I am using WT-NMP software with combination of php,mysql and ngnix server.
worker_processes 1;
events {
worker_connections 1024;
}
http {
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
ssi off;
#Timeouts
client_body_timeout 5;
client_header_timeout 5;
keepalive_timeout 25 25;
send_timeout 15s;
resolver_timeout 3s;
#Directive sets timeout period for connection with FastCGI-server. It should be noted that this value can't exceed 75 seconds.
fastcgi_connect_timeout 5s;
#Directive sets the amount of time for upstream to wait for a fastcgi process to send data. Change this directive if you have long running fastcgi processes that do not produce output until they have finished processing. If you are seeing an upstream timed out error in the error log, then increase this parameter to something more appropriate.
fastcgi_read_timeout 40s;
#Directive specifies request timeout to the server. The timeout is calculated between two write operations, not for the whole request. If no data have been written during this period then serve closes the connection.
fastcgi_send_timeout 15s;
fastcgi_buffers 8 32k;
fastcgi_buffer_size 32k;
#fastcgi_busy_buffers_size 256k;
#fastcgi_temp_file_write_size 256k;
open_file_cache off;
#php max upload limit cannot be larger than this
client_max_body_size 8m;
####client_body_buffer_size 1K;
client_header_buffer_size 1k;
large_client_header_buffers 2 1k;
types_hash_max_size 2048;
include nginx.mimetypes.conf;
default_type text/html;
##
# Logging Settings
##
access_log "c:/wt-nmp/log/nginx_access.log";
error_log "c:/wt-nmp/log/nginx_error.log" warn; #debug or warn
log_not_found on; #enables or disables messages in error_log about files not found on disk.
rewrite_log off;
#Leave this off
fastcgi_intercept_errors off;
gzip off;
index index.php index.htm index.html;
server {
listen 127.0.0.1:80 default_server;
listen 127.0.0.1:8080;
#listen [::1]:80 ipv6only=on;
server_name mylocalhost;
root "c:/wt-nmp/www/projectname";
autoindex on;
error_log "c:/wt-nmp/log/nginx_error.log";
allow 127.0.0.1;
#allow ::1;
deny all;
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
#tools are now served from wt-nmp/include/tools/
location ~ ^/tools/.*\.php$ {
root "c:/wt-nmp/include";
try_files $uri =404;
include nginx.fastcgi.conf;
fastcgi_pass php_farm;
}
location ~ ^/tools/ {
root "c:/wt-nmp/include";
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass php_farm;
include nginx.fastcgi.conf;
}
}
include domains.d/*.conf;
include nginx.phpfarm.conf;
}
when I am trying to access with "mylocalhost" its working fine when I am firing an event and call ajax method . It is giving page not found message
WT-NMP - portable Nginx Mysql Php development stack for Windows README.md states:
Starting only one PHP-CGI server with wt-nmp.exe --phpCgiServers=1 will result in slow ajax requests since Nginx will not be able to process PHP scripts simultaneous.
So, make sure you use the latest version of WT-NMP and choose at least 3 PHP-CGI servers.
Related
When huge request hits on nginx server it returns 502 bad gateway error. I have tried multiple answer from stackoverflow including this How to fix 502 Bad Gateway Error in production(Nginx)? But nothing works for me. Someone help for me
worker_processes 1;
daemon off;
user root;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 330;
client_max_body_size 512M;
server_tokens off;
gzip on;
gzip_types application/json;
access_log /dev/stdout;
error_log /dev/stdout;
# Adding proxy timeout
proxy_read_timeout 330;
proxy_connect_timeout 330;
proxy_send_timeout 330;
server {
listen 80;
server_name _;
root /var/www/html/public;
index index.php index.html index.htm;
underscores_in_headers on;
access_log /dev/stdout;
error_log /dev/stdout;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include /etc/nginx/fastcgi_params;
fastcgi_send_timeout 330;
fastcgi_read_timeout 330;
fastcgi_busy_buffers_size 16k;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
location / {
# try to serve file directly, fallback to index.php
try_files $uri /index.php$is_args$args;
}
}
}
When huge request hits probably means, your script (which is behind a loadbalancer) works longer than the LB timeout is... while your script is working (and hasn't answered yet), the LB will think it's crashed and drop the IP connection. BANG! Bad gateway.
