Seems that NGINX wont pass the correct HTTP protocol to HHVM backend.
Here the tests I've done:
If the client send a HTTP/1.1 request (non chunked) NGINX pass it to the HHVM backend and the correct response come back to the client
(client) (server backend)
HTTP/1.1(non chunked) -> NGINX -> HHVM
|
v
(HTTP/1.1 200) <- NGINX <- (non chunked response)
If the client send a HTTP/1.1 request (chuncked), the server produce a chunked reponse, but NGINX fire this log message
upstream prematurely closed connection while reading response header from upstream, request: "POST /soap HTTP/1.1", upstream: "fastcgi://unix:/var/run/hhvm/sock:"
and return a 502 (bad gateway) response
(client) (server backend)
HTTP/1.1(chunked) -> NGINX -> HHVM
|
v
(HTTP/1.1 502) <- NGINX <- (chunked response)
Why I got a 502 from NGINX using chunked response?
Is there something wrong with hhvm/fastcgi/hhvm config?
I double checked that backend give a correct 1/1 response :(
I've a scenario with:
NGINX:nginx/1.4.6 (Ubuntu)
HHVM: HipHop VM 3.6.1 (rel)
The NGINX config is
server {
listen 80;
server_name xxxxx;
root /usr/share/nginx/web;
include hhvm.conf;
location / {
# try to serve file directly, fallback to rewrite
try_files $uri #rewriteapp;
}
location #rewriteapp {
# rewrite all to app.php
rewrite ^(.*)$ /app.php/$1 last;
}
location ~ ^/(app|app_dev|app_benchmark|app_logall|config)\.php(/|$) {
fastcgi_keep_conn on;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/var/run/hhvm/sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 16k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_read_timeout 240;
fastcgi_intercept_errors on;
include fastcgi_params;
}
}
Related
I have the following docker-compose with traefik and a service (https://github.com/Okazanta/Dockerized) that uses nginx to serve its web files
service:
image: my.registry.service
expose:
- "8000"
labels:
- traefik.enable=true
- traefik.http.routers.service.middlewares=strip-prefix#file
- traefik.http.routers.service.rule=PathPrefix(`/status`)
- traefik.http.routers.service.tls=true
- traefik.http.services.service.loadbalancer.server.port=8000
The service is a web application made with php and served with the following nginx configuration:
server {
listen 8000 default; ## Listen for ipv4; this line is default and implied
listen [::]:8000 default; ## Listen for ipv6
# Make site accessible from http://localhost/
server_name localhost;
root /var/www/html/public;
index index.php;
charset utf-8;
location / {
try_files $uri /index.php$is_args$args;
}
# Cache images
location ~* .(jpg|jpeg|png|gif|ico|css|js|ttf|svg)$ {
expires 365d;
}
# Pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass_header Set-Cookie;
fastcgi_pass_header Cookie;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
fastcgi_cache_bypass 1;
fastcgi_no_cache 1;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
fastcgi_keep_conn on;
}
location ~ /\.ht {
deny all;
}
}
When I make the request to myhost.com/status, only the first request reaches the service. All other requests are made without the /status prefix, so it gets a 404 response. Looking at the browser network tab I see the requests made:
myhost.com/status # 200
myhost.com/dist/css.... # 404, it should be myhost.com/status/dist/css...
myhost.com/dist/js.... # 404, it should be myhost.com/status/dist/js...
....
Log of nginx when I open https://myhost.com/status:
"GET / HTTP/1.1" 200 14321 "-"
Nothing more
I don't understand what is removing the /status prefix for other requests
I have a problem with my NginX / php-fpm / Laravel stack.
The content of post body randomly appear in the response, producing invalid JSON.
