Quantcast
Channel: Nginx Forum - Nginx Mailing List - English
Viewing all 7229 articles
Browse latest View live

Force linking to static archives during make? (4 replies)

December 19, 2013, 7:06 am
$
0
0
This should be my last build question.

$ ./auto/configure --with-http_ssl_module ...
--with-cc-opt="-I/usr/local/ssl/include"
--with-ld-opt="-L/usr/local/ssl/lib /usr/local/ssl/lib/libssl.a
/usr/local/ssl/lib/libcrypto.a -ldl"
....
$ make
....

Results in the following. Note that OpenSSL is still dynamically linked:

$ ldd objs/nginx
linux-vdso.so.1 => (0x00007fffd0dfe000)
libdl.so.2 => /lib64/libdl.so.2 (0x0000003ebf600000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x0000003ebfa00000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x0000003ed3e00000)
libpcre.so.1 => /lib64/libpcre.so.1 (0x0000003ec0a00000)
libssl.so.1.0.0 => not found
libcrypto.so.1.0.0 => not found
libz.so.1 => /lib64/libz.so.1 (0x0000003ebfe00000)
libc.so.6 => /lib64/libc.so.6 (0x0000003ebf200000)
/lib64/ld-linux-x86-64.so.2 (0x0000003ebea00000)
libfreebl3.so => /lib64/libfreebl3.so (0x0000003ec7a00000)

*****

Adding -Bstatic does not help even though its clearly on the link command line:

$ ./auto/configure --with-http_ssl_module ...
--with-cc-opt="-I/usr/local/ssl/include" --with-ld-opt="-Bstatic
-L/usr/local/ssl/lib /usr/local/ssl/lib/libssl.a
/usr/local/ssl/lib/libcrypto.a -ldl"
....
$ make
....
objs/src/http/modules/ngx_http_upstream_keepalive_module.o \
objs/ngx_modules.o \
-Bstatic -L/usr/local/ssl/lib /usr/local/ssl/lib/libssl.a
/usr/local/ssl/lib/libcrypto.a -ldl -lpthread -lcrypt -lpcre -lssl
-lcrypto -lz
....
$ ldd objs/nginx
linux-vdso.so.1 => (0x00007fffd4fc6000)
libdl.so.2 => /lib64/libdl.so.2 (0x0000003ebf600000)
...
libssl.so.1.0.0 => not found
libcrypto.so.1.0.0 => not found

*****

Omitting -L/usr/local/ssl/lib results in a failed configure.

*****

How does one force nginx to use static linking for a library?

Thanks in advance.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Search

checking for OpenSSL library ... not found (11 replies)

December 18, 2013, 5:00 am
$
0
0
<snip>
checking for OpenSSL library ... not found

../auto/configure: error: SSL modules require the OpenSSL library.
You can either do not enable the modules, or install the OpenSSL library
into the system, or build the OpenSSL library statically from the source
with nginx by using --with-openssl=<path> option.
</snip>

*****

I believe OpenSSL is present (I just built it from sources):

$ ls /usr/local/ssl/
bin certs include lib man misc openssl.cnf private

$ ls /usr/local/ssl/lib/
engines libcrypto.a libssl.a pkgconfig

*****

Here was my configure. $THIS_USER and $THIS_GROUP was set properly to
my login and group.

../auto/configure --with-debug --with-http_ssl_module
--prefix="$THIS_DIR/ac" --http-proxy-temp-path="$THIS_DIR/ac/temp"
--user="$THIS_USER" --group="$THIS_GROUP"
--with-cc-opt="-I/usr/local/ssl/include"
--with-ld-opt="/usr/local/ssl/lib/libcrypto.a
/usr/local/ssl/lib/libssl.a /usr/local/ssl/lib/libcrypto.a

*****

I believe --with-cc-opt and --with-ld-opt is the preferred (required?)
way to do things for local/custom OpenSSL
(http://mailman.nginx.org/pipermail/nginx/2010-April/019644.html).

Does anything look out of place?

