Why not use fail2ban to scan the logs and ban them for some time. But of course, fail2ban could also be a performance hitby Alt - Nginx Mailing List - English
GreenGecko Wrote: ------------------------------------------------------- > answering my own question. If any of the files are missing, it returns > a > 404. Hello, I've never used nginx-http-concat, but you can disable this behavior with "concat_ignore_file_error on". Found in the doc: https://github.com/alibaba/nginx-http-concat Best Regardsby Alt - Nginx Mailing List - English
Amanat Wrote: ------------------------------------------------------- > I can use 2 Gb ram whole day with apache and with Nginx even 32 gb ram > works only for 5 min. Oh, I wonder how I'm using nginx with PHP on servers with 2GB of RAM and no swap... uptimes are in the hundreds days (reboots only for security updates). > If any of you have any suggestion to tweak nginx config. Plby Alt - Nginx Mailing List - English
Hello, Muhammad Yousuf Khan Wrote: ------------------------------------------------------- > I can access php files properly like info.php. to check whether php > is > working or not. however the problem part is wordpress. > > when i try to load my wordpress site chrome shows an error saying > reduction > loop occur. > I would think there's a configurationby Alt - Nginx Mailing List - English
Hello, I don't know CentOS, so I can't really help, but there are some instructions here: http://nginx.org/en/linux_packages.html And if you are getting an error, could you give more details (error, commands you are typing,...)? Best Regardsby Alt - Nginx Mailing List - English
Hello! George Wrote: ------------------------------------------------------- > But no love for LibreSSL users as Nginx 1.9.12 seems to broken > compilation against LibreSSL 2.2.6 for me > https://trac.nginx.org/nginx/ticket/908#ticket ? Great news, there's a fix in LibreSSL: https://github.com/libressl-portable/portable/commit/be3b129221b2f77b23fc3d833c0eb2c444624eb0 I stillby Alt - Nginx Mailing List - English
Hello, Great, thanks Andrew! Best Regardsby Alt - Nginx Mailing List - English
Hello, Jim Ohlstein Wrote: ------------------------------------------------------- > If you need http2 there is always the option to compile your own nginx > binary against a more modern version of OpenSSL than what your > operating system provides, or to change operating systems to one which > provides such an OpenSSL version. Yes, it's what I'm doing with LibreSSL :-)by Alt - Nginx Mailing List - English
Hello, "In most cases HTTP/2 with NPN in OpenSSL 1.0.1 will work for now.", yes, for now, sadly Google will remove the NPN support in Chrome "soon": "We plan to remove support for SPDY in early 2016, and to also remove support for the TLS extension named NPN in favor of ALPN in Chrome at the same time. Server developers are strongly encouraged to move to HTTP/2 and ALPNby Alt - Nginx Mailing List - English
Hello, You can check with this command found on this website: https://unmitigatedrisk.com/?p=100 openssl s_client -connect login.live.com:443 -tls1 -tlsextdebug -status If everything goes well, you should find something like: "OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Responsby Alt - Nginx Mailing List - English
Hello, Thanks for this new nginx release! It would be great to officially support LibreSSL in nginx. Until now, nginx had no problem compiling LibreSSL using "--with-openssl=". Best Regardsby Alt - Nginx Mailing List - English
Hello, Thanks also Maxim for your answer! Best Regardsby Alt - Nginx Mailing List - English
Hello, Thanks Valentin for your answer! Best Regardsby Alt - Nginx Mailing List - English
Hello, To use pcre_jit ( http://nginx.org/r/pcre_jit ), is it mandatory to compile nginx with "--with-pcre-jit"? On FreeBSD, nginx isn't compiled with "--with-pcre-jit", but I can still use "pcre_jit on;" without nginx throwing errors. So, does nginx really use PCRE JIT in this case? This bug report: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200793 mentby Alt - Nginx Mailing List - English
Hello again :-) As said in my last message, in theory you shouldn't lose your configuration. But : backup, backup and backup :-) And compile and test on a test server, not on a production server :-) Best Regards.by Alt - Nginx Mailing List - English
Hello Thierry, Just rebuilding a Debian package and installing it shouldn't break anything. But a problem or mistake can always happen, so I don't recommend doing eveything I said in my previous message on your production server. I don't think you want to spend your XMas fixing your server :-) So compile, package and test nginx on a test server (a virtual machine for example). And anyway, yby Alt - Nginx Mailing List - English
Hello Thierry, Here's a quick howto build a nginx debian package, I hope it's clear and that I'm not making mistakes. First, you need to get the source of nginx and others files to build the package. You can probably do something like "apt-get source nginx", but I prefer to go on this page: https://packages.debian.org/jessie/nginx and manually download the 3 files on the right. Soby Alt - Nginx Mailing List - English
Hello, It looks very interesting, but how the brotli static module works with the gzip static module also enabled? Best Regardsby Alt - Nginx Mailing List - English
Hello, I've found this archive explaining why it's not in the documentation: http://mailman.nginx.org/pipermail/nginx/2012-November/036199.html Best Regardsby Alt - Nginx Mailing List - English