2010年12月31日星期五

Re: nginX - public_html - multiple CMS

On 31 Dez 2010 16h13 WET, nginx-forum@nginx.us wrote:

> Hi
> Can nginX have configuration like apache user's public_html ?
>
> I have system where I wanna implement multiple user directory where
> each user can build his own site using Drupal and Wordpress... each
> with it's own clean url
>
> maybe the result will look like this url:
>
> http://mainsite.com/~user_drupal (/home/user_drupal/public_html)
> http://mainsite.com/~user_wordpress
> (/home/user_wordpress/public_html)

Assuming that you trust your users enough to let them run PHP code
here's a tip from the Wiki: http://wiki.nginx.org/NginxUserDir

I suggest a simpler regex (without ? in usernames and the slash out of
the 1st group).

location ~ ^/~(?<username>.+)/(?<userpath>.*)$ {
alias /home/$username/public_html/$userpath;
}

with named capture groups or just:

location ~ ^/~(.+)/(.*)$ {
alias /home/$1/public_html/$2;
}

with numeric groups.

Note that with drupal you can have multisite installs. Therefore if
you add an A record to your domain.com zone file like, e.g.,
username.domain.com and make the domain.com/~username URI a 301
redirect you can run your own core and basic modules and let your
users create a theme and add modules as they see fit. Anyway it's your
machine, so you make the rules.

Happy New Year,
--- appa

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: nginX - public_html - multiple CMS

On Fri, Dec 31, 2010 at 11:13 PM, bonn <nginx-forum@nginx.us> wrote:
> Hi
> Can nginX have configuration like apache user's public_html ?
>
> I have system where I wanna implement multiple user directory where each
> user can build his own site using Drupal and Wordpress... each with it's
> own clean url
>

You don't want to (do this with nginx). Especially if you can't trust
your users.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

exclude invalid_referrer directory

I use the following code block to redirect invalid referrers back to the
homepage when someone attempts to view an image directly on my Wordpress
blog.

I would like to be able to use /var/www/blog/wp-content in the code
block below for the invalid referrers, and have another code block such
as /var/www/otherimages that does not redirect or block any referrers.
/var/www/otherimages could be viewed by anyone even directly. How would
I write this second code block?

location ~ \.(jpg|jpeg|gif|png|flv|mp3|mpg|mpeg)$ {
root /var/www/blog;
expires max;
valid_referers blocked ~\.google\.;
if ($invalid_referer) {
rewrite ^(.*)$ http://www.mydomain.com/;
}
}

--
Posted via http://www.ruby-forum.com/.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

nginX - public_html - multiple CMS

Hi
Can nginX have configuration like apache user's public_html ?

I have system where I wanna implement multiple user directory where each
user can build his own site using Drupal and Wordpress... each with it's
own clean url

maybe the result will look like this url:

http://mainsite.com/~user_drupal (/home/user_drupal/public_html)
http://mainsite.com/~user_wordpress (/home/user_wordpress/public_html)

Thanks for any help.

Regards, Bonn

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162498,162498#msg-162498


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Turn off 'fastcgi_buffers'

Yes It is not possible, It is a basis on nginx

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,76077,162486#msg-162486


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Multiple certs on one server

I was trying to take a second look at this.

I get this error (Error code: ssl_error_rx_record_too_long)

I am just testing the solution using self-signed certs.


Here is my server-blocks.

server {
index index.html;
listen 80;
listen 443;
server_name domain1.com;
root /var/www/www.domain1.com/;
access_log /var/log/nginx/domain1.com.access.log;


ssl off;
ssl_certificate /apps/ssl/domain1.crt;
ssl_certificate_key /apps/ssl/domain1.key;
#ssl_prefer_server_ciphers on;
#ssl_ciphers HIGH:!ADH;

...

}


server {
index index.html;
listen 80;
listen 443;
server_name domain2.com;
root /var/www/www.domain2.com/;
access_log /var/log/nginx/domain2.com.access.log;


ssl off;
ssl_certificate /apps/ssl/domain2.crt;
ssl_certificate_key /apps/ssl/domain2.key;
#ssl_prefer_server_ciphers on;
#ssl_ciphers HIGH:!ADH;

...