Jeff

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: [nginx-announce] nginx-1.5.8 (no replies)

December 18, 2013, 10:06 am
$
0
0
Hello Nginx users,

Now available: Nginx 1.5.8 for Windows http://goo.gl/zq3gGm (32-bit and
64-bit versions)

These versions are to support legacy users who are already using Cygwin
based builds of Nginx. Officially supported native Windows binaries are at
nginx.org.

Announcements are also available via my Twitter stream (
http://twitter.com/kworthington), if you prefer to receive updates that way.

Thank you,
Kevin
--
Kevin Worthington
kworthington *@* (gmail] [dot} {com)
http://kevinworthington.com/
http://twitter.com/kworthington


On Tue, Dec 17, 2013 at 9:08 AM, Maxim Dounin <mdounin@mdounin.ru> wrote:

> Changes with nginx 1.5.8 17 Dec
> 2013
>
> *) Feature: IPv6 support in resolver.
>
> *) Feature: the "listen" directive supports the "fastopen" parameter.
> Thanks to Mathew Rodley.
>
> *) Feature: SSL support in the ngx_http_uwsgi_module.
> Thanks to Roberto De Ioris.
>
> *) Feature: vim syntax highlighting scripts were added to contrib.
> Thanks to Evan Miller.
>
> *) Bugfix: a timeout might occur while reading client request body in
> an
> SSL connection using chunked transfer encoding.
>
> *) Bugfix: the "master_process" directive did not work correctly in
> nginx/Windows.
>
> *) Bugfix: the "setfib" parameter of the "listen" directive might not
> work.
>
> *) Bugfix: in the ngx_http_spdy_module.
>
>
> --
> Maxim Dounin
> http://nginx.org/en/donation.html
>
> _______________________________________________
> nginx-announce mailing list
> nginx-announce@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-announce
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

[ANN] Windows nginx 1.5.8.3 Caterpillar (no replies)

December 18, 2013, 12:23 pm
$
0
0
19:46 18-12-2013: nginx 1.5.8.3 Caterpillar

Based on nginx 1.5.8 (release) with;
+ prove.zip (onsite), a Windows Test_Suite way to show/prove it all really works
with at the moment a limited amount of tests which will grow over time
+ Streaming with nginx-rtmp-module, v1.0.8 (upgraded 16-12)
+ pcre-8.34 (upgraded)
+ lua-nginx-module v0.9.3 (upgraded)
+ echo-nginx-module v0.50 (upgraded)
+ Source changes back ported (including fixes for the changed resolver API)
+ Source changes add-on's back ported (including fixes for the changed resolver API)
* More compiler optimizations
* Additional specifications are like 15:34 6-12-2013: nginx 1.5.8.2 Caterpillar

Builds can be found here:
http://nginx-win.ecsds.eu/

nginx misbehaviour in conjunction with non-ASCII characters (2 replies)

December 19, 2013, 6:19 am
$
0
0
Found a bug in implementation of MOVE and COPY (webdav) methods. It happens if destination header contains non-ASCII characters (that need to be escaped with "%").

An example:

Rename (=MOVE) file "<www-root>/TheCore.ogm" to "<www-root>/The_Core.ogm":

Request header:
--> MOVE http://andinas/TheCore.ogm HTTP/1.1
--> Destination: http://andinas/The_Core.ogm
Response header:
--> HTTP/1.1 204 No Content
--> Server: nginx/1.5.6
Result: File renamed to "The_Core.ogm". Fine!

Now rename (=MOVE) file "<www-root>/andinas/The_Core.ogm" to "<www-root>/andinas/The_ Core.ogm" (notice the blank after the underscore, but the same is true for äöüß and the like!):

Request header:
--> MOVE http://andinas/The_Core.ogm HTTP/1.1
--> Destination: http://andinas/The_%20Core.ogm
Response header:
--> HTTP/1.1 204 No Content
--> Server: nginx/1.5.6
Result: File renamed to "The_%20Core.ogm". Not so fine!

The escaped blank is treated by nginx MOVE as if it was not escaped!


