mod_fcgid timeout (no replies)

November 24, 2015, 10:44 am

≫ Next: session persistence for non browser based services (12 replies)

≪ Previous: need help with unknown directive error (no replies)

$

0

0

hey guys im getting the following error when running a script on my server:

mod_fcgid: read data timeout in 120 seconds
End of script output before headers: index.php

i've being trying to source how to increase the mod_fcgid value, but i'm having no joy!

can someone please tell me how to increase the mod_fcgid value please?

thank you

---

session persistence for non browser based services (12 replies)

November 26, 2015, 9:09 am

≫ Next: multiple nginx reverse proxy (no replies)

≪ Previous: mod_fcgid timeout (no replies)

$

0

0

Hi,

I have non browser based RESTFul services(coming from another proxy server). I am using NGINX for load balancing.
For stateless requests, I am using round robin method.
Need to implement stateful requests.

Cannot use ip hash, as all requests come from same proxy server(no separate IPs).
Sticky session is based on cookies, not sure if cookies will work for non browser based requests.

for my sequence of requests I have a server defined session which I can use for routing to the same server for my stateful requests.

Please advice the best way to do it.

multiple nginx reverse proxy (no replies)

November 27, 2015, 5:20 pm

≫ Next: Nginx + Tomcat - Issues when redirecting to SSL (no replies)

≪ Previous: session persistence for non browser based services (12 replies)

$

0

0

hello
i am trying to setup multiple nginx reverse proxy
current i have 1 reverse proxy

example.com point to reverse proxy ip
and this is the config in reverse proxy server
server {
listen 80;
server_name example.com;
access_log off;
error_log off;
location / {
proxy_pass http://ip/; = the ip the website where website files are located
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
access_log off;
log_not_found off;

} }

attached example image

thanks

Nginx + Tomcat - Issues when redirecting to SSL (no replies)

November 27, 2015, 6:28 pm

≫ Next: Reverse Proxy, basic-basic config. (1 reply)

≪ Previous: multiple nginx reverse proxy (no replies)

$

0

0

Apologies first of all, because I basically have no idea what I'm doing, so please be patient with me!

I'm trying to install my SSL and to use Nginx as frontend of my Tomcat application
I got my SSL certificate from GoDaddy, I struggled a lot but I managed to generate it. After I installed Nginx and set everything up I noticed that I had a key values mismatch. I spent a lot of time but I managed to get their modules to match and then I finally got Nginx to start. Now I just can't reach my domain with HTTPS as desired, I receive on Chrome the message


SSL connection error

ERRSSLPROTOCOL_ERROR
Hide details
Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.

_____
The log files (access and error) at /var/log/nginx are completely empty and here is my nginx.conf file which I got as sample from here
https://github.com/loftuxab/alfresco-ubuntu-install/blob/master/nginx/nginx.conf

user www-data;
worker_processes 2;
pid /run/nginx.pid;

events {
worker_connections 1024;
# multi_accept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;

server_names_hash_bucket_size 64;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# Logging Settings
##

access_log on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;
gzip_disable "msie6";
gzip_http_version 1.1;
gzip_comp_level 6;
#gzip_min_length 256;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types text/xml text/plain application/json text/javascript application/javascript application/x-javascript text/css text/csv text/x-markdown text/x-web-markdown application/atom+xml application/rss+xml application/atomsvc+xml;
#gzip_vary on;

# Set proxy cache path
proxy_cache_path /var/cache/nginx/alfresco levels=1 keys_zone=alfrescocache:256m max_size=512m inactive=1440m;

# Main website Tomcat instance
upstream alfresco {
server localhost:8080;
}

# Uncomment if you want redirect to https
server {
listen 80 default_server ;
listen [::]:80 default_server ipv6only=on;
server_name mydomain.com www.mydomain.com;
server_name_in_redirect off;
rewrite ^ https://mydomain.com permanent;
}

# Default server config. Update servername.
server {
#listen 80 default_server ;
#listen [::]:80 default_server ipv6only=on;
listen 443 default_server ssl;
#listen 443 ssl spdy default_server;
server_name www.mydomain.com;

root /opt/alfresco/www;
index index.html index.htm;

# Redirecto root requests to Share
rewrite ^/$ /share;

ssl on;
ssl_certificate /etc/nginx/ssl/a.crt;
ssl_certificate_key /etc/nginx/ssl/a.key;

ssl_session_timeout 15m;

ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_prefer_server_ciphers on;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;

# spdy Support, use add_header if you do not use redirection from http to https
#add_header Alternate-Protocol 443:npn-spdy/2;
#spdy_headers_comp 4;

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.html;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}

# redirect server error pages to the static page /50x.html
#
error_page 502 503 504 /maintenance.html;
location = /maintenance.html {
root /opt/alfresco/www;
}

