Openssl Dynamic engine support for Nginx (1 reply)

August 22, 2018, 2:28 am

≫ Next: nginx for windows - reg (no replies)

≪ Previous: “max_conns” in upstream is not working what I've expected; (no replies)

$

0

0

HI Nginx Team,


I am working on a Dynamic engine for OpenSSL for RSA and AES. I need to add this Dynamic Engine in Nginx config file. How can I do that?

I am able to do the OpenSSL speed test with my engine. What configuration I need to add for Nginx to use this Dynamic engine.

---

nginx for windows - reg (no replies)

August 22, 2018, 2:38 am

≫ Next: Re: “max conns” in upstream is not working what I've expected; (no replies)

≪ Previous: Openssl Dynamic engine support for Nginx (1 reply)

$

0

0

Hi,
I have questions regarding nginx for windows,

1. Is nginx for windows stable?(I read here
https://nginx.org/en/docs/windows.html that it is in beta)
2. Are there any thirdparty nginx builds for windows platform that are
stable?
3. I have seen nginx built with cywin here
https://kevinworthington.com/nginx-for-windows/ and here
http://nginx-win.ecsds.eu/.Are these good for production?

Kindly help me out.Thanks in advance.

Regard,
Dinesh Babu K
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: “max conns” in upstream is not working what I've expected; (no replies)

August 22, 2018, 2:58 am

≫ Next: Proxy_Protocol with local Proxy_Pass to local secondary nginx process (no replies)

≪ Previous: nginx for windows - reg (no replies)

$

0

0

On Tue, Aug 21, 2018 at 10:58:15PM -0400, jinsam.kim wrote:
> Hello Super Heroes.
>
> I want to limit connections in a service. So I used max_conns directive in
> upstream.
>
> But it allows twice connections as many as I've set.
>
> So, I suspected myself. Maybe… Am I used the direction in wrong way.
>
> And I found some descriptions about “max_conns” exception rules.
>
> http://nginx.org/en/docs/http/ngx_http_upstream_module.html#server
>
> ----
> If idle keepalive connections, multiple workers, and the shared memory are
> enabled, the total number of active and idle connections to the proxied
> server may exceed the max_conns value.
> ----
>
> And I’ve tried change configuration of “keepalive”, “worker numbers” and
> “shared memory”. But it still the same. It allowed twice connections as many
> as I expected.
>
>
> My config file is blow.
>
> #
> # max_conns Test Server
> #
>
> proxy_cache_path /etc/nginx/cache levels=1:2 keys_zone=my_cache:10m
> max_size=10g inactive=60s use_temp_path=off;
>
> proxy_cache_key "$scheme$request_method$host$request_uri";
>
> upstream t10 {
> zone t1_z 1M;
> server localhost:8080 max_conns=5 max_fails=0 fail_timeout=1s;
> }
>
> server {
> listen 8000 ;
> location /test/1 {
> proxy_pass http://t10; # it takes 1 seconds
> }
> }
>
> And I run a shell script blow.
>
> for v in {1..40}
> do
> curl 'localhost:8000/test/1' -i -l >> 30_2.log &
> sleep 0.01
> done
>
> ----
>
> The url ‘localhost:8080/test/1’ takes 1 seconds.
>
> I expected 5 succeed and 35 fail. But it always 10 succeed, 30 failed.
>

Note that you are using 'localhost' in your upstream definition, not IP
address. Most probably it resolves into 2 addresses (127.0.0.1 and [::1]
I assume), so what you see is expected - each of peers processes 5
connections, giving 10 summary, and 30 are rejected, and 'no live
upstreams' are shown in error.log;

the configuration with hostname in your case is equal to:

upstream t10 {
zone t1_z 1M;
server 127.0.0.1:8080 max_conns=5 max_fails=0 fail_timeout=1s;
server [::1]:8080 max_conns=5 max_fails=0 fail_timeout=1s;
}

