Cugar15 Wrote: ------------------------------------------------------- > I'm missing a bit here. The Proxy will route incomming email on port > 25 to my MTA receiving on port xyz. > The MTA will be able to send out on port 25 again. The MTA needs to be aware of the proxy (since I think your relay denied message is because of this) and if so it is masking your main problem, see hereby itpp2012 - Nginx Mailing List - English
Cugar15 Wrote: ------------------------------------------------------- > Well, does it have to be? It depends who is denying relay access and why but it sounds the backend is denying relay because nginx's IP is not listed as such. > And if yes, which setting will allow it? Thats a backend setting if above is the case.by itpp2012 - Nginx Mailing List - English
Cugar15 Wrote: ------------------------------------------------------- > Telnet without manual auth login: Relay Access denied > Telnet with manual auth login: Relay Access denied Are you sure nginx (as in-between client) is allowed to relay?by itpp2012 - Nginx Mailing List - English
Have you tried these yet: proxy_http_version 1.1; proxy_ignore_client_abort on; You have to play with error handling on nginx's side, the both are not talking properly to each other.by itpp2012 - Other discussion
See also https://forum.nginx.org/read.php?15,263481,263482#msg-263482 Have a look how you are dealing with: error timeout http_500 http_502 http_503 http_504 http_404, etc.by itpp2012 - Other discussion
bdmesh Wrote: ------------------------------------------------------- > I did find the following logs (dns name and ip addresses modified): > 2015/12/15 03:40:13 10#0: *32460 upstream server temporarily > disabled while connecting to upstream, client: 10.0.1.127, server: , This indicates a backend is causing this, not nginx, it may be going down (and marked as down) for some reasoby itpp2012 - Other discussion
If you are using DNS names and the lookup of those names take longer then they should for whatever reason this can seriously impact nginx performance. If possible use IP's to see if the delays are gone or use a debug build version to see where in the code it is waiting and for what. If it is really a dns issue you might have to do some caching of dns lookups.by itpp2012 - Other discussion
Sounds like a DNS issue.by itpp2012 - Other discussion
Could be a timing issue or some kind of (backend) control nginx is (yet) unaware of. I wrote a small piece about this, which should make thing clearer but not solve it strait away: ===================== The historical psychology of cgi and proxy(backend). CGI: has never been (or designed as) a frontend, it always expects to talk to a downstream. Proxied-backend: has always been a fronteby itpp2012 - Other discussion
Джим переехал форум сервера, вы можете получить некоторые ошибки 502, который в настоящее время фиксированные, и я заметил, некоторые сообщения потерялся утром, если вы пропустили пост, вы не сходите с ума или застрять в Tby itpp2012 - Nginx Mailing List - Russian
Jim moved the forum server, you may have gotten some 502 errors which are now fixed, also I've noticed some posts got lost this morning, if you're missing a post you're not going insane or stuck in a timewarp ;-)by itpp2012 - Nginx Mailing List - English
Try yourself with Curl which supports ssl.by itpp2012 - How to...
rits Wrote: ------------------------------------------------------- > say first server is selected from upstream. Since I have specified > hash $upstream_addr, all subsequent requests go to this server. Even > new requests. There is no new cookie or parameter to change it to next > server for new set of stateful requests. Thats just how it works without using a cookie to route,by itpp2012 - How to...
rits Wrote: ------------------------------------------------------- > Thanks. > > I tried it. sessions are sticking to the same server but It is not > doing round robin, My all requests are going only to first upstream > server configured in nginx config. Round robin and sticking to one member do NOT go together (unless a member has failed). ea. you want to go from A toby itpp2012 - How to...
rits Wrote: ------------------------------------------------------- > Thank you for your response. I am new to nginx, can you elaborate or > send a link to using Lua with nginx sticky module(for windows). See our manual "NGINX for Windows - The Latest Documentation" at http://nginx-win.ecsds.eu/ chapter 18. Adding Lua for upstream checks: https://github.com/openresty/lua-resby itpp2012 - How to...
With Lua just about anything is possible in this scenario, but the question should be: what are you going to do with sticky session data when it falls over? Stickiness is used to maintain and be consistent for one data session and its backend processor, a backup server may very well not know what to do with a session it knows nothing about or may even process the wrong data... I'd suggestby itpp2012 - How to...
Reading through these will make you understand how to convert and how it works: https://www.digitalocean.com/community/tutorials/how-to-migrate-from-an-apache-web-server-to-nginx-on-an-ubuntu-vps http://blog.donnywals.com/how-i-migrated-from-apache-to-nginx/ rewriting: https://www.thegeekstuff.com/2017/08/nginx-rewrite-examples/ https://stackoverflow.com/questions/4329316/how-to-write-a-uby itpp2012 - Migration from Other Servers
zeromaster Wrote: ------------------------------------------------------- > Well thanks for this helpfull answer.. > You are telling me the owner shouldn't be Nginx, but in my setup > www-data (nginx) is the owner. So how and in what should i change it. Remove the write/exec right(s) from all objects except the ones it really needs like logfiles/pid. In normal operation nginx shouby itpp2012 - How to...
Reading through these will make you also understand how to convert and how it works: https://www.digitalocean.com/community/tutorials/how-to-migrate-from-an-apache-web-server-to-nginx-on-an-ubuntu-vps http://blog.donnywals.com/how-i-migrated-from-apache-to-nginx/by itpp2012 - Migration from Other Servers
For SSL you need a second server {} block and a listen 443. ssl_certificate is not going to work for port 80.by itpp2012 - How to...
Both are defined as 'default', a default block is only used to capture anything not matched, so remove it from both.by itpp2012 - How to...
zeromaster Wrote: ------------------------------------------------------- > itpp2012 Wrote: > ------------------------------------------------------- > > Owner != nginx > > nginx only read rights > > > > If nginx runs as owner with rw rights your allowing too much. > > > So is this setup safe or not, because I don't really understand what > yby itpp2012 - How to...
Your best isolation is to not allow any write access to nginx other then its logfiles. With PHP it is more or less the same except you need to allow some write access for php code that needs this such as session folders, explicitly allow access there but no where else. 2) set open_basedir in php.ini (and don't allow write access) and do not set its value by passing it on.by itpp2012 - How to...
I seem to recall that with ipv6 you can't mix 80 with 443 in one server configuration, but I might be wrong here.by itpp2012 - Nginx Mailing List - English
Your better of with Lua (embedded in nginx), search for openresty.by itpp2012 - Nginx Mailing List - English
Fastidious Wrote: ------------------------------------------------------- > For the domains running on SSL (443), I want all requests on 80 for > the same domain to be redirected to their SSL. The domains running on > 80 (non-SSL) should just work as they should. Then the example I gave should work as you want, just apply this to the domains you want redirected.by itpp2012 - How to...
Owner != nginx nginx only read rights If nginx runs as owner with rw rights your allowing too much.by itpp2012 - How to...
Fastidious Wrote: ------------------------------------------------------- > What I am looking for is to automatically redirect all non-SSL to SSL > for those domains (with www, and without) that are running SSL, while > still allowing regular non-SSL (with www, and without) access to those > domains running without SSL. What would the simplest way be? Thanks! Huh? you either reby itpp2012 - How to...
https://www.ruby-forum.com/topic/6873127 http://serverfault.com/questions/663290/in-nginx-error-log-ssl-bytes-to-cipher-listinappropriate-fallback http://stackoverflow.com/questions/28010492/nginx-critical-error-with-ssl-handshakingby itpp2012 - Nginx Mailing List - English
![]() |
![]() |
![]() |
![]() |
|