# Access to old Alfresco web client. Remove this location if not needed.
location /alfresco {

# Allow for large file uploads
client_max_body_size 0;

# Proxy all the requests to Tomcat
proxy_http_version 1.1;
#proxy_buffering off;
proxy_pass http://alfresco;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Server $host;
}

location /share {

# Allow for large file uploads
client_max_body_size 0;

# Proxy all the requests to Tomcat
proxy_http_version 1.1;
#proxy_buffering off;
proxy_pass http://alfresco;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Server $host;
}

location /share/proxy/alfresco {
# This section is for allowing to rewrite 50x response to 401 on Ajax req.
# This forces Share to reload page, and thus display maintenance page

# Allow for large file uploads
client_max_body_size 0;

# Proxy all the requests to Tomcat
proxy_http_version 1.1;
#proxy_buffering off;
proxy_pass http://alfresco;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Server $host;
proxy_intercept_errors on;
error_page 502 503 504 =401 /maintenance.html;
}

location /share/res/ {

# Proxy all the requests to Tomcat
proxy_http_version 1.1;
proxy_pass http://alfresco;
proxy_set_header Host $http_host;

proxy_cache alfrescocache;
proxy_cache_min_uses 1;
proxy_cache_valid 200 302 1440m;
proxy_cache_valid 404 1m;
proxy_cache_use_stale updating error timeout invalid_header http_500 http_502 http_503 http_504;
}
}


Thanks in advance for any help

Reverse Proxy, basic-basic config. (1 reply)

November 29, 2015, 1:50 pm

≫ Next: What is the path for the environmental variables file in Nginx? (no replies)

≪ Previous: Nginx + Tomcat - Issues when redirecting to SSL (no replies)

$

0

0

A IIS server is located on 172.16.16.11 thats host a website on port 80
My Nginx-server is located on 192.168.1.49. (CentOS 7)
The DNS server points to the 192.168.1.49 machine with the A record of www.test.com and test.com that should proxy to 172.16.16.11.

Can someone help me a very basic config? Just want a quick and dirty configuration. Been following some tutorials on the web, even the most basic tuts seems to be to complicated for me. ;-)

Im running this at the moment in my nginx.conf. Only those lines, do I need rest of the config to?

server {
listen 80;
location / {
proxy_pass http://172.16.16.11;
}
}

What is the path for the environmental variables file in Nginx? (no replies)

November 29, 2015, 2:33 pm

≫ Next: New Relic plugin setup error (no replies)

≪ Previous: Reverse Proxy, basic-basic config. (1 reply)

$

0

0

In Apache I store my secret keys for environmental variables in ~/.profile:
export HMAC_SECRET=123

Running the command `printenv | less` in Ubuntu terminal, is giving me the content of the key.

I tried the same in Nginx but I cannot view the key.

How to setup env in Nginx?

New Relic plugin setup error (no replies)

December 1, 2015, 2:12 am

≫ Next: Compile nginx from source with 3rd party modules in windows (no replies)

≪ Previous: What is the path for the environmental variables file in Nginx? (no replies)

$

0

0

We tried integrating the NewRelic agent plugin and encountered error with unpacking the .deb file.
So I forced over-write with dpkg -i --force-overwrite /var/cache/apt/archives/nginx_1.9.6-1~precise_amd64.deb

And ran the command apt-get install nginx again.
Attached is the nginx-nr-agent.ini file and screenshot of the error.

Any help is appreciated.

Compile nginx from source with 3rd party modules in windows (no replies)

December 3, 2015, 9:44 am

≫ Next: Permission on /var/www folder (no replies)

≪ Previous: New Relic plugin setup error (no replies)

$

0

0

Hi..

I am new to nginx and have set it up on my windows machine. I want to include a 3rd party module -Sticky module.
But I need to include it in source and recompile it from source.
Could not understand the module readme file as I have never worked on C. Moreover all forums on websites give steps for unix/linux.

Some details on doing this on windows would be great.

Thanks

---

Permission on /var/www folder (no replies)

December 4, 2015, 4:39 am

≫ Next: Selective rewrite/redirection (4 replies)

≪ Previous: Compile nginx from source with 3rd party modules in windows (no replies)

$

0

0

Hello everyone!

I need to know if making www-data owner of the full /var/www map with the following permissions is safe;

When I do ls -l in my var/www map I get the following results;
drwxr-sr-x 5 www-data www-data 4096 site1
drwxr-sr-x 5 www-data www-data 4096 site2
drwxr-sr-x 5 www-data www-data 4096 site3
drwxr-sr-x 5 www-data www-data 4096 site4
drwxr-sr-x 2 www-data www-data 4096 HTML

My last site was hacked so I want to be sure this time.

Used the following commands (Ubuntu)
sudo chown -R www-data:www-data /var/www
sudo chmod 0755 -R /var/www
sudo chmod g+s -R /var/www

Selective rewrite/redirection (4 replies)

December 5, 2015, 12:16 pm

≫ Next: Virtualhost Isolation (1 reply)

≪ Previous: Permission on /var/www folder (no replies)

$

0

0

Hello, everyone, I need some help. I have this:

server {
listen 443 ssl spdy;
server_name example-01.com;
[...]
}

server {
listen 443 ssl spdy;
server_name example-02.com;
[...]
}

server {
listen 443 ssl spdy;
server_name example-03.com;
[...]
}

server {
listen 80;
server_name example-04.com;
[...]
}

server {
listen 80;
server_name example-05.com;
[...]
}

server {
listen 80;
server_name example-06.com;
[...]
}


What I am looking for is to automatically redirect all non-SSL to SSL for those domains (with www, and without) that are running SSL, while still allowing regular non-SSL (with www, and without) access to those domains running without SSL. What would the simplest way be? Thanks!

Virtualhost Isolation (1 reply)

December 7, 2015, 1:33 pm

≫ Next: gzip_types docx xlsx problem (no replies)

≪ Previous: Selective rewrite/redirection (4 replies)

$

0

0

With an Apache server I had a number of Wordpress sites on it. When one got hacked they all got messed up. I then added this code to Isolate each site and after that if one got messed up the other ones were still good:

In the virtualhost config:
DocumentRoot /home/www/public_html/website.com/www
<Directory /home/www/public_html/website.com/www>
php_admin_value open_basedir "/home/www/website.com/www:/tmp:/home/www/CommonSite/www"
</Directory>

I'm not running an NGINX server as the performance is definitely improved but one of the sites got hacked and it spread to all the other ones. How would I add some isolation between the sites so that if one gets infected it isn't spread throughout them all?

Thank you

gzip_types docx xlsx problem (no replies)

December 7, 2015, 10:52 pm

≫ Next: Proxy response body for errors (e.g. 500) (no replies)

≪ Previous: Virtualhost Isolation (1 reply)

$

0

0

Hi all,
I'm using Nginx 1.8 build from source , Centos 6.4 64 bit, when I try to gzip_type directive in my virtualhost.conf I got error, I cannot restart Nginx:
<code>
# if congiguration is :
gzip on;
gzip_comp_level 9;
gzip_min_length 1024;
gzip_types text/plain text/css application/xml application/javascript image/jpeg image/x-icon image/gif image/png video/jpeg image/bmp image/tiff application/vnd.ms-excel application/vnd.openxmlformats-officedocument.wordprocessingml.document;
gzip_disable "MSIE [1-6]\.";
# I got error when restart nginx
nginx: [emerg] could not build the test_types_hash, you should increase test_types_hash_bucket_size: 64
nginx: configuration file /opt/nginx/conf/nginx.conf test failed

# I exclude application/vnd.ms-excel application/vnd.openxmlformats-officedocument.wordprocessingml.document from gzip_types I can restart Nginx normally
gzip on;
gzip_comp_level 9;
gzip_min_length 1024;
gzip_types text/plain text/css application/xml application/javascript image/jpeg image/x-icon image/gif image/png video/jpeg image/bmp image/tiff application/vnd.ms-excel;
gzip_disable "MSIE [1-6]\.";
</code>
I tried
<code>
server_names_hash_bucket_size 128;
server_names_hash_max_size 1024;
</code>
But it still not working, please give me some advice.
Thank you very much.

Proxy response body for errors (e.g. 500) (no replies)

December 9, 2015, 4:54 am

≫ Next: 2 domains with 2 certificates, 1 public IP, 1 nginx server (no replies)

≪ Previous: gzip_types docx xlsx problem (no replies)

$

0

0

Looks like nginx removes response body when HTTP code is 5xx.

Is there a way to make nginx proxy the original response body?

2 domains with 2 certificates, 1 public IP, 1 nginx server (no replies)

December 9, 2015, 6:43 pm

≫ Next: Signed SSL not working on virtual host / server block (1 reply)

≪ Previous: Proxy response body for errors (e.g. 500) (no replies)

$

0

0

Hello all,

I hope you can help me out here because I cannot figure out why this is happening. I have the following 2 domains:

alpha.com
beta.com

they both pointing to same server IP:

x.x.x.x

I have a single nginx running on this server. On my firewall, i have ports 80 and 443 forwarded to this server's internal IP;

192.168.1.2

both of the domains have their own certificates.