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Proxy_Protocol with local Proxy_Pass to local secondary nginx process (no replies)

August 22, 2018, 7:26 am

≫ Next: Proper User Directive (no replies)

≪ Previous: Re: “max conns” in upstream is not working what I've expected; (no replies)

$

0

0

Hello,

I am trying to route requests such that those requiring websockets will
route to a long-lived nginx process, and all others will go to the general
reverse-proxy which handles all other traffic. These nginx processes exist
in our AWS cloud behind an ELB that has been configured to use Proxy
Protocol. Note that all of this works correctly with our current setup
which uses only one nginx process that is configured to use proxy_protocol.

The change to this setup is as follows:

The first nginx server handling all ingress uses proxy_protocol and
forwards requests to either the websocket or non-websocket nginx servers
locally:

server {
listen 8080 proxy_protocol;
real_ip_header proxy_protocol;
charset utf-8;
client_max_body_size 20M;

#send to websocket process
location /client {
proxy_pass http://localhost:8084;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $proxy_protocol_addr;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Proxy-Scheme $scheme;
proxy_set_header X-Proxy-Port $proxy_port;
proxy_set_header X-ELB-Proxy-Scheme "https";
proxy_set_header X-ELB-Proxy-Port "443";

# Always support web socket connection upgrades
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}

#send to non-websocket process
location / {
proxy_pass http://localhost:8082;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $proxy_protocol_addr;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Proxy-Scheme $scheme;
proxy_set_header X-Proxy-Port $proxy_port;
proxy_set_header X-ELB-Proxy-Scheme "https";
proxy_set_header X-ELB-Proxy-Port "443";

# Always support web socket connection upgrades
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}


When any non-websocket request is sent to localhost:8082, I get an empty
reply. If I remove proxy_protocol from the first server, I get a response
as expected. Obviously, I need proxy_protocl to support the ingress from
our ELB, so removing it is not an option. However, I would like to know
what pieces I am missing to route traffic correctly -- and I would also
like to know why proxying a request locally from a proxy_protocol enabled
server to another nginx process (regardless of this second process using
proxy_protocol or not) fails.

For reference, the basic configuration of this secondary nginx process is
below:

upstream console {
server localhost:3000 max_fails=3 fail_timeout=60 weight=1;
}

server {
listen 8082;
client_max_body_size 20M;

location /console {
proxy_pass http://console
}

.
.
.


}



Thank you all for your time,
Joseph Wonesh

--
This message is private and confidential. If you have received message in
error, please notify us and remove from your system. 
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Proper User Directive (no replies)

August 22, 2018, 5:34 pm

≫ Next: gzip_types (no replies)

≪ Previous: Proxy_Protocol with local Proxy_Pass to local secondary nginx process (no replies)

$

0

0

Hi there. My question is about using a proper user.

This directive was initially blank, then Passenger (nginx on FreeBSD) threw an error:

env: bash: No such file or directory
uid=65534(nobody) gid=65534(nobody) groups=65534(nobody)

PWD=/usr/local/www/pneb
HOME=/nonexistent
SHELL=/usr/sbin/nologin
LOGNAME=nobody
USER=nobody
PASSENGER_APP_ENV=production
NODE_ENV=production
WSGI_ENV=production
RACK_ENV=production
RAILS_ENV=production
NODE_PATH=/usr/local/lib/ruby/gems/2.4/gems/passenger-5.3.4/src/nodejs_supportlib
PYTHONUNBUFFERED=1
PASSENGER_SPAWN_WORK_DIR=/tmp/passenger.spawn.8FRO7ztegy
IN_PASSENGER=1
SERVER_SOFTWARE=nginx/1.14.0 Phusion_Passenger/5.3.4
PASSENGER_USE_FEEDBACK_FD=true
PATH=/sbin:/bin:/usr/sbin:/usr/bin
RC_PID=35522

So the lack of a user closed up the $PATH to bash for some reason. I tried www and my own username, resulting in the same errors.

