The same you would for php, php-cgi listens on a port, so does your application.by itpp2012 - How to...
Anything in $request you can test for ?by itpp2012 - How to...
Follow the yellow brick road: http://nginx-win.ecsds.eu/by itpp2012 - New Member Introductions
When you access bla.com a DNS (which is usually your ISP dns) will convert bla.com into whatever the DNS points to, it does not matter where you are. Unless you make an internal DNS entry for example in etc/hosts making it point to some other IP address. The question is what IP are you getting when your outside with ping bla.com and what IP when your at home.by itpp2012 - How to...
Why not read the documentation: http://nginx.org/en/docs/http/server_names.htmlby itpp2012 - How to...
julianfernandes Wrote: ------------------------------------------------------- > Why would SSL perform so badly? I generated the key with 4096 instead > of 2048, but I don't believe that would affect CPU usage this much. http://bench.cr.yp.to/results-encrypt.htmlby itpp2012 - Nginx Mailing List - English
Set worker connections to 10k, a 500 is usually a tomcat backend that needs https://github.com/yaoweibin/nginx_ajp_moduleby itpp2012 - How to...
Better place to ask Lua stuff: https://groups.google.com/forum/#!forum/openresty-enby itpp2012 - How to...
> > I was wondering if remote ip's hostname lookup can be done before > > rate-limiting it. For example, I don't want to block IPs coming from > > Nginx does not lookup remote hostnames at all. https://github.com/flant/nginx-http-rdnsby itpp2012 - Nginx Mailing List - English
http://www.cyberciti.biz/faq/linux-unix-nginx-access-control-howto/ http://nginx.com/resources/admin-guide/restricting-access/by itpp2012 - How to...
1.7.7 is stable enough, even the current 1.7.8 is good enough. Why not try it out on a test system and trow some ab tests against it to see what the performance does. Or go for Lua to change the logfile, or create a separate server/location block for the blacklist. Context for access_log: http, server, locationby itpp2012 - Nginx Mailing List - English
How about map and log->if ? http://nginx.org/en/docs/http/ngx_http_log_module.htmlby itpp2012 - Nginx Mailing List - English
It is here: http://forum.nginx.org/list.php?2by itpp2012 - Migration from Other Servers
See http://forum.nginx.org/read.php?2,254701by itpp2012 - How to...
21:38 17-11-2014 nginx 1.7.8.1 Gryphon Based on nginx 1.7.8 (17-11-2014, last changeset 5904:abb466a57a22) with; + Naxsi WAF v0.53-3 (upgraded 15-11-2014) + https://github.com/nginx/nginx/pull/7 has been added to code base changeset 5900:20d966ad5e89 + Updated Install_nginx_php_services.zip on site to v1.3 + Updated, simple Web Application Firewall, see conf/nginx-simple-WAF.conf + cachby itpp2012 - Nginx Mailing List - English
You could use IF alot of times but IF should only be used as an exit method (if x=y return 503), a better way would be via Lua; rewrite_by_lua ' if not ngx.var.remote_ip then ngx.var.remote_ip = 'value'; end; if ................. etc. ';by itpp2012 - How to...
It makes no difference as this combo; root '/path/'; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; open_basedir = '/path/' doc_root = '/path/' Next to jailing, this boxes everything in. With location /.../ '.php' you fine-tune where scripts live which may be run. I'd leave cgi.force_redirect commented, ea. not set to anything at all.by itpp2012 - Nginx Mailing List - English
A WAF, even the simple one we supply in /conf, is only a tool for an application-fool :) Both take some white-listing experience before it all works but also requires more then basic knowledge to prevent legitimate posts from getting blocked. You might read through https://groups.google.com/forum/#!forum/naxsi-discuss and see Harry's posts about rule-set updates for naxsi. One men's data isby itpp2012 - Nginx Mailing List - English
Apart from those settings, jailing php just like nginx as we do with 'Install_nginx_php_services.zip' and following its advice about further jailing, there is only one thing you could do and that's create more php jailed users, one for each instance and jailing them to their environment (www.sitea.nl using a different jailed upstream then www.sitab.nl). Following these 'basic' recommendations,by itpp2012 - Nginx Mailing List - English
Within location you forgot something like this: fastcgi_cache_key $scheme$host$request_method$request_uri; fastcgi_cache_valid 200 302 304 30m; fastcgi_cache_valid 301 1h; fastcgi_cache_valid any 5m; fastcgi_cache_use_stale error timeout invalid_header updating http_500;by itpp2012 - How to...
You only use it at one point not both, the frontend is the best point.by itpp2012 - How to...
Ivan Artyukhin Wrote: ------------------------------------------------------- > configuration. I'm still confused why I can set this header for > non-SSL port and I can't do it for SSL. What am I missing? Maybe its a SNI thing, see also http://forum.nginx.org/read.php?2,222512,222516#msg-222516by itpp2012 - Nginx Mailing List - English
With such backends you need to tell the backend that the origin is https, otherwise it will 'think' its serving http since it is unaware of a proxy. ea. <!-- This connector is for normal HTTP connections --> <Connector port="8080" protocol="HTTP/1.1" proxyPort="443" proxyName="domain.nl" You might geby itpp2012 - Nginx Mailing List - English
If thats where you want this to happen then yes.by itpp2012 - How to...
For logging you have $remote_addr:$remote_port, can't you pass $remote_port ?by itpp2012 - How to...
On the proxy, considering the speed between both nginx's being LAN speed.by itpp2012 - How to...
Then upgrade to 1.7.7by itpp2012 - Nginx Mailing List - English
Maybe this one: http://forum.nginx.org/read.php?29,250118by itpp2012 - Nginx Mailing List - English
What about this instead; ~^(192.168.0.*)$ 1;by itpp2012 - Other discussion
NaZz Wrote: ------------------------------------------------------- > If its unrelated to nginx why are people suggesting to edit various > settings in nginx.conf to fix this particular problem? You can only do so much with config, the real problem here is the upstream (=backend). nginx talks English <> your backend talks Russian Somewhere your backend started talking a Russianby itpp2012 - Nginx Mailing List - English
![]() |
![]() |
![]() |
![]() |
|