-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello! On 11/28/2015 05:26 PM, Wandenberg Peixoto wrote: > This directive is available only on paid version > > Additionally, the following parameters are available as part of our > commercial subscription http://nginx.com/products/: > > |purger|=|on|||off| My bad, didn't read the whole pages. :) Thank you, bro :) > >by dewanggaba - Nginx Mailing List - English
Hello! I am using nginx 1.8.0 on Cent OS 7, tried to enable purger directive, mentioned on http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_path But got error like this : nginx[46931]: nginx: invalid parameter "purge=on" in /etc/nginx/conf.d/proxy.conf:5 My complete directive are like this : proxy_cache_path /var/cache/nginx/proxy_cache levels=1:2 keys_zone=mycachby dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! I'm struggling with fastcgi_cache, the cache will be valid and got 'HIT' status if I'm writing simple PHP code. Like `phpinfo` or printing `date`. My fastcgi parameter are looks like this http://fpaste.org/293267/19588614/raw/ I send the request using HEAD : $ HEAD domain.tld/artikel/berita/wakil-gubernur-yogyakarta-paku-alam-ix-mangkat 200by dewanggaba - Nginx Mailing List - English
Like this? nginx version: nginx/1.9.5 built by gcc 4.8.3 20140911 (Red Hat 4.8.3-9) (GCC) built with OpenSSL 1.0.2d-fips 9 Jul 2015 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginxby dewanggaba - Nginx Mailing List - English
Hello! On 09/28/2015 08:40 PM, rikske@deds.nl wrote: > Dear, > > Does the Nginx HTTP/2 module work on RHEL 7.1 with (ALPN) TLS? > > It seems like the HTTP/2 module is enabled by default in your RHEL 7.1 > based rpm and srpm. > > Your Nginx website writes about: > > "Note that accepting HTTP/2 connections over TLS requires the > “Application-Layer Protocby dewanggaba - Nginx Mailing List - English
Hello! On 08/31/2015 09:29 PM, shahzaib shahzaib wrote: > Hi, > > We want nginx vhost to access the file audo_portal.php without > specifying it,i.e instead of using > URL http://domain.com/audio_portal.php , can we access it with > http://domain.com ? So it'll directly access audio_portal.php just like > index.php ? Yes you can use index on http, location, and server. Sby dewanggaba - Nginx Mailing List - English
Hello! Recently discovered by my self, since apache 2.4.1 or latest, it was bundled with mod_remoteip. So, we didn't need any additional modules like mod_rpaf or mod_extract_forwarded. On 05/07/2015 10:11 AM, Nurahmadie Nurahmadie wrote: > > On Thu, May 7, 2015 at 12:07 PM, Dewangga Bachrul Alam > <dewanggaba@xtremenitro.org <mailto:dewanggaba@xtremenitro.org>> wrote: >by dewanggaba - Nginx Mailing List - English
Hello! On 05/07/2015 09:45 AM, Nurahmadie Nurahmadie wrote: > Hi > > On Thu, May 7, 2015 at 11:38 AM, Dewangga Bachrul Alam > <dewanggaba@xtremenitro.org <mailto:dewanggaba@xtremenitro.org>> wrote: > > Hello! > > Did anyone have same problem when configuring reverse proxy nginx + > apache, when the request came from nginx, the IP didn't showsby dewanggaba - Nginx Mailing List - English
Hello! Did anyone have same problem when configuring reverse proxy nginx + apache, when the request came from nginx, the IP didn't shows real visitor. Example access.log: 127.0.0.1 - - [07/May/2015:09:27:30 +0700] "GET / HTTP/1.0" 200 61925 127.0.0.1 - - [07/May/2015:09:27:35 +0700] "GET / HTTP/1.0" 200 61925 127.0.0.1 - - [07/May/2015:09:27:43 +0700] "GET / HTTP/1.0&quoby dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! On 5/4/2015 15:22, Francis Daly wrote: > On Mon, May 04, 2015 at 11:43:10AM +0700, Dewangga wrote: > > Hi there, > >> map $http_referer $badboys { hostnames; default 0; >> "~*hitleap.com" 1; } > > For info: > > This should work as-is; but when using "hostnames", you probablyby dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! I have a map directive like this : map $http_referer $badboys { hostnames; default 0; "~*hitleap.com" 1; } and already defined on server block like this : server { ... skip .. if ($badboys) { return 406; } ... skip .. } but, if I tried to access them using given referral, still got HTTP 200. $by dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! What linux distribution do you use? On el6 I use openssl-1.0.1e-30.el6 On el7 I use openssl-1.0.1e-42.el7.4.x86_64 https://kb.iweb.com/entries/90860777-Security-vulnerabilities-in-OpenSSL - -FREAK-CVE-2015-0204-and-more Red hat using their own packages versioning (CMIIW), it might be vary with your linux distro. And how do you test your sitby dewanggaba - Nginx Mailing List - English
Hi! You'll _never_ reach http request since you set HSTS configuration :) If you still want some http request on your web server, disable your HSTS directive. (see Daniel statement on previous email). On 03/20/2015 05:14 PM, Gena Makhomed wrote: > On 20.03.2015 11:35, Daniël Mostertman wrote: > >> You said that in your configuration, you have the following line: >> >> #by dewanggaba - Nginx Mailing List - English
I've got same experience with Laravel framework. They have another configuration to set header like that. What web apps framework do you use? On Sunday, February 8, 2015, deltaxfx <nginx-forum@nginx.us> wrote: > I have a domain setup with SSL and I am trying to get HSTS headers working. > I have done this in NGINX before with no problem. On this new domain I > can't > seem toby dewanggaba - Nginx Mailing List - English
Hi, I have project that will be used multilocation webserver, but still confuse about implementing GeoDNS or GeoIP. Which method are powerfull? I want to separate user between Country A to WebServer A, Country B to Webserver B. Each webserver are located on each country. _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/by dewanggaba - Nginx Mailing List - English
It's looks like wordpress problem. Not your conf. Did you figure it out the problem if set your wordpress into https mode? On Thursday, November 20, 2014, JACK LINKERS <jacklinkers@gmail.com> wrote: > Hello, > > I try to force SSL redirect on my website, but I'm getting a > ERR_TOO_MANY_REDIRECTS. > > I can't figure what's wrong, here is my vhost .conf file : > > seby dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, By default nginx drops as pasted before, nginx never drops the file types as `httpd_config_t`. If you never needed SELinux and didn't familiar with it, just disabled. But, it not recommended to you to disable them. Good luck! On 10/31/2014 01:05, mevans336 wrote: > That's the thing, I've never needed to set an SELinux policy. These > areby dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Something wrong on your policy? $ cat /etc/issue CentOS release 6.6 (Final) Kernel \r on an \m $ sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: enforcing Policy version: 24 Policy from config file: targetedby dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Oh sorry, I still use the comp_level to 9. Should I decrease it? If yes, which value? Sorry for thread discussion hijacking :) On 10/27/2014 10:44, Valentin V. Bartenev wrote: > On Monday 27 October 2014 10:29:46 Dewangga wrote: >> Hi, >> >> Have you tried to put `gzip_comp_level` on level 9? Based on >> http://nginby dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Have you tried to put `gzip_comp_level` on level 9? Based on http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_comp_level And tried to put `gzip_proxied any` http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_proxied On 10/27/2014 10:04, colky wrote: > Sorry about everyone, i posted in another forum but not got any >by dewanggaba - Nginx Mailing List - English
Hi, Did you want to centralize your session? Or what? IMHO, nginx didn't have capability to cache the session. CMIIW If you want to centralize your session, store them into database. On Sunday, October 26, 2014, photographer <nginx-forum@nginx.us> wrote: > How to cache phpsessid? > > Please, prompt me how to cache pages with phpsessid? Website set many > different cookies. Iby dewanggaba - Nginx Mailing List - English
Hi, Have you tried to increase your client_max_body_size to 3MB? Or at least equivalent with your php.ini configuration. On Sunday, October 26, 2014, NaZz <nginx-forum@nginx.us <javascript:_e(%7B%7D,'cvml','nginx-forum@nginx.us');>> wrote: > I have a joomla website and when I am trying to update a larger extension I > get bad gateway (502) error. > I am able to update all sby dewanggaba - Nginx Mailing List - English
Hi mex, Yes, it's apacheconfig, Litespeed is drop-in replacement for Apache. Here is my full nginx -V http://fpaste.org/142890/60334141/raw I don't have nginx with different openssl-library installed. Thanks. On 10/17/2014 10:29 PM, mex wrote: >> Regarding POODLEbleed[1] issue, I've disable SSLv3 on `ssl_protocols` > > thats the most important part > > >> directive.by dewanggaba - Nginx Mailing List - English
Hi there, Regarding POODLEbleed[1] issue, I've disable SSLv3 on `ssl_protocols` directive. But, ssllabs.com says that : ---- snip ---- Downgrade attack prevention No, TLS_FALLBACK_SCSV not supported (more info[2]) ---- snip ---- But on LiteSpeed[3] configuration, it says yes. ---- snip ---- Downgrade attack prevention Yes, TLS_FALLBACK_SCSV supported ---- snip ---- With configuration: ----by dewanggaba - Nginx Mailing List - English
Hi, Problem solved, on conf.d directory, there is active HSTS directive, that's why the HTTP forcing to HTTPS, wherever I force them back to http. Thanks anyway. On 10/15/2014 12:02 AM, crazy world wrote: > Can you grab the http conversation from the browser or run tcpdump to show the difference between curl and the browser? The client sends the different thing to the server which is confirmby dewanggaba - Nginx Mailing List - English
Update: I just want to redirect specific URL contains `/go/*` to HTTP, and force others to HTTPS. On 10/14/2014 12:03 PM, Dewangga Bachrul Alam wrote: > Hi, > > Today, I was implement redirect using return 301, here's my snippet: > > server { > listen 80; > server_name domain.tld; > error_log /dev/null; > access_log off; >by dewanggaba - Nginx Mailing List - English
Hi, Today, I was implement redirect using return 301, here's my snippet: server { listen 80; server_name domain.tld; error_log /dev/null; access_log off; return 301 https://www.domain.tld$request_uri; } server { listen 80; server_name www.domain.tld; error_log /dev/null; access_log off; location ^~ /go/ { # Apacheby dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Are you using system and/or config management to manage your third party software? IMHO, nginx and apache is same, the different is only on configuration and performance. Pkgs, pacthes, updates, etc depend on each linux distribution. IMHO. On 9/30/2014 23:41, drfence wrote: > I work for a big news organization in the South East.. The support >by dewanggaba - Nginx Mailing List - English
Are you familiar with SELinux? If not, just disable it :) Try run 'getenforce' (without quotes) on your console, it must be enforcing. On 09/29/2014 06:31 PM, mert1972 wrote: > Thanks Anton for your response, > Would you please provide some hints about how I can overcome this issue. > This is a newly built Centos 7 system, I am a bit new to Centos. > > Best Regards, > Volkan. &by dewanggaba - Nginx Mailing List - English
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Which one do you use to reloading the config? `restart` or `reload` command? On 9/20/2014 02:50, igorhmm wrote: > Hi BR, > > I don't known how to reproduce, not yet :-) > > I couldn't identify which worker was responding too, but I can see > with strace warnings in the old wolker about EAGAIN (Resource > temporarily unavaiby dewanggaba - Nginx Mailing List - English