The example on nginx.com states "www www” as the user, but that gives me the same error.

I checked the documentation and it is not even two lines long:

http://nginx.org/en/docs/ngx_core_module.html#user

So I’m without a user and/or group to run nginx. Is there something I’m missing? Everywhere I look, people are confused about the user/group to run nginx as. “root” doesn’t work, and I’ve been told not to run it as root.

How can I get this to work?

Cheers, Bee




_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

gzip_types (no replies)

August 23, 2018, 4:22 am

≫ Next: Build nginx for ARMV7l (1 reply)

≪ Previous: Proper User Directive (no replies)

$

0

0

What would be the reason that setting
Gzip_types *;
Is bad?

I’m running into a compression problem and if I set it to * everything gzips just fine but if I list them out explicitly the type image/jpeg is not being gzip’d via proxy request but all others are gzip’d by proxy. Gzip_proxied is set to any.

___________________________________________
Michael Friscia
Office of Communications
Yale School of Medicine
(203) 737-7932 - office
(203) 931-5381 - mobile
http://web.yale.eduhttp://web.yale.edu/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Build nginx for ARMV7l (1 reply)

August 23, 2018, 10:10 am

≫ Next: cache key > 1049 characters results in 502 (no replies)

≪ Previous: gzip_types (no replies)

$

0

0

Good afternoon, community! There was a need to compile nginx under the ARMV7L platform, but the guides on the links do not help.
https://superuser.com/questions/1098001/nginx-on-armv7l-installation
or this http://tiebing.blogspot.com/2014/09/cross-compile-nginx-for-arm.html



Maybe there is another way?

cache key > 1049 characters results in 502 (no replies)

August 24, 2018, 1:02 am

≫ Next: gzip_static module does not obey mime types (no replies)

≪ Previous: Build nginx for ARMV7l (1 reply)

$

0

0

We currently use caching for guests, our search pages use long urls to pass the parameters to our application. Currently searches that worked for logged in users don't work for guests.

I can show the issue with these two curl examples ( which are not obviously valid searches )

As a guest

james_@Sophie:/mnt/c/Users/james$ curl -I    "https://archiveofourown.org/works?a=111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111"
HTTP/1.1 502 Bad Gateway
Server: nginx/1.13.7
Content-Type: text/html
Connection: keep-alive
X-Proxy-Cache: MISS
X-Hostname: ao3-front01
Date: Fri, 24 Aug 2018 07:19:10 GMT
X-Page-Speed: 1.13.35.1-0
Cache-Control: max-age=0, no-cache, s-maxage=10


Faked logged in

james_@Sophie:/mnt/c/Users/james$  curl -I   --cookie "user_credentials=Yes"    "https://archiveofourown.org/works?a=111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111"
HTTP/1.1 200 OK
Server: nginx/1.13.7
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
ETag: W/"1790278d744d2e531bec864667a1668c"
Set-Cookie: _otwarchive_session=*******c1ab; path=/; expires=Fri, 07 Sep 2018 07:55:19 -0000; HttpOnly
X-Request-Id: 236abd18-2463-4163-ab7e-24b3b10e572e
X-Runtime: 0.182444
X-Aooo-Debug1: Archive Unicorn
X-Clacks-Overhead: GNU Terry Pratchett
Potential_upstream: unicorn_story
X-Hostname: ao3-front01
Date: Fri, 24 Aug 2018 07:55:19 GMT
X-Page-Speed: 1.13.35.1-0
Cache-Control: max-age=0, no-cache, must-revalidate