Found a similar issue with this config-file line:
--> if ( $http_destination ~ https?://[^/]+/(.*) ) { set $httpdest http://localhost:8008/$remote_user/$1; }

(for this (working!) code that makes the destination header ready for proxy_pass to another webdav server with user dependent base folders (pyWebDav allows only one user :-/):
--> proxy_set_header Destination $httpdest;
--> proxy_pass http://127.0.0.1:8008/$remote_user$request_uri;
).

Here again, if $http_destination contains the perfectly correct escaped characters from the webdav client, the resulting $httpdest will additionally escape the "escape" characters.

Example:
Destination File = "<www-root>/The_ Core.ogm"
$http_destination = "http://andinas/The_%20Core.ogm" (correct)
$httpdest = "http://andinas/The_%2520Core.ogm" (wrong!)

Obviously here the highly undesirable transformation happens during the regex matching. But why? Can I switch that off somehow?

Workaround: Use perl function to replace "%25" by "%". Use the undocumented "r->variable()" for that!


If you are still reading :-): There are two very funny things about the
--> proxy_pass http://127.0.0.1:8008/$remote_user$request_uri;
line:
1) You cannot use localhost here. nginx needs a resolver as soon as there is a variable in the string. And at least I didn't manage to find a resolver that can resolve localhost.
2) Nowhere on the internet it's been said, that you need to add $request_uri to that line, but you do need! And it even must not be $uri, because that one has the same escaping issues like the other things I mentioned above.


OK, now I'm done ;-). Please help!

best regards
ako673de

How to delete cache based on expires headers? (3 replies)

December 24, 2013, 7:30 am
$
0
0
Hi

I'm using proxy_cache to mirror my files with the configuration below

proxy_cache_path  /var/cache/nginx/image levels=1:2 keys_zone=one:10m inactive=7d     max_size=100g;

Our backend server has the expires header set to 600secs

Is that posibble for us to also delete the cache files located at /var/cache/nginx/image depends on the backend expire header?
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Parallel subrequests (2 replies)

December 19, 2013, 8:01 am
$
0
0
Hi

I want write a http hadler(using subrequest) to deal with combine response from mutiple backend. but "Emiller's Advanced Topics In Nginx Module Development - 2.3. Sequential subrequests" issue that " Subrequests might need to access the network, and if so, Nginx needs to return to its other work while it waits for a response. So we need to check the return value of ngx_http_subrequest"
How to write a Parallel subrequests which several subrequests by POST in parallel rather than one by one after received preivous response ? thanks.



best regards
honwel

spdy protocol version 3 support (3 replies)

December 20, 2013, 5:18 am
$
0
0
Any update or eta on when we can expect spdy protocol version 3 in the 1.5.X branch?

Thanks.
Search

nginx variable to know the number of active connections (2 replies)

December 20, 2013, 8:54 am
$
0
0
Hello,

Is there a way to get the number of active connections in order to activate or a not a cache mechanism when nginx is in a high trafic period?

Regards
Jerome

Using 127.0.0.1 in resolver (3 replies)

December 21, 2013, 6:58 am
$
0
0
Using:

resolver 127.0.0.1 valid=300s;

Does not work. I assume this would simply uses the DNS servers listed in /etc/resolv.conf? Thanks.

[PATCH] SPDY: support for SPDY v3 (no replies)

December 22, 2013, 4:58 am
$
0
0
Hi,

We have just implemented the support for SPDY v3 in nginx, with flow
control (upload and download), and a switch option between SPDY v2 and
SPDY v3.

This patch is for Nginx-1.5.8.

The directives we added are:

spdy_version
syntax: spdy_version [2|3]
default: spdy_version 3
context: http, server
Specify the version of current SPDY protocol.

spdy_flow_control
syntax: spdy_flow_control on|off
default: spdy_flow_control on
context: http, server
Turn on or off with SPDY flow control.

spdy_init_recv_window_size
syntax: spdy_init_recv_window_size size
default: spdy_init_recv_window_size 64k
context: http, server
Specify the receiving window size for SPDY. By default, it's 64K. It
will send a WINDOW UPDATE frame when it receives half of the window
size data every time.