Request example :
POST / HTTP/1.1
Accept: application/json
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Host: host
Connection: close
User-Agent: Paw/3.2.1 (Macintosh; OS X/11.2.1) GCDHTTPRequest
Content-Length: 9
test=test
The Response :
HTTP/1.1 500 Internal Server Error
Server: nginx/1.14.0 (Ubuntu)
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache, private
Date: Tue, 16 Feb 2021 07:46:25 GMT
test=test{"error_message":"The POST method is not supported for this route."}
The error is normal (there is no POST route for this uri). But as you can see, the post body appear in the response. (randomly, 1 out of 5 times the request works fine)
It doesn't come from the Laravel stack, I tested it by setting a var_dump / die on top of the index.php (before Laravel loads) and the same problem happens.
Any insights ?
Thank you.
Ah maybe my NginX config :
server {
access_log /var/log/nginx/access;
error_log /var/log/nginx/error;
root /root/devs/peps/www/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name server_name;
underscores_in_headers on;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/html/public$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass 127.0.0.1:9002;
}
listen [::]:443 ssl;
listen 443 ssl;
ssl_certificate [path to cert]
ssl_certificate_key [path to privkey]
}
I had the same issue and resolved it by disabling nginx caching:
location / {
proxy_no_cache 1;
proxy_cache_bypass 1;
#.......
}
Running Wordpress on Nginx + Php-FPM. We are getting these kind of warning message in our error logs:
[warn] 25518#25518: *34774 an upstream response is buffered to a temporary file /var/lib/nginx/fastcgi/5/01/0000000015 while reading upstream, client: 80.94.93.51, server: domain.com, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.4-fpm.sock:"
After reading several other threads about similar issues we have modified our configuration by adding proxy_buffers as seen below but this doesn't solve the issue.
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_intercept_errors on;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
proxy_buffers 16 16k;
proxy_buffer_size 16k;
}
server {
listen 80 ;
listen [::]:80 ;
server_name php.local.com;
root /var/www/html/php/;
index index.php;
error_log /var/www/html/php/error.log;
# set expiration of assets to MAX for caching
location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
expires max;
log_not_found off;
}
# main codeigniter rewrite rule
location / {
try_files $uri $uri/ /index.php;
}
# php parsing
location ~ .php$ {
root /var/www/html/php/;
try_files $uri =404;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 4k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
}
Its showing error in log but not on browser.
Example of Error :
2019/08/06 01:28:13 [error] 14325#14325: *1 FastCGI sent in stderr:
"PHP message: PHP Parse error: syntax error, unexpected '?>' in
/var/www/html/php/scalar_type.php on line 18" while reading response
header from upstream, client: 127.0.0.1, server: php.local.com,
request: "GET /scalar_type.php HTTP/1.1", upstream:
"fastcgi://unix:/var/run/php/php7.1-fpm.sock:", host: "php.local.com",
referrer: "http://php.local.com/"
I have an issue configuring Nginx correctly to work with Slim POST route.
In a post here on StackOverflow it was said that it is not a good practice to rewrite POST request.
Post: nginx rewrite post data
The idea is to have http://someurl.com/scan which is a POST route in index.php and allow only POST requests on the /scan and deny everything else.
index.php:
$app->post('/scan', function(ServerRequestInterface $request, ResponseInterface $response) { ... }
My Nginx conf looks like this:
server {
listen 80;
server_name someurl.com;
index index.php;
root /var/www/maxime/public;
error_log /var/log/nginx/max.err
access_log /var/log/nginx/max.log
location / {
deny all;
}
location = /scan {
limit_except POST {
deny all;
}
rewrite ^/scan$ /index.php last;
}
location ~ index\.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
fastcgi_pass php_pool;
fastcgi_keep_conn on;
}
}
To me this conf tells me that if a request is done on /scan and it is a POST request then we "redirect" everything to /index.php. Then the index.php location block comes into action which passes everything to the index.php or am I mistaking somewhere?
Currently with this setup I get this error in Nginx:
*100778 readv() failed (104: Connection re
set by peer) while reading upstream client: 123.123.123.123, server: someurl.com,
request: "POST /scan HTTP/1.1", upstream: "fastcgi://127.0.0.1:9001", host: "someurl.com"