One less character


james_@Sophie:/mnt/c/Users/james$ curl -I    "https://archiveofourown.org/works?a=11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111"
HTTP/1.1 200 OK
Server: nginx/1.13.7
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Request-Id: d4cb7c78-78bd-4de5-a974-1695db5a6d23
X-Runtime: 0.188035
X-Proxy-Cache: HIT
X-Hostname: ao3-front01
X-Clacks-Overhead: GNU Terry Pratchett
X-ao3-caching-backend: unicorn_story
X-Page-Speed: 1.13.35.1-0
X-Aooo-Debug1: Archive Unicorn
X-Clacks-Overhead: GNU Terry Pratchett
Potential_upstream: unicorn_cache
X-Hostname: ao3-front01
Date: Fri, 24 Aug 2018 07:19:17 GMT
X-Page-Speed: 1.13.35.1-0
Cache-Control: max-age=0, no-cache

I think the relevant bits of the config are:

    client_body_buffer_size 2048k;
    proxy_buffers     32 64k;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
    proxy_set_header X-Queue-Start "t=${msec}000";
    proxy_redirect off;
    proxy_read_timeout 300;
    proxy_cache_path /var/cache/nginx/downloads keys_zone=downloads_cache:4096m loader_threshold=300 loader_files=200 max_size=300g inactive=30d  levels=2:2;
    proxy_cache_path /var/cache/nginx/ao3       keys_zone=ao3_cache:4096m       loader_threshold=300 loader_files=200 max_size=70g inactive=1h   levels=2:2;
    proxy_cache_path /var/cache/nginx/tmpfs     keys_zone=ao3_tmpfs:4096m      loader_threshold=300 loader_files=200 max_size=40g  inactive=1h   levels=2:2;
    large_client_header_buffers 4 32k;

And

        location / {
          proxy_cache ao3_tmpfs;
          proxy_cache_key "$request_uri";
          proxy_cache_valid 200 302 40m;
          proxy_cache_valid 404     10m;
          proxy_cache_use_stale   error timeout invalid_header updating;
          proxy_cache_lock on ;
          proxy_cache_min_uses 1 ;
          proxy_buffering        on ;
          proxy_hide_header      Cache-Control ;
          proxy_hide_header      Set-Cookie ;
          proxy_ignore_headers   Cache-Control ;
          proxy_ignore_headers   Set-Cookie ;

        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For "$http_x_forwarded_for,$realip_remote_addr" ;
        proxy_set_header X-Forwarded-Proto $scheme ;
        proxy_headers_hash_bucket_size 4096 ;
        proxy_redirect off;
        proxy_set_header Connection "";
        real_ip_recursive on ;
        set_real_ip_from 10.0.0.0/8 ;
        real_ip_header X-Forwarded-For;
        client_max_body_size 4G;
        keepalive_timeout 5;          proxy_set_header Host archiveofourown.org ;
          add_header             X-Proxy-Cache $upstream_cache_status always;
          add_header             X-Hostname $hostname always;
          add_header             Cache-Control "public" always;
          add_header             X-Clacks-Overhead "GNU Terry Pratchett" ;
          add_header             X-ao3-caching-backend "$unicorn_cache_backend" ;
          proxy_pass http://$unicorn_cache_backend;
          expires 40m ;
         }_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

---

gzip_static module does not obey mime types (no replies)

August 24, 2018, 3:56 am

≫ Next: Questions regarding worker_connections (no replies)

≪ Previous: cache key > 1049 characters results in 502 (no replies)

$

0

0

I've noticed for a while that when gzip_static is enabled it checks *every* file it serves for a .gz extension, not just the ones listed in the gzip_types. For example in a page with 1 html and 30 images you'll have 61 requests to the file system: 1 for the correct .html.gz file, 30 for the non-existent .png.gz files, and 30 for the .png files.

You can verify this on a running server that has gzip_static on, with "strace -p PID 2>&1 | grep gz" (where PID is an nginx worker's PID). Visit a page of the site that has images and you'll get a whole bunch of "-1 ENOENT (No such file or directory)" in the output attached to /var/www/website/image.png.gz files.

I am wondering if this is intentional or if it is a bug. Thanks for your time.