Hope this patch is helpful. Have fun :-)

Thank you.

--
Weibin Yao
Developer @ Web Platform Team of Taobao
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

trying to understand fastcgi (no replies)

December 22, 2013, 9:14 am
$
0
0
I was trying to understand the fastcgi forwarding. The example shows:

server {
server_name .website.com;
listen 80;
root /home/website/www;
index index.html;
location / {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
include fastcgi_params;
}
}

in SCRIPT_FILENAME, does $document_root == root /home/website/www; ?
and what value is usually stored in (SCRIPT_NAME)
$fastcgi_script_name? i don't understand what script SCRIPT_NAME
refers to. Am i suppose to set it or does it set itself?

It also says QUERY_STRING $query_string; is needed for configuring
fastcgi. But this example clearly hasn't used it?

Is the idea to have fastcgi_param for only the variables i want to
include? or is this config simply defining them with a value by
default?

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Redirect loop fixed, I need a better rule format (no replies)

December 22, 2013, 10:13 pm
$
0
0
Hello everyone,

I have a little problem on hand, related to redirect loop for a specific location:
server {
listen 192.168.1.2:443 spdy ssl default_server;
...
location ^~ /alpha {
return 301 https://www.domain.com$request_uri;
}
...
}
I would like to redirect URL's of this format:
https://www.domain.com/alpha/delta/[more of $request_uri]
To:
https://www.domain.com/delta/[more of $request_uri]

I can access fine the https://www.domain.com/delta/... directory. When the GET is performed on https://www.domain.com/alpha/, it tries to use the old REQUEST URI which is obviously wrong. I solved the issue this way:
location ^~ /alpha {
location /alpha {
return 301 https://www.domain.com/;
}
location ~ ^/alpha/(.+)$ {
return 301 https://www.domain.com/$1;
}
}

Is there a better (more compact) way to achieve the same results?
With the rules listed above, I tell Nginx to redirect /alpha or /alpha/ to /.
If the $request_uri contains something after /alpha, I grab the part of $request_uri after /alpha and push it to /.

Thank you for helping me make this configuration part better.

Redirect loop in combination with https and apache (no replies)

December 23, 2013, 2:08 am
$
0
0
Hi,

We have a setup with tomcat/apache and nginx.

When a redirect occurs from the application from https to http, the nginx
gets trapped in a redirect loop.

In the apache configuration we have this setting:

<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 month"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
..... more mimetypes

The nginx configuration has this location

location / {
proxy_pass http://def-t-site1/;
proxy_http_version 1.1;
proxy_hide_header Expires;
proxy_hide_header Last-Modified;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_cache http_def;
proxy_cache_key $scheme://$host$uri$is_args$args;
# proxy_cache_key "$scheme://$host$request_uri";
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
add_header Cache-Control "public";
add_header X-Cache-Status $upstream_cache_status;
add_header X-Via $hostname;
}

a similar setting we have for 443 port (https).

If we remove ExpiresDefault "access plus 1 month" from apache, the redirect
loop does not occur. The cache of nginx uses a TTL of 1 month after the
redirect occurs. This causes a redirect loop, since the https request is
cached as well.


So far, we tried several things
- proxy_cache_valid 200 301 0m;
No change in the TTL. The redirect loop is not solved, and the TTL is still
a month.

Then we tried to configure the expire headers in nginx. That solves the
redirect, but unfortunately
the expire headers are not set. We tried for instance:

if ($upstream_http_content_type ~ "image/jpeg") {
expires 2m;
}

or
map $upstream_http_content_type $new_cache_control_header_val {
default $upstream_http_cache_control;
"~*image/jpeg" "max-age=120, must-revalidate";
}

but these settings did not have any effect on the TTL of the images.

So, is there a way to avoid the redirect loop and set the expire header per
mimetype in nginx ?

Thanks!