Here are the server configuration for both of these domains:

alpha.com: http://pastebin.com/u9absNMe
beta.com: http://pastebin.com/m7dV2cqk

Problem: The problem here is that when I go to alpha.com, the sever redirects me to https://alpha.com and loads the content of alpha.com, so far it's great. When i open a new tab on my browser and type beta.com, the url on my browser changes to https://beta.com but loads the content of alpha.com.

How would I tell nginx to server the right directory for each domain based on which URL was typed in the browser and still keep the https?

Thanks.

Signed SSL not working on virtual host / server block (1 reply)

December 12, 2015, 3:26 am

≫ Next: sitemap.xml not working 404 (no replies)

≪ Previous: 2 domains with 2 certificates, 1 public IP, 1 nginx server (no replies)

$

0

0

Hi,

I'm new to NGINX and am having trouble with getting signed SSL certificates to work.

Followed this tutorial in setting up:
https://www.digitalocean.com/community/tutorials/how-to-install-an-ssl-certificate-from-a-commercial-certificate-authority

Now everything works without SSL, but as soon as I change the sites-available config to allow SSL I can't get any page. In firefox I get this error:
Error code: ssl_error_rx_record_too_long

My aim is to redirect all HTTP to HTTPS. Changed my crt and key to root:root.

Here is my settings for:
sudo nano /etc/nginx/sites-available/mydomain.com.au

# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
server {
listen 80;
#listen [::]:80;

server_name mydomain.com.au;

rewrite ^/(.*) https://mydomain.com.au/$1 permanent;

ssl_certificate /home/user/pixelcode.com.au.chained.crt;
ssl_certificate_key /home/user/mydomain.com.au.key;

root /var/www/mydomain.com.au/public_html;
index index.html index.php;

location / {
try_files $uri $uri/ =404;
}

location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}


# Caching Control

#disable html cache
location ~* \.html$ {
expires -1;
}

location ~* \.(css|js|gif|jpeg|jpg|png|bmp|svg+xml|svg|webp|ogg)$ {
expires 3m;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}

location ~* \.pdf$ {
expires 1y;
}

}




Any help?

Thanks

---

sitemap.xml not working 404 (no replies)

December 13, 2015, 3:26 am

≫ Next: How to change request parameters before passing request to proxy. (no replies)

≪ Previous: Signed SSL not working on virtual host / server block (1 reply)

$

0

0

Hi,

I am trying to get my sitemap.xml file to work, but keep getting a 404 page.

Tried many rewrite's in my server block config file but nothing seams to work. It's not a wordpress site. I have php enabled just can't get the xml file to work.

Any help would be great.

Thanks

How to change request parameters before passing request to proxy. (no replies)

December 13, 2015, 8:16 am

≫ Next: Nginx 3rd party sticky module with backup server (8 replies)

≪ Previous: sitemap.xml not working 404 (no replies)

$

0

0

Hi,

I am using Nginx to proxy request to some backend server.
For this, i am using proxy_pass module to redirect.
Config file:
location = /hello {
proxy_pass: abc.com
}

I want to execute the following workflow.
Request to nginx server --> change request parameters --> pass the request to abc.com --> change the response parameters --> send response back to client.

Is this possible with nginx ? Any help/pointers to this problem would be appreciated.

Nginx 3rd party sticky module with backup server (8 replies)

December 14, 2015, 7:20 am

≫ Next: Sticky module with SSL (1 reply)

≪ Previous: How to change request parameters before passing request to proxy. (no replies)

$

0

0

Hi,

I want to use nginx 3rd party sticky module in opensource nginx, but I also need to configure a backup server. Nginx sticky module does not allow backup directive.
Is there any alternate way to configure a backup server along with using sticky module?

Thanks.

Sticky module with SSL (1 reply)

December 14, 2015, 8:23 am

≫ Next: Is it possible to move /var/www folder by another one as /media/pi/USBSTICK/www ? (1 reply)

≪ Previous: Nginx 3rd party sticky module with backup server (8 replies)

$

0

0

Does sticky module work with SSL on, for https requests? Has anyone tried?

Is it possible to move /var/www folder by another one as /media/pi/USBSTICK/www ? (1 reply)

December 17, 2015, 2:26 am

≫ Next: 403 on allowed IP (no replies)

≪ Previous: Sticky module with SSL (1 reply)

$

0

0

I there,
I am a french newbie user of Nginx.
My web site works perfectly when I use /var/www folder.
But, I use a Raspberry Pi to heberge it.
As you known, Rapsberry PI is a nano PC that use MicroSD card (8GB for my case).
I would like to use a harddisk or another USBStick to stock and partage photos and videos throught my web site.
Is it possible to move /var/www folder by another one as /media/pi/USBSTICK/www ?
I have modify "sites-available/default" file to take this changes. But firefox, or IceWasel displayes "403 error page".
Maybe is it forbidden to use /media/pi/USBSTICK/www folder...