_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Questions regarding worker_connections (no replies)

August 24, 2018, 2:56 pm

≫ Next: reverse proxy https not working (3 replies)

≪ Previous: gzip_static module does not obey mime types (no replies)

$

0

0

Got a question regarding the worker_connections configuration. Is a
worker_connection
essentially
a tcp socket connection or http session?

Via the http_stub_status_module, I can see there are
connections in waiting state, but any new request
will result in a "worker connections are not enough"
alert in error.log. Why it cannot accept new connections
if there are existing connections in waiting state? Is that
a bug? I am using nginx 1.6.2.

Thanks,

Alder
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

reverse proxy https not working (3 replies)

August 26, 2018, 1:48 am

≫ Next: Resolver not working as expected (1 reply)

≪ Previous: Questions regarding worker_connections (no replies)

$

0

0

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Resolver not working as expected (1 reply)

August 27, 2018, 6:32 am

≫ Next: [nginx]access log and error log (no replies)

≪ Previous: reverse proxy https not working (3 replies)

$

0

0

Hi,

Sample conf:

http{
resolver x.x.x.x;
server {
server_name _;
location / {
proxy_pass http://somedomain.com;
}
}

I have nameservers configured in my resolv.conf. But, somedomain.com will
be configured in x.x.x.x DNS server only. So, I have specified resolver in
my nginx.conf. However, during startup/reload I get "host not found in
upstream error". Why nginx is not considering resolver conf and searches
only in the nameservers configured in resolv.conf?

Thanks,
Shanthu
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

[nginx]access log and error log (no replies)

August 27, 2018, 5:50 pm

≫ Next: (no subject) (no replies)

≪ Previous: Resolver not working as expected (1 reply)

$

0

0

Hello,

I’m suffering a problem with access.log and error.log for nginx.service on RHEL 7.4.

The problem is either access.log and error.log are not recording the log.

To solve this issue, I have tried multiple time changing logrotation setting for nginx.

Below is the setting of logrotation for nginx.service.(/etc/logrotate.d/nginx)

/var/log/nginx/*.log {
daily
missingok
rotate 7
compress
create 644 nginx adm
sharedscripts
postrotate
if [ -f /var/run/nginx.pid ]; then
kill -USR1 'cat /var/run/nginx.pid'
fi
endscript
}

By the way, the log will start recording on both log files after restarting the nginx.service.

I would like to know the issue on here and how to solve it.

Regards,
Kentaro

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

(no subject) (no replies)

August 27, 2018, 8:00 pm

≫ Next: when exec nginx -t,same connection reset by peer (1 reply)

≪ Previous: [nginx]access log and error log (no replies)

$

0

0

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

when exec nginx -t,same connection reset by peer (1 reply)

August 28, 2018, 6:10 am

≫ Next: ip restriction (no replies)

≪ Previous: (no subject) (no replies)

$

0

0

when i exec nginx -t,client receive connection by peer.In my prod,one server runs 5W qps, and cpu usage is close 25%

---

ip restriction (no replies)

August 28, 2018, 7:40 am

≫ Next: nginx-1.15.3 (no replies)

≪ Previous: when exec nginx -t,same connection reset by peer (1 reply)

$

0

0

IP restriction not working in nginx.
shows 403 for allowed ip and denied ip address also.
is the http_access_module enabled by default
i am using nginx 1.14.0

nginx-1.15.3 (no replies)

August 28, 2018, 8:50 am

≫ Next: nginx.conf-2018 (no replies)

≪ Previous: ip restriction (no replies)

$

0

0

Changes with nginx 1.15.3 28 Aug 2018

*) Feature: now TLSv1.3 can be used with BoringSSL.

*) Feature: the "ssl_early_data" directive, currently available with
BoringSSL.

*) Feature: the "keepalive_timeout" and "keepalive_requests" directives
in the "upstream" block.

*) Bugfix: the ngx_http_dav_module did not truncate destination file
when copying a file over an existing one with the COPY method.