}


On 12/22/10 12:18 AM, David Newman wrote:
> On 12/20/2010 05:03 PM, David J. wrote:
>> On the topic of SSL;
>>
>> Is there any possible way to run multiple certs on one IP?
>>
>> I dont think this is possible as per the SPEC; But I am not an expert.
> Me neither, but there's nothing wrong with this. The CN in a cert is
> bound to a string such as a hostname, not to an IP address. (The string
> could also be someone's name, or any other text, including an IP address
> -- but as a text string). SSL works above the network layer and doesn't
> care about L3 addressing.
>
> So, if you've got multiple virtual hosts on a single IP address, you
> have a couple of choices:
>
> a. Use one cert per virtual host
>
> b. Use one cert for all virtual hosts and chain them using the
> subjectAltName parameter in openssl.cnf. This is what I did on the
> server in the original post in this thread.
>
> Here's a thread from a few years ago when I was getting (b) set up:
>
> http://readlist.com/lists/openssl.org/openssl-users/0/4040.html
>
> You can buy chained certs that do this from multiple registrars; I got
> one from GoDaddy but concur with others' description about the GD web site.
>
> dn
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx
>


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Trouble getting UploadProgress module to work

I'm having the same problem, what's the fix?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,88713,162442#msg-162442


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

nginx upstream backend view requests

hi!

is there a way to see how many requests load balance upstream serves to
specific hosts?


thanks

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162439,162439#msg-162439


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Preserving all original request headers through a proxy_pass ?

hi!
You are great!

The problem was that i was missing the right virtualhost [code]
ServerName www.domain.local
[/code]
name in the apache's conf file.

I was thinking that nginx is sending proxy headers internally using the
server name listed in the upstream server list.

thanks

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,156228,162435#msg-162435


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

2010年12月30日星期四

Re: Proxy Cache - Check if file has been cached

I use this variable $upstream_cache_status added to my access log to check the Hit Percentage.  While I think you can also use it to check whether the file is cached. 
Add it to the log_format in you configure file,  access every file you want to check, and the cache status will be shown in the access log.

On Thu, Dec 30, 2010 at 10:57 PM, digger18 <nginx-forum@nginx.us> wrote:
Hi,
I have implemented nginx with proxy cache successfully, however, I need
to have the ability to check if a certain file is already cached or
not.
Is there a way to get a list of cached files?
Maybe another way will be to send a HEAD request which contains the file
URI to the proxy cache server to check if a file is already in cache?

Are these methods possible?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162263,162263#msg-162263


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx



--
自由是我生命之基石,尊重是我行为之准绳
也许我以千百种方式生活在这世上,但我坚守我人生之信仰
所以,我的朋友
请平视的看着我,带着你的微笑


'unknown directive "worker_processes"' error

I am trying to deploy a Rails 3 app using Nginx and Passenger. I
installed using Phusion's 'passenger-install-nginx-module'

When I try to start nginx, I get an 'unknown directive
"worker_processes"' error, which I do not understand.

First directive in 'nginx.conf' file is:

worker_processes 1;

The Nginx web site says "By default, Nginx will be installed in /usr/
local/nginx.", but my install went to /usr/sbin/nginx. Is this a
problem?

My Nginx version is:

nginx version: nginx/0.6.35
configure arguments: --conf-path=/etc/nginx/nginx.conf --error-log-
path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-
path=/var/lock/nginx.lock --http-log-path=/var/log/nginx/access.log --
http-client-body-temp-path=/var/lib/nginx/body --http-proxy-temp-path=/
var/lib/nginx/proxy --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --
with-http_stub_status_module --with-http_flv_module --with-
http_ssl_module --with-http_dav_module --with-http_realip_module

Thanks!


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Preserving all original request headers through a proxy_pass ?

Hello!

On Thu, Dec 30, 2010 at 04:56:00PM -0500, elgreco wrote:

> I dont know if i can ask in the same topic my question...

General rule is: don't hijack threads.

> i have a upstream of two servers which responds on host headers only
> (apache virtualhost's)
> when i try to open the www.server.local (which is nginx frontend) i get
> only default web pages from backends and not the web1 or web2
> what should i do to fix the problem ?
>
> upstream backend {
> server web1.local.com:80;
> server web2.local.com:80;
> }
> server {
>
> listen 80;
> server_name www.domain.local;
> location / {
> proxy_pass http://backend;
> proxy_set_header Host $host;
> }
> }

Most likely you don't have "www.domain.local" configured as
virtualhost on your backends, and that's why it doesn't work.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Preserving all original request headers through a proxy_pass ?

I dont know if i can ask in the same topic my question...

i have a upstream of two servers which responds on host headers only
(apache virtualhost's)
when i try to open the www.server.local (which is nginx frontend) i get
only default web pages from backends and not the web1 or web2
what should i do to fix the problem ?


[code]
upstream backend {
server web1.local.com:80;
server web2.local.com:80;
}
server {

listen 80;
server_name www.domain.local;
location / {
proxy_pass http://backend;
proxy_set_header Host $host;
}
}
[/code]

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,156228,162364#msg-162364


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: please convert this .htaccess to NGINX rewrite

On 30 Dez 2010 08h06 WET, nginx-forum@nginx.us wrote:

> could somebody convert this .htaccess to NGINX rewrite,,??
> i need it stop my forum from automatic bot poster..
>
>
> RewriteEngine on
> RewriteCond %{HTTP_USER_AGENT} ^.*(6a1pre).* [NC]
> RewriteRule ^(.*)$ - [F,L]
>

if ($http_user_agent ~* "^.*(6a1pre).*") {
return 403;
}

--- appa


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Nagios served by NginX

Thank you so much for the very fast reply. It does work perfectly.
Thanks.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162278,162289#msg-162289


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Nagios served by NginX

This works for me:

http
{
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    sendfile on;
    tcp_nopush on;
    client_max_body_size 6m;
    gzip on;
    gzip_min_length 0;
    gzip_comp_level 6;
    gzip_types text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    log_format   main '$remote_addr - $remote_user [$time_local] $status '
                      '"$request" $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log   /var/log/nginx/access.log  main;
    access_log off;
    root /var/www/html;
    server
    {
        listen  10.0.1.163;
        server_name  dev.local.com;
        location = /nagios
        {
                rewrite ^/nagios/ permanent;
        }
        location /nagios/
        {
                index index.php index.html;
                alias /usr/local/nagios/share/;
        }
        location /
        {
                index  index.php index.html;
                error_page 404 = @joomla;
                log_not_found off;
        }
        location @joomla
        {
                rewrite ^(.*)$ /index.php?q=$1 last;
        }
        location ~ ^/nagios/(.*\.php)$
        {
                alias /usr/local/nagios/share/$1;
                fastcgi_pass 127.0.0.1:9000;
                include fcgi;
                auth_basic "Restricted";
                auth_basic_user_file htpasswd;
        }
        location ~ \.cgi$
        {
                root    /usr/local/nagios/sbin/;
                rewrite ^/nagios/cgi-bin/(.*)\.cgi /$1.cgi break;
                fastcgi_pass   127.0.0.1:49233;
                include fcgi;

                auth_basic              "Restricted";
                auth_basic_user_file    htpasswd;

                fastcgi_param  AUTH_USER          $remote_user;
                fastcgi_param  REMOTE_USER        $remote_user;
        }
        location ~ \.php$
        {
                include fcgi;
                fastcgi_pass 127.0.0.1:9000;
        }

    }



On Thu, Dec 30, 2010 at 11:23 AM, nofun <nginx-forum@nginx.us> wrote:
Can some one please help me setting up Nagios on NginX. I installed
spawn-fcgi and fcgiwrap in Ubuntu, and I have Nagios 3.2.3 installed in
/opt/nagios. So I have the two folders: /opt/nagios/share for web files,
and /opt/nagios/sbin for cgi scripts.

I tried with this config (with no success though):
[code]
location / {
               root   /opt/nagios/share;
               index  index.html;

               rewrite ^/nagios/images/(.*)\.png /images/$1.png break;

               auth_basic              "Restricted";
               auth_basic_user_file    conf/htpasswd;
       }

       location ~ \.cgi$ {
               root    /opt/nagios/sbin;
               rewrite ^/nagios/cgi-bin/(.*)\.cgi /$1.cgi break;

               include /etc/nginx/fastcgi_params;

               fastcgi_pass   unix:/var/run/fcgiwrap.socket;
               fastcgi_param  SCRIPT_FILENAME
/opt/nagios$fastcgi_script_name;  # same path as above

               auth_basic              "Restricted";
               auth_basic_user_file    conf/htpasswd;

               fastcgi_param  AUTH_USER          $remote_user;
               fastcgi_param  REMOTE_USER        $remote_user;
       }
[/code]

This config is adaped from
http://www.matejunkie.com/howto-let-nginx-serve-the-nagios-web-interface/

Does anyone use Nagios with NginX and can send me a working
configuration?

Thank you in advance,
Vlad.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162278,162278#msg-162278


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Nagios served by NginX

Can some one please help me setting up Nagios on NginX. I installed
spawn-fcgi and fcgiwrap in Ubuntu, and I have Nagios 3.2.3 installed in
/opt/nagios. So I have the two folders: /opt/nagios/share for web files,
and /opt/nagios/sbin for cgi scripts.

I tried with this config (with no success though):
[code]
location / {
root /opt/nagios/share;
index index.html;

rewrite ^/nagios/images/(.*)\.png /images/$1.png break;

auth_basic "Restricted";
auth_basic_user_file conf/htpasswd;
}

location ~ \.cgi$ {
root /opt/nagios/sbin;
rewrite ^/nagios/cgi-bin/(.*)\.cgi /$1.cgi break;

include /etc/nginx/fastcgi_params;

fastcgi_pass unix:/var/run/fcgiwrap.socket;
fastcgi_param SCRIPT_FILENAME
/opt/nagios$fastcgi_script_name; # same path as above

auth_basic "Restricted";
auth_basic_user_file conf/htpasswd;

fastcgi_param AUTH_USER $remote_user;
fastcgi_param REMOTE_USER $remote_user;
}
[/code]

This config is adaped from
http://www.matejunkie.com/howto-let-nginx-serve-the-nagios-web-interface/

Does anyone use Nagios with NginX and can send me a working
configuration?

Thank you in advance,
Vlad.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162278,162278#msg-162278


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Proxy Cache - Check if file has been cached

Checking the header "Expires" is probably the most reliable way.

Cheers,

Simon


2010/12/30 digger18 <nginx-forum@nginx.us>
Hi,
I have implemented nginx with proxy cache successfully, however, I need
to have the ability to check if a certain file is already cached or
not.
Is there a way to get a list of cached files?
Maybe another way will be to send a HEAD request which contains the file
URI to the proxy cache server to check if a file is already in cache?
Are these methods possible?

Proxy Cache - Check if file has been cached

Hi,
I have implemented nginx with proxy cache successfully, however, I need
to have the ability to check if a certain file is already cached or
not.
Is there a way to get a list of cached files?
Maybe another way will be to send a HEAD request which contains the file
URI to the proxy cache server to check if a file is already in cache?

Are these methods possible?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162263,162263#msg-162263


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Skipping the proxy cache based on a cookie?

I've dug a bit deeper into the documentation and it seems like
proxy_no_cache and proxy_cache_bypass should somehow do the trick, but I
can get things to work with my exact scenario.
Here's the flow I'd like to create:
1. when a new user reaches the site, it is forwarded to the backend and
receives a few cookies back.
A "new user" is identified by a [b]lack[/b] of a certain cookie, which
is something I couldn't figure out how to implement (seems like it only
supports bypassing/no caching if a cookie exists, but not if it
doesn't).

This request should not be taken from the cache, but the response can be
stored in cache as long as further requests will not be sent the cookies
this request produced.

2. Returning visitors can be served from the cache, unless they are
logged in (in which case they should be sent to the backend and the
response should not be stored). This is simple enough to do with the
regular bypass/no_cache combination based on a cookie that is created
when a user logs in.

----

It doesn't seem like a complicated scenario, but I can't get it to work
just right.
Any help would be appreciated :)

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,161969,162238#msg-162238


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

please convert this .htaccess to NGINX rewrite

could somebody convert this .htaccess to NGINX rewrite,,??
i need it stop my forum from automatic bot poster..


RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^.*(6a1pre).* [NC]
RewriteRule ^(.*)$ - [F,L]

if u could help me, u're the best !

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162173,162173#msg-162173


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

2010年12月29日星期三

[ANNOUNCE] uWSGI 0.9.6.6

I am pleased to announce a new maintainance release of the uWSGI project:

* 0.9.6.6 [20101230]

- support for YAML configuration files

- backported python module aliasing from 0.9.7-dev
http://projects.unbit.it/uwsgi/wiki/PymoduleAlias

- better apache2 module (support for SetEnv directive, fixed REQUEST_URI
and improved connection handling)

- uwsgi.post_fork_hook implementation (to execute function after fork()
(thanks George Kollias)

- option --gid calls setgroups() after setgid() (thanks Jorge Cardona)

- fixed uGreen compilation (and uGreen is now built by default)

- fixed timeout and thundering herd problem in async modes
(many thanks to Test157 for giving us a good async-test-app)

- disable TCP_INFO in older Linux kernels (thanks Bo Shi)

- enable TCP_INFO in FreeBSD (limited usage due to FreeBSD kernel support)

- fixed static virtualhosting mode using xml files
(thanks Andrea Notari of Link I.T. spa)

- new option --close-on-exec (thanks Jean-Baptiste Quenot)

- use HTTP_HOST var (and fallback to SERVER_NAME) in virtual hosting mode

- fixed a buffer overflow in automatic socket_name allocation
(spotted by Riccardo Magliocchetti)

- Official support for Nexenta


You can download from here:

http://projects.unbit.it/downloads/uwsgi-0.9.6.6.tar.gz

or

pip install http://projects.unbit.it/downloads/uwsgi-0.9.6.6.tar.gz

The official uWSGI wiki is at:

http://projects.unbit.it/uwsgi/wiki

This is the last 0.9.6 release with 'backports'. From now on
all the new features will be available only in the 0.9.7-dev tree

Thanks for your attention

--
Roberto De Ioris
http://unbit.it

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Nginx Cache PHP Files

Please Help for Nginx Cache Files PHP
example 1d

nginx save cache directory?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162133,162133#msg-162133


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Nginx as revers proxy for apache: images don't show

Hello everybody. This is my first post here.

I have a large traffic technology website and to improve performance we
are wtiching to nginx.

We want to serve static content with nginx and dynamic with apache.

The configuration is perfect, but I have a problem with images.

In my previos configuration i have this .htaccess

[code]
# $Header: /usr/local/cvsroot/dday.it/.htaccess,v 1.4 2009/11/04
23:29:51 tngsandiego Exp $
RewriteEngine On
RewriteBase /
# dday.it
RewriteCond %{HTTP_HOST} ^dday\.it
RewriteRule ^(.*)$ http://www.dday.it/$1 [R=permanent,L]
# Pages
RewriteRule ^page/(.*)/(.*)/(.*).html$ index.php?a=getp&pid=$1&p=$2
RewriteRule ^page/(.*)/(.*).html$ index.php?a=getp&pid=$1
# Tags
RewriteRule ^tag/(.*).html$ index.php?a=src&form_search_phrase=$1
# Bios
RewriteRule ^profilo/(.*)$ index.php?a=gbs&uname=$1
# Article
RewriteRule ^redazione/(.*)/(.*).html(\&(.*?)|)$
index.php?a=geti&aid=$1$3 [QSA,L]
# Article - Vodafone
RewriteRule ^redazione-vodafone/(.*)/(.*).html(\&(.*?)|)$
index.php?a=getvi&aid=$1$3
# Prodotto
RewriteRule ^prodotti/(.*)/(.*).html(\&(.*?)|)$
index.php?a=gpd&oid=$1$3
# Download-Prodotto
RewriteRule ^download/(.*)/(.*)$
index.php?a=prodotti&p=sbstrm&fname=$2&fid=$1
# Live Features
RewriteRule ^pull/(.*)/(.*)$ index.php?a=pull&p=$1&uid=$2
# Facebook
RewriteRule ^(.*)/xd_receiver.htm(.*) xd_receiver.htm
# XML Sitemap - Google
RewriteRule ^xml/sitemap.xml$ index.php?a=xml&p=google-sitemap [L]
RewriteRule ^sitemap.xml$ index.php?a=xml&p=google-sitemap
RewriteRule ^sitemap_news.xml$ index.php?a=xml&p=google-news
# XML Custom
RewriteRule ^xml/(.*).xml(\&(.*?)|)$ index.php?a=xml&p=$1$2
# RSS
RewriteRule ^rss$ index.php?a=redazione&p=rss
RewriteRule ^rss3d$ index.php?a=redazione&p=rss3d
RewriteRule ^xml-vodafone$ index.php?a=redazione&p=xml-vodafone
# Broken/Non existing images users
RewriteRule ^userFiles/gallery/users/(.*)/(.*)$
userFiles/gallery/users/$2
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} /userFiles/gallery/users/0/(.*)$
RewriteRule .* elements/images/user_default.gif [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} /userFiles/gallery/users/1/(.*)$
RewriteRule .* elements/images/user_default_f.gif [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} /userFiles/gallery/products/(.*)$
RewriteRule .* elements/images/no_image.png [L]
# MANAGE ERRORS
#ErrorDocument 500 /dday.it/index.php?a=page-not-found
#ErrorDocument
404 /dday.it/index.php?a=page-not-found

[/code]

I imagine that the problem is the part of the code below, because other
parts of htaccess are related to dynamic content...