LB timeouts are usually 60-120 seconds, but in rare cases up to 5 minutes.
What you can try:
Reduce the script runtime to be lower than the LB timeout
Send output to the client while working (traffic will have to pass through the proxy to keep the IP connection alive)
Change the concept (like put data to a offline queue)
Our application server is getting down or slow randomly throughout the day, CakePHP 2 application with Mysql is running on this server. We have some cronjobs set up and all are working perfectly.
This performance issue mostly occurs at business time (Day time)
Server configuration: AWS instance t2.large, FreeBSD 10.3-RELEASE-p11, Disk space 20% free (30GB)
I go through many server logs as well as application logs like below
Nginx error log (Few lines from the log)
2020/04/30 23:04:57 [info] 66440#101049: *71645 client closed connection while waiting for request, client: XX.XX.XX.XX, server: 0.0.0.0:80
2020/04/30 23:05:01 [info] 66440#101049: *71820 kevent() reported that client XX.XX.XX.XX closed keepalive connection
2020/04/30 23:05:42 [info] 66440#101049: *72494 peer closed connection in SSL handshake while SSL handshaking, client: XX.XX.XX.XX, server: 0.0.0.0:443
dmesg.today Log (Few lines)
sonewconn: pcb 0xfffff800a70cf7a8: Listen queue overflow: 193 already in queue awaiting acceptance (62 occurrences)
sonewconn: pcb 0xfffff800a70cf7a8: Listen queue overflow: 193 already in queue awaiting acceptance (57 occurrences)
sonewconn: pcb 0xfffff80115d9e7a8: Listen queue overflow: 193 already in queue awaiting acceptance (63 occurrences)
sonewconn: pcb 0xfffff80115d9e7a8: Listen queue overflow: 193 already in queue awaiting acceptance (126 occurrences)
HTOP outcome
PHP-fpm: pool www, sometimes consumes 100% of CPU and memory
NodePing Alert (Receiving continuous notification in day time)
failed the HTTP check. It is down as of Thu Apr 30 2020 12:29:09 GMT-0700.Timeout.
HTTP is back up after being down for 4 minutes as of Thu Apr 30 2020 23:28:19 GMT-0700.
Nginx.conf file
user www;
worker_processes 2;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log /var/log/nginx/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
client_header_timeout 3000;
client_body_timeout 3000;
fastcgi_read_timeout 3000;
client_max_body_size 32m;
fastcgi_buffers 8 128k;
fastcgi_buffer_size 128k;
server_name_in_redirect on;
server_names_hash_bucket_size 64;
server_names_hash_max_size 8192;
#access_log logs/access.log main;
access_log /var/log/nginx/access.log;
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_vary on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
include /etc/nginx/ssl/*.conf;
server {
listen 80;
autoindex off;
server_name localhost;
add_header X-Frame-Options "SAMEORIGIN";
root /usr/local/www/html/webroot;
index index.html index.php;
# redirect server error pages to the static page /50x.html
location / {
# try_files $uri $uri/ /index.php?$uri&$args;
# set $new_uri $uri;
# try_files $uri $uri/ /index.php?$args;
try_files $uri $uri?$args $uri/ /index.php?$uri&$args /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include /etc/nginx/fastcgi_params;
#fastcgi_param PATH_INFO $new_uri;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_pass /var/run/php5-fpm.sock;
fastcgi_read_timeout 300;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
}
error_page 500 502 503 504 /50x.html;
location = /50.html {
root /etc/nginx/html;
}
location ~ /(\.ht|\.user.ini|\.git|\.hg|\.bzr|\.svn) {
deny all;
}
}
# HTTPS server
#
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name *.XXXX.com;
ssl on;
ssl_certificate /XXXXX.crt;
ssl_certificate_key /XXXXX.key;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2; # Dropping
root /usr/local/www/html/webroot;
index index.html index.php;
# redirect server error pages to the static page /50x.html
location / {
# try_files $uri $uri/ /index.php?$uri&$args;
# set $new_uri $uri;
# try_files $uri $uri/ /index.php?$args;
try_files $uri $uri?$args $uri/ /index.php?$uri&$args /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_read_timeout 3000;
}
location = /favicon.ico { log_not_found off; access_log off;}
location = /robots.txt { log_not_found off; access_log off;}
location ~ /.well-known { allow all; }
}
##
# Cache Proxy
##
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=STATIC:10m inactive=24h max_size=512m;
proxy_temp_path /var/tmp;
}
below are Some CPU utilization screens from AWS console
Above are some of my findings to found the issue, but I don't know what is causing poor server performance. Please suggest
UPDATE
I observe that in business hours (TTFB) is taking too much time (20 -25 sec)
I check the log of Mysql queries running on that page took Total Time: 1441 ms
So, Something else taking up time to load the page.
HTOP outcome at that time
I'm trying to setup a website using a synology with php 5.6 and nginx. The website is WordPress and a theme. When processing a demo import, we have a NGINX error 405 (not allowed).
It's kind of frustrating because I like when things are properly done.
I've looked in the php.ini file and the nginx.conf file.
# Copyright (c) 2000-2016 Synology Inc. All rights reserved.
worker_processes auto;
#worker_cpu_affinity auto;
worker_rlimit_nofile 65535;
include conf.d/main.conf;
events {
use epoll;
multi_accept on;
worker_connections 1024;
include conf.d/events.conf;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
#access_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_access,nohostname main;
error_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_error,nohostname error;
sendfile on;
server_tokens off;
proxy_request_buffering off;
fastcgi_request_buffering off;
scgi_request_buffering off;
proxy_buffering off;
fastcgi_buffering off;
scgi_buffering off;
resolver_timeout 5s;
client_header_timeout 10s;
client_body_timeout 60s;
send_timeout 60s;
keepalive_timeout 65s 20s;
client_max_body_size 0;
server_names_hash_max_size 8192;
ssl_certificate /usr/syno/etc/certificate/system/default/fullchain.pem;
ssl_certificate_key /usr/syno/etc/certificate/system/default/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
ssl_dhparam /usr/syno/etc/ssl/dh2048.pem;
ssl_prefer_server_ciphers on;
gzip_disable "msie6";
gzip_min_length 1000;
gzip_types text/plain text/css application/javascript application/json;
gzip_vary on;
gzip_static on;
upstream synoscgi {
server unix:/run/synoscgi.sock;
}
index index.html index.htm index.php;
set_real_ip_from 127.0.0.1;
real_ip_header X-Real-IP;
server {
listen 5000 default_server;
listen [::]:5000 default_server;
server_name _;
gzip on;
include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;
ignore_invalid_headers off;
include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;
location = / {
try_files $uri /index.cgi$is_args$query_string;
}
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}
location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}
error_page 403 404 500 502 503 504 #error_page;
location #error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ~ ^/webman/modules/Indexer/ {
deny all;
}
location ~ ^/webapi/lib/ {
deny all;
}
location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}
}
server {
listen 5001 default_server ssl;
listen [::]:5001 default_server ssl;
server_name _;
include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;
ignore_invalid_headers off;
include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;
location = / {
try_files $uri /index.cgi$is_args$query_string;
}
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}
location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}
error_page 403 404 500 502 503 504 #error_page;
location #error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ~ ^/webman/modules/Indexer/ {
deny all;
}
location ~ ^/webapi/lib/ {
deny all;
}
location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 default_server ssl;
listen [::]:443 default_server ssl;
server_name _;
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
include app.d/www.*.conf;
include app.d/alias.*.conf;
include /usr/syno/share/nginx/conf.d/www.*.conf;
include conf.d/www.*.conf;
location = /webman/pingpong.php {
rewrite /webman/pingpong.php /webman/pingpong.cgi break;
root /usr/syno/synoman;
include scgi_params;
scgi_pass synoscgi;
}
location = /webdefault/images/logo.jpg {
alias /usr/syno/share/nginx/logo.jpg;
}
error_page 405 =200 $uri;
location ~* \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_read_timeout 240;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
error_page 403 404 500 502 503 504 #error_page;
location #error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ^~ /.well-known/acme-challenge {
root /var/lib/letsencrypt;
default_type text/plain;
}
include app.d/.location.webstation.conf*;
location ~ ^/$ {
if ($scheme = https) {
rewrite / https://$host:5001/ redirect;
}
rewrite / http://$host:5000/ redirect;
}
}
include conf.d/http.*.conf;
include app.d/server.*.conf;
include sites-enabled/*;
}
I've searched a lot on internet and so far only some interesting leads but nothing worked.
I've tried to add the following to the nginx.conf (that's why my actual nginx.conf has those lines) but it didn't solved my problem.
location ~* \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_read_timeout 240;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
For information, here is the error in log file :
2017/02/10 18:14:07 [error] 18555#18555: *2563 upstream timed out
(110: Connection timed out) while reading response header from
upstream, client: xxx.xxx.xxx.xxx, server: example.com, request: "POST
/wp-admin/admin-ajax.php HTTP/1.1", upstream:
"fastcgi://unix:/run/php-fpm/php56-fpm.sock", host: "www.example.com",
referrer:
http://example.com/wp-admin/admin.php?page=laborator-demo-content-installer&install-pack=agency&
If you have any idea to solve this problem... because I've been struggling since some weeks now...
Thanks a lot in advance
tl;dr—Your WordPress is too slow. Jump to the bottom to see how you can make NGINX return you the proper 504 GATEWAY TIMEOUT status code.
The longer version: You have a bunch of separate issues working together in an unhelpful way.
1. WordPress, your upstream server, is not responding fast enough
It takes longer than 4 minutes, that's why you see a 110: Connection timed out in your logs. The solution to the slowness is to speed up WordPress. As a workaround, you could give it more time to process the request. To do that, increase the number in your fastcgi_read_timeout 240; rule. Note that the timeout is given in seconds, so if you're fine with waiting 10 minutes, set this to 600.
I'd advise against increasing the timeout, though. You should really address the performance issue itself. Such long requests block resources in NGINX and WordPress, and therefore allow you to be DDoSed quite easily, even accidentally by yourself.
Because your upstream takes too long, NGINX would respond with a 504 GATEWAY TIMEOUT. It cannot because…
2. POST requests cannot be answered with static files
In your error_page location, you're telling NGINX to use static files to handle the requests. That's fine for GET or HEAD, but it does not work for POST, because it would ask NGINX to overwrite/create files. That's neither intended nor supported by NGINX. (The request would also fail using other modifying verbs such as PUT and DELETE, for the same reason.)
Note that you are using a named location, #error_page, for which the method remains POST, as the manual says:
If there is no need to change URI and method during internal redirection it is possible to pass error processing into a named location.
You already know part of this, which is why you added the error_page 405 =200 $uri; rule. Unfortunately, this did not save you, because…
3. Internal error_page redirects are not recursive by default
This is not mentioned in the documentation for the error_page manual, as far as I can see, but it is mentioned in the docs of the following directive:
Workaround: Enable recursive error_page redirects
The directive recursive_error_pages allows you to handle errors that occur while a previous error is being handled. From the docs:
Enables or disables doing several redirects using the error_page directive. The number of such redirects is limited.
If you enable this, by putting recursive_error_pages on; into your server block, you'll allow the error_page 405 directive to kick in.
Unfortunately, since you're still requesting the same resource with your $uri part, WordPress will be queried again for the same URL, this time with a GET request. No idea how your WordPress handles that, but chances are the error that will occur then will not help you to debug this.
This really is just jumping around the problem; what you should get is the original 504. Therefore, I suggest you do the following, instead of enabling recursive error page redirects:
Solution: Use GET to fetch your error pages
I assume you still want to return your error.html even on a POST request. For that you need to force NGINX to drop the POST and handle the error with GET, so that static files can be used. The only way I've found to make this happen is to not use a named location (the ones with # at the beginning), but an internal one instead.
To use this option, change your #error_page location to include a pseudo-path and the internal directive, for example like so:
location /error_page {
internal;
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
Afterwards, modify the error_page directive, to use the new location:
error_page 403 404 500 502 503 504 /error_page;
Resources: A helpful discussion on the NGINX mailing list.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
AntiDDOS slowing server
Hello,
i just migrated from Apache24 to Nginx. OS on server is FreeBSD 10.3 (amd64) with custom kernel. I have one strange problem - when i uncomment this line in nginx config:
limit_req zone=antiddosphp burst=5;
then wordpress dashboard load take >2s then with this option disabled. Where could be problem? Almost every page take more time to load with this option (or i dont know how to right set this)...
My second question is about right perormance setting in config file. My VPS is
1x 2Ghz + 2GB ram + 15gb ssd
Free memory after startup is about 1700 MB. Do i have right settings for nginx? I also have postfix, dovecot, mariadb and php-fpm installed. Mariadb take about 200M ram, MTA take about 150MB so i have about 1300 free for webserver.
My nginx conf file:
load_module /usr/local/libexec/nginx/ngx_mail_module.so;
load_module /usr/local/libexec/nginx/ngx_stream_module.so;
user www;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
limit_req_zone $binary_remote_addr zone=antiddosphp:10m rate=10r/s;
limit_req_zone $binary_remote_addr zone=antiddos:10m rate=10r/s;
limit_req zone=antiddosphp burst=5;
server_tokens off;
tcp_nopush on;
tcp_nodelay on;
sendfile on;
fastcgi_connect_timeout 100;
fastcgi_send_timeout 100;
fastcgi_read_timeout 100;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_intercept_errors on;
gzip on;
gzip_min_length 1k;
gzip_comp_level 9;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
open_file_cache max=2000 inactive=60s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
client_body_buffer_size 8k;
client_header_buffer_size 16k;
client_max_body_size 20m;
client_body_timeout 10;
client_header_timeout 10;
large_client_header_buffers 4 32k;
keepalive_timeout 15;
send_timeout 10;
keepalive_requests 1000;
server {
listen 80;
server_name localhost;
location / {
root /usr/local/www/nginx;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
}
server {
server_name test.test.cz;
#limit_req zone=antiddos burst=60;
#limit_req zone=antiddosphp burst=2;
access_log /var/log/example.com.access.log;
error_log /var/log/example.com.error.log;
root /usr/local/www/domains/test-cz/webserver/test;
index index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\.ht {
deny all;
}
}
}
PHP-FPM configuration:
user = www
group = www
pm = dynamic
pm.start_servers = 3
pm.max_children = 3
pm.min_spare_servers = 3
pm.max_spare_servers = 3
pm.max_requests = 200
request_terminate_timeout = 10
request_slowlog_timeout = 0
slowlog = log/$pool.log.slow
catch_workers_output = yes
Thank you all for any reply.
If your are loading a website, you are not loading only this site, but assets as well. Nginx will think of them as independent connections. You have 10r/s defined and a burst size of 5. Therefore after 10 Requests/s the next requests will be delayed for rate limiting purposes. If the burst size (5) gets exceeded the following requests will receive a 503 error.
If the requests rate exceeds the rate configured for a zone, their
processing is delayed such that requests are processed at a defined
rate. Excessive requests are delayed until their number exceeds the
maximum burst size in which case the request is terminated with an
error 503 (Service Temporarily Unavailable).
(Source: http://nginx.org/en/docs/http/ngx_http_limit_req_module.html)
Answer: Up the r/s a bit and the pages should flow out a bit faster.
For the second questions:
But i can't give a definit answer, just look at your load and determine if you have to tweak these values.
Usually the error log is a good start :)
I don't know why with nginx this variable $_SERVER['REMOTE_ADDR'] doesn't echo an IP. On every other web server it works as it should.
Any suggestions?
I suspect it has something to do with the interface between nginx (the webserver) and fastcgi, which is the API in which PHP is running.
According to your info provided, the Server API is: FPM/FastCGI
I suggest you take a hard look at the details of how PHP is installed with nginx (you have not provided any).
If you do not require the performance of nginx, then you may find a pragmatic solution is to just use apache. I use nginx as a reverse proxy in front of apache, but that introduces some additional issues with getting the REMOTE_ADDR passed to PHP (notably, mod_rpaf).
Good luck!
#Michael, here is a project I maintain which provides the proper fastcgi parameters for interfacing Nginx with FPM. Hope it helps.
fastcgi_params on Github
These are from the conf file from nginx
user http;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
# multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
tcp_nodelay on;
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
server {
listen 80;
server_name www.fireangel.ro fireangel.ro;
access_log /var/log/nginx/localhost.access.log;
Default location
location / {
root /var/www/html/fireangel.ro/public_html;
index index.php;
}
Images and static content is treated different
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
access_log off;
expires 30d;
root /var/www/html/fireangel.ro/public_html;
}
Parse all .php file in the /srv/http directory
location ~ .php$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html/fireangel.ro/public_html$fastcgi_script_name;
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
Disable viewing .htaccess & .htpassword
location ~ /\.ht {
deny all;
}
}
upstream backend {
server 127.0.0.1:9000;
}
}