*) Bugfix: the ngx_http_dav_module used zero access rights on the
destination file and did not preserve file modification time when
moving a file between different file systems with the MOVE method.

*) Bugfix: the ngx_http_dav_module used default access rights when
copying a file with the COPY method.

*) Workaround: some clients might not work when using HTTP/2; the bug
had appeared in 1.13.5.

*) Bugfix: nginx could not be built with LibreSSL 2.8.0.


--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

nginx.conf-2018 (no replies)

August 28, 2018, 9:38 am

≫ Next: Re: [nginx-announce] nginx-1.15.3 (no replies)

≪ Previous: nginx-1.15.3 (no replies)

$

0

0

Hello,

As some of you probably know we are doing a conference in Atlanta in
October 8 - 11 this year. You can find its full agenda here:

https://www.nginx.com/nginxconf/2018/agenda/

I'd like to draw special attention to nginx dev training that Roman
and Valentin are doing on the day 0 and day 3.

This training is rather unique, guys will provide in-depth talk
about nginx code development and also give some practical examples.

I hope you enjoy the rest of the conf as well.

I must admit it is not cheap. Good news is that I provide a
cheat^Wdiscount code for you.

Thanks,

Maxim

--
Maxim Konovalov
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: [nginx-announce] nginx-1.15.3 (no replies)

August 28, 2018, 10:10 am

≫ Next: nginx prevent file download (no replies)

≪ Previous: nginx.conf-2018 (no replies)

$

0

0

Hello Nginx users,

Now available: Nginx 1.15.3 for Windows
https://kevinworthington.com/nginxwin1153
(32-bit and 64-bit versions)

These versions are to support legacy users who are already using Cygwin
based builds of Nginx. Officially supported native Windows binaries are at
nginx.org.

Announcements are also available here:
Twitter http://twitter.com/kworthington
Google+ https://plus.google.com/+KevinWorthington/

Thank you,
Kevin
--
Kevin Worthington
kworthington *@* (gmail] [dot} {com)
https://kevinworthington.com/
https://twitter.com/kworthington
https://plus.google.com/+KevinWorthington/


On Tue, Aug 28, 2018 at 3:47 PM, Maxim Dounin <mdounin@mdounin.ru> wrote:

> Changes with nginx 1.15.3 28 Aug
> 2018
>
> *) Feature: now TLSv1.3 can be used with BoringSSL.
>
> *) Feature: the "ssl_early_data" directive, currently available with
> BoringSSL.
>
> *) Feature: the "keepalive_timeout" and "keepalive_requests" directives
> in the "upstream" block.
>
> *) Bugfix: the ngx_http_dav_module did not truncate destination file
> when copying a file over an existing one with the COPY method.
>
> *) Bugfix: the ngx_http_dav_module used zero access rights on the
> destination file and did not preserve file modification time when
> moving a file between different file systems with the MOVE method.
>
> *) Bugfix: the ngx_http_dav_module used default access rights when
> copying a file with the COPY method.
>
> *) Workaround: some clients might not work when using HTTP/2; the bug
> had appeared in 1.13.5.
>
> *) Bugfix: nginx could not be built with LibreSSL 2.8.0.
>
>
> --
> Maxim Dounin
> http://nginx.org/
> _______________________________________________
> nginx-announce mailing list
> nginx-announce@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-announce
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

nginx prevent file download (no replies)

August 29, 2018, 8:48 am

≫ Next: Throttle requests with limit_req rate based on header from response to auth subrequest (no replies)

≪ Previous: Re: [nginx-announce] nginx-1.15.3 (no replies)

$

0

0

Hi,

I am running nginx webserver and i have set the below location block in
nginx.conf configuration file to prevent a file to download. When i hit
http://example.com/web.config on the browser, the web.config file gets
downloaded. It is not working.

location ~* \.(config)$ {
deny all;
}


I will appreciate if somebody can pitch in for help. Thanks in Advance.

Best Regards,

Kaushal
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx