Nginx: Difference between revisions

From DWIKI
Line 43: Line 43:
  listen [::]:443;
  listen [::]:443;


===Error messages===
==Error messages==
===no live upstreams while connecting to upstream===
===no live upstreams while connecting to upstream===
can't connect to whatever backend?
can't connect to whatever backend?
Line 59: Line 59:
look for allow or deny lines
look for allow or deny lines


===a client request body is buffered to a temporary file===
==Logging==


===Log level===
===Log level===

Revision as of 11:35, 13 October 2022

HTTP server, proxy, reverse proxy etc

Links

Notes

SSL certificates

The host.crt goes first in the bundle


server {
 listen   443;
 ssl    on;
 ssl_certificate    /etc/ssl/your_domain_name.pem; (or bundle.crt)
 ssl_certificate_key    /etc/ssl/your_domain_name.key;
 server_name your.domain.com;
 access_log /var/log/nginx/nginx.vhost.access.log;
 error_log /var/log/nginx/nginx.vhost.error.log;
 location / {
  root   /home/www/public_html/your.domain.com/public/;
  index  index.html;
 }
}

HOWTO

Get configuration items

getconf PAGESIZE


Configure buffer sizes

See https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size

FAQ

Redirecting in nginx

https://www.liquidweb.com/kb/redirecting-urls-using-nginx/


enable ipv6

In server section add

listen [::]:443;

Error messages

no live upstreams while connecting to upstream

can't connect to whatever backend?


upstream sent too big header while reading response header from upstream

(SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking

Usually just a bad client or a scan.


access forbidden by rule

look for allow or deny lines

a client request body is buffered to a temporary file

Logging

Log level

Doesn't seem to be documented, defaults to log all?