Nginx

From DWIKI

HTTP server, proxy, reverse proxy etc

Links

Documentation

Nginx and php-fpm

Notes

SSL certificates

The host.crt goes first in the bundle 


server {
 listen   443;
 ssl    on;
 ssl_certificate    /etc/ssl/your_domain_name.pem; (or bundle.crt)
 ssl_certificate_key    /etc/ssl/your_domain_name.key;
 server_name your.domain.com;
 access_log /var/log/nginx/nginx.vhost.access.log;
 error_log /var/log/nginx/nginx.vhost.error.log;
 location / {
  root   /home/www/public_html/your.domain.com/public/;
  index  index.html;
 }
}

HOWTO

Get configuration items

getconf PAGESIZE

Redirecting in nginx

https://www.liquidweb.com/kb/redirecting-urls-using-nginx/

enable ipv6

In server section add 

listen [::]:443;

Configure buffer sizes

See https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size


Rate limiting

FAQ

Conflicting server name XXX on 0.0.0.0:80

FastCGI sent in stderr: "Primary script unknown"

Usually means the php script just isn't there

Error messages

no live upstreams while connecting to upstream

can't connect to whatever backend?


upstream sent too big header while reading response header from upstream


an upstream response is buffered to a temporary file

(SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking

Usually just a bad client or a scan.

cannot load certificate "/etc/ssl/certs/ssl-cert-snakeoil.pem

Probably ubuntu? 

apt install ssl-cert

access forbidden by rule

look for allow or deny lines

a client request body is buffered to a temporary file

PLay some with 

client_body_buffer_size 10M;
client_max_body_size 10M;

TODO check, this doesn't seem to apply If all else fails just set: 

   proxy_max_temp_file_size 0;

and see if you get some feedback :)

upstream timed out

Look for proxy_pass

Logging

Log level

Doesn't seem to be documented, defaults to log all?

Retrieved from "https://wiki.dhits.nl/index.php?title=Nginx&oldid=8541"