--
Martijn Gijsberti Hodenpijl
Web Developer Hippo
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Connection timeout for upstream server !! (no replies)

December 26, 2013, 3:48 am
$
0
0
We're having following issue with nginx and php-fpm, please have a look on
logs :

2013/12/26 16:43:24 [error] 9906#0: *37001 upstream timed out (110:
Connection timed out) while reading response header from upstream, client:
192.252.214.240, server: search.com, request: "GET
/search/es/index_video.php?videoid=1593251&is_updated=yes HTTP/1.1",
upstream: "fastcgi://127.0.0.1:9000", host: "search.com"

Also tried increasing proxy timeout to 300 from nginx. When we telnet the
port 9000, connection automatically closed after 4~5 seconds :



Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
Connection closed by foreign host.

we've also found slow logs in php-fpm :

[root@search ~]# tail -30 /var/log/php-fpm/search-slow.log
[26-Dec-2013 16:44:48] [pool search] pid 10303
script_filename = /home/search/public_html/search/es/index_video.php
[0x00000000015e0960] curl_exec()
/home/search/public_html/search/es/index_video.php:90

[26-Dec-2013 16:45:11] [pool search] pid 10302
script_filename = /home/search/public_html/search/es/index_video.php
[0x00000000015e0960] curl_exec()
/home/search/public_html/search/es/index_video.php:90

[26-Dec-2013 16:45:18] [pool search] pid 10320
script_filename = /home/search/public_html/search/es/index_video.php
[0x00000000015d8950] curl_exec()
/home/search/public_html/search/es/index_video.php:90

[26-Dec-2013 16:45:28] [pool search] pid 10311
script_filename = /home/search/public_html/search/es/index_video.php
[0x00000000015e0960] curl_exec()
/home/search/public_html/search/es/index_video.php:73

[26-Dec-2013 16:45:34] [pool search] pid 10307
script_filename = /home/search/public_html/search/es/index_video.php
[0x00000000015e2cd0] curl_exec()
/home/search/public_html/search/vendor/ruflin/Elastica/lib/Elastica/Transport/Http.php:117
[0x00000000015e2a20] exec()
/home/search/public_html/search/vendor/ruflin/Elastica/lib/Elastica/Request.php:165
[0x00000000015e2568] send()
/home/search/public_html/search/vendor/ruflin/Elastica/lib/Elastica/Client.php:526
[0x00000000015e2278] request()
/home/search/public_html/search/vendor/ruflin/Elastica/lib/Elastica/Bulk.php:269
[0x00000000015e1fa0] send()
/home/search/public_html/search/vendor/ruflin/Elastica/lib/Elastica/Client.php:249
[0x00000000015e1d20] addDocuments()
/home/search/public_html/search/vendor/ruflin/Elastica/lib/Elastica/Index.php:123
[0x00000000015e1aa0] addDocuments()
/home/search/public_html/search/vendor/ruflin/Elastica/lib/Elastica/Type.php:161
[0x00000000015e0960] addDocuments()
/home/search/public_html/search/es/index_video.php:34

[26-Dec-2013 16:45:53] [pool search] pid 10322
script_filename = /home/search/public_html/search/es/index_video.php
[0x00000000015e0960] curl_exec()
/home/search/public_html/search/es/index_video.php:90


Please help me.

Regards.
Shahzaib
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Search

mod wsgi (1 reply)

December 27, 2013, 4:00 am
$
0
0
Hello Everyone,
Tried add mod wsgi and compilation fail. Any help thank you in advance.


<pre>
-o objs/addon/src/ngx_http_wsgi_module.o \
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c:184: error: 'ngx_garbage_collector_temp_handler' undeclared here (not in a function)
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c:184: warning: missing initializer
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c:184: warning: (near initialization for 'ngx_http_wsgi_commands[12].post')
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c: In function 'ngx_http_wsgi_merge_loc_conf':
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c:373: warning: passing argument 1 of 'ngx_conf_merge_path_value' from incompatible pointer type
src/core/ngx_file.h:142: note: expected 'struct ngx_conf_t *' but argument is of type 'struct ngx_path_t *'
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c:373: warning: passing argument 2 of 'ngx_conf_merge_path_value' from incompatible pointer type
src/core/ngx_file.h:142: note: expected 'struct ngx_path_t **' but argument is of type 'struct ngx_path_t *'
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c:373: warning: passing argument 3 of 'ngx_conf_merge_path_value' from incompatible pointer type
src/core/ngx_file.h:142: note: expected 'struct ngx_path_t *' but argument is of type 'char *'
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c:373: warning: passing argument 4 of 'ngx_conf_merge_path_value' makes pointer from integer without a cast
src/core/ngx_file.h:142: note: expected 'struct ngx_path_init_t *' but argument is of type 'int'
/home/volga629/rpmbuild/BUILD/nginx-1.4.4/mod_wsgi/src/ngx_http_wsgi_module.c:373: error: too many arguments to function 'ngx_conf_merge_path_value'
make[1]: *** [objs/addon/src/ngx_http_wsgi_module.o] Error 1
make[1]: Leaving directory `/home/volga629/rpmbuild/BUILD/nginx-1.4.4'
make: *** [build] Error 2
error: Bad exit status from /var/tmp/rpm-tmp.ajqqDV (%build)

</pre>

Serving default error pages with 'proxy_intercept_errors on' (2 replies)

December 28, 2013, 7:00 am
$
0
0
Hello,

I'm running nginx v1.4.1 on OpenBSD 5.4 and I'd like to use
'proxy_intercept_errors on' directive without providing my own error
pages. In other words, instead of forwarding page content from the
backend server, just use the error pages that nginx generates by
default.

This isn't supported normally, however the following configuration
seems to achieve the desired result (though you have to list the error
codes explicitly):

error_page 403 404 ... @error;
location @error { return 444; }

I didn't actually know what this would do until I tried it. I assume
that when a matching error code is received from the backend server,
nginx closes the proxy connection without reading the body and creates
a new internal request to @error, which is immediately closed without
a response. Thus, there is no body to send to the client, so it falls
back to the default behavior.

The question is whether this behavior is an accident and may change in
a future version, or if it's an acceptable way of intercepting errors
without providing custom error pages?

- Max

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

How do I disable DNS Caching and DNS Reverse Lookup in Nginx ? (3 replies)

January 1, 2014, 6:08 pm
$
0
0
Hello all

Ive been assigned a task to set up an ipv6 to ipv4 reverse proxy for my company. I decided to use nginx to do the job. I found the following article online which describes how to configure nginx as a reverse proxy :

http://www.kutukupret.com/2011/05/02/nginx-as-reverse-proxy-ipv6-to-ipv4-website/

So this is how i set up my reverse proxy. First off I installed RHEL 6.5 on a VM and installed nginx on it. Second off I set up an AAAA record in our DNS as a test FQDN so that I could use that FQDN to connect through the proxy to an IPV4 website. For example, the FQDN is ipv6.mycoolsite.com and the IPv4 website is www.yourcoolsite.com. I set up the default.conf file as such:

<quote>

server {
listen [::]:80 default ipv6only=on;
server_name ipv6.mycoolsite.com;

#charset koi8-r;
access_log /var/log/nginx/log/ipv6.mycoolsite.com.access.log main;
error_log /var/log/nginx/log/ipv6.mycoolsite.com.error.log;
location / {
# root /usr/share/nginx/html;
# index index.html index.htm;
proxy_pass http://www.yourcoolsite.com;
proxy_redirect default;
proxy_set_header X-Real-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 120;

}

}

</quote>

Here are the issues that I am currently having:

When I run the nginx service and I test the FQDN on an ipv6 enabled computer, I am able to access the IPV4 website www.yourcoolsite.com. But when I change the proxy_pass FQDN to a different IPV4 website in the config file and reload the service, ipv6.mycoolsite.com still connects to www.yourcoolsite.com and not to the new IPV4 FQDN. I think its loading a cached copy of www.yourcoolsite.com instead of loading the new IPV4 FQDN. When it finallly does load the new site, it does so REALLY slowly. I think this is due to reverse DNS lookup occuring!

Now what I am trying to figure out here is what is causing the caching to occur and the slow loading times? How do I go about disabling DNS caching as well as the reverse DNS lookup? I want to be able to connect the IPV4 website specified in the default.conf file when ever I change the file and reload the service. I dont want to connect to a cached copy of the previous IPV4 entry !

any help will be greatly appreciated!!




Oh and when I check the access logs after I test the proxy, this is what I see:

<quote>
- - [29/Dec/2013:01:31:13 -0500] "GET /commonspot/javascript/lightbox/window_ref.js HTTP/1.1" 200 11198 "http://ipv6.mycoolsite.com/" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
- - [29/Dec/2013:01:31:13 -0500] "GET /commonspot/javascript/util.js HTTP/1.1" 200 64891 "http://ipv6.mycoolsite.com/" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
- - [29/Dec/2013:01:31:13 -0500] "GET /commonspot/javascript/lightbox/lightbox.js HTTP/1.1" 200 59730 "http://ipv6.mycoolsite.com/" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
- - [29/Dec/2013:01:31:14 -0500] "GET /global/images/chrome/logos/slogan.png HTTP/1.1" 404 8839 "http://ipv6.mycoolsite.com/global/css/style.css" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
- - [29/Dec/2013:01:31:14 -0500] "GET /common/commonspot/templates/images/chrome/bg/results-bottom.png HTTP/1.1" 200 669 "http://ipv6.mycoolsite.com/" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
- - [29/Dec/2013:01:31:14 -0500] "GET /images/2013Dec5.jpg HTTP/1.1" 404 8849 "http://ipv6.mycoolsite.com/" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
- - [29/Dec/2013:01:31:14 -0500] "GET /images/2013Dec1.jpg HTTP/1.1" 404 8840 "http://ipv6.mycoolsite.com/" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
- - [29/Dec/2013:01:31:14 -0500] "GET /images/2013Dec2.jpg HTTP/1.1" 404 8847 "http://ipv6.mycoolsite.com/" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
- - [29/Dec/2013:01:31:14 -0500] "GET /images/2013Dec4.jpg HTTP/1.1" 404 8850 "http://ipv6.mycoolsite.com/" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
- - [29/Dec/2013:01:32:08 -0500] "GET /images/2013Dec3.jpg HTTP/1.1" 404 8842 "http://ipv6.mycoolsite.com/" "Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131023 Firefox/17.0" "-"
</quote>


Why am I getting a 404 response in the log entry?

Also here is the error log

<quote>

2013/12/27 13:13:01 [error] 6138#0: *248 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /commonspot/javascript/lightbox/lightbox.js HTTP/1.1", upstream: "http://[2001:1900:2302:2000::ff]:80/commonspot/javascript/lightbox/lightbox.js", host: "ipv6.mycoolsite.com", referrer: "http://ipv6.mycoolsite.com/index.htm"
2013/12/27 13:43:08 [error] 6138#0: *276 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /index.htm HTTP/1.1", upstream: "http://[2001:1900:2302:2000::ff]:80/index.htm", host: "ipv6.mycoolsite.com"
2013/12/29 01:14:03 [error] 13140#0: *402 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /global/js/libs/validation-engine.css HTTP/1.1", upstream: "http://[2001:1900:2300:1::ff]:80/global/js/libs/validation-engine.css", host: "ipv6.mycoolsite.com", referrer: "http://ipv6.mycoolsite.com/"
2013/12/29 01:14:03 [error] 13140#0: *406 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /global/js/jquery.scrollTo-min.js HTTP/1.1", upstream: "http://[2001:1900:2300:1::ff]:80/global/js/jquery.scrollTo-min.js", host: "ipv6.mycoolsite.com", referrer: "http://ipv6.mycoolsite.com/"
2013/12/29 01:14:03 [error] 13140#0: *410 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /global/js/libs/always-include-ie.js HTTP/1.1", upstream: "http://[2001:1900:2300:1::ff]:80/global/js/libs/always-include-ie.js", host: "ipv6.mycoolsite.com", referrer: "http://ipv6.mycoolsite.com/"
2013/12/29 01:14:04 [error] 13140#0: *404 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /images/2013Dec2.jpg HTTP/1.1", upstream: "http://[2001:1900:2300:1::ff]:80/images/2013Dec2.jpg", host: "ipv6.mycoolsite.com", referrer: "http://ipv6.mycoolsite.com/"
2013/12/29 01:14:04 [error] 13140#0: *408 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /images/2013Dec4.jpg HTTP/1.1", upstream: "http://[2001:1900:2300:1::ff]:80/images/2013Dec4.jpg", host: "ipv6.mycoolsite.com", referrer: "http://ipv6.mycoolsite.com/"
2013/12/29 01:15:34 [error] 13140#0: *410 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /global/css/colorbox.css HTTP/1.1", upstream: "http://[2001:1900:2300:1::ff]:80/global/css/colorbox.css", host: "ipv6.mycoolsite.com", referrer: "http://ipv6.mycoolsite.com/"
2013/12/29 01:25:57 [error] 13140#0: *472 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /global/js/libs/intercept-include.js HTTP/1.1", upstream: "http://[2001:1900:2300:1::ff]:80/global/js/libs/intercept-include.js", host: "ipv6.mycoolsite.com", referrer: "http://ipv6.mycoolsite.com/"
2013/12/29 01:32:07 [error] 13140#0: *510 upstream timed out (110: Connection timed out) while connecting to upstream, client: xxxx:xxxx:x:xxxx::xxx:xxxx, server: ipv6.mycoolsite.com, request: "GET /images/2013Dec3.jpg HTTP/1.1", upstream: "http://[2001:1900:2300:1::ff]:80/images/2013Dec3.jpg", host: "ipv6.mycoolsite.com", referrer: "http://ipv6.mycoolsite.com/"

</quote>

I had to blank out the IPV6 address for privacy's sake. Also i have no idea how to paste code properly in mailing lists! lol

Sorry I am a bit new web servers so any help will be greatly appreciated!

insert subdomain into query (no replies)

December 29, 2013, 12:26 pm
$
0
0
I have setup a wildcard subdomain server(many subdomains)
server {
listen 80;
server_name ~(?<subdomain>.*).localhost;
...
...
}

I want to make the subdomain apart of the query in the backend

when we visit http://clothes.localhost/
backend query
http://localhost/script.php?sd=clothes

or we visit http://jackets.localhost/large/blue/
backend query
http://localhost/script.php?sd=jackets&size=large&colour=blue

I have tried for 5 hours now, Modifying rewrite and return as many ways possible, Multiple errors such as

rewrite ^ http://$subdomain.localhost/script.php?x=$subdomain permanent;

http://clothes.localhost/script.php/script.php/script.php/script.php/script.php/script.php/script.php/script.php/?sd=clothes?sd=clothes&sd=clothes?sd=clothes&sd=clothes?sd=clothes&sd=clothes?sd=clothes&
or
http://localhost/localhost/localhost/localhost/localhost

etc etc(I have tried many more tweaks but didnt record all as I went along)

Thanks in advance for any intention to help or answers given.

problems setting ttl on single image... (2 replies)

December 29, 2013, 5:58 pm
$
0
0
I'm trying to enable a 10 minute autorefresh for my webcam which you can
see at http://www.diamondharbour.org.nz/Local-Weather.html

Server runs nginx 1.4.4 ( and an ancient CMS called Etomite ).

Here's the WPT result http://www.webpagetest.org/result/131229_HV_MK2/

Here's a snippet of my config...

location = /assets/Photo\ Gallery/Weather/current\.jpg {
expires 10m;
log_not_found off;
}

location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}

Why is is not setting a 10 minute expiry - the webpagetest report should
pick up on it??? I'm sort of expecting that it may have something to do
with the space in the URL?

Any pointers gratefully received (:


Steve
--
Steve Holdoway BSc(Hons) MIITP
http://www.greengecko.co.nz
Linkedin: http://www.linkedin.com/in/steveholdoway
Skype: sholdowa

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Viewing all 7229 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>