[code]
# Broken/Non existing images users
RewriteRule ^userFiles/gallery/users/(.*)/(.*)$
userFiles/gallery/users/$2
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} /userFiles/gallery/users/0/(.*)$
RewriteRule .* elements/images/user_default.gif [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} /userFiles/gallery/users/1/(.*)$
RewriteRule .* elements/images/user_default_f.gif [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} /userFiles/gallery/products/(.*)$
RewriteRule .* elements/images/no_image.png [L]
[/code]

How can I pass this part to nginx? There is a tutorial to rewrite
rules?

I found a website with a translation script but it doesn't work. :(

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,162092,162092#msg-162092


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Proxy to ejabberd

I was also getting 502 Bad Gateway.

The problem was that I was missing loading the http-bind module in
ejabberd:

{modules,
[
...
{mod_http_bind, []},

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,657,162067#msg-162067


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: apache to nginx rewrite rule

On 29 Dez 2010 19h59 WET, igor@sysoev.ru wrote:

> On Wed, Dec 29, 2010 at 02:56:10PM -0500, Ilan Berkner wrote:
>
>> that worked, thanks
>
> You do not need "break".
>
> location /youtube {
> rewrite ^/youtube/(.*)$ http://wwww.youtube.com/$1;
> }
>
> This is enough.

Yes. There's no point in having a flag here, since the redirect is to
an external site, so no other location is tried for handling the
request. It exits immediately.

Thanks Igor,
--- appa


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: apache to nginx rewrite rule

On Wed, Dec 29, 2010 at 02:56:10PM -0500, Ilan Berkner wrote:

> that worked, thanks

You do not need "break".

location /youtube {
rewrite ^/youtube/(.*)$ http://wwww.youtube.com/$1;
}

This is enough.

> On Wed, Dec 29, 2010 at 12:15 PM, António P. P. Almeida <appa@perusio.net>wrote:
>
> > On 29 Dez 2010 17h04 WET, iberkner@gmail.com wrote:
> >
> > > Thanks, but no, I'm not confusing location with host name.
> > >
> > > I'm trying to redirect any requests on our domain as follows:
> > >
> > >
> > https://www.ourdomain.com/youtube/v/mydjFYoD4WS&hl=en_US&fs=1&rel=0&autoplay=1
> > >
> > > to:
> > >
> > > http://www.youtube.com/v/mydjFYoD4WS&hl=en_US&fs=1&rel=0&autoplay=1
> > >
> > > This is to solve a SSL warning issue. We're already doing it on
> > > another site using the .htaccess rule I provided.
> > >
> > > See: http://www.adammershon.com/display-youtube-videos-on-ssl-page/
> >
> > Try this:
> >
> > location /youtube {
> > rewrite ^/youtube/(.*)$ http://wwww.youtube.com/$1 break;
> > }
> >
> > --- appa
> >
> >
> > _______________________________________________
> > nginx mailing list
> > nginx@nginx.org
> > http://nginx.org/mailman/listinfo/nginx
> >

> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx


--
Igor Sysoev
http://sysoev.ru/en/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: apache to nginx rewrite rule

that worked, thanks

On Wed, Dec 29, 2010 at 12:15 PM, António P. P. Almeida <appa@perusio.net> wrote:
On 29 Dez 2010 17h04 WET, iberkner@gmail.com wrote:

> Thanks, but no, I'm not confusing location with host name.
>
> I'm trying to redirect any requests on our domain as follows:
>
> https://www.ourdomain.com/youtube/v/mydjFYoD4WS&hl=en_US&fs=1&rel=0&autoplay=1
>
> to:
>
> http://www.youtube.com/v/mydjFYoD4WS&hl=en_US&fs=1&rel=0&autoplay=1
>
> This is to solve a SSL warning issue.  We're already doing it on
> another site using the .htaccess rule I provided.
>
> See: http://www.adammershon.com/display-youtube-videos-on-ssl-page/

Try this:

location /youtube {
 rewrite ^/youtube/(.*)$ http://wwww.youtube.com/$1 break;
}

--- appa


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: apache to nginx rewrite rule

On 29 Dez 2010 17h04 WET, iberkner@gmail.com wrote:

> Thanks, but no, I'm not confusing location with host name.
>
> I'm trying to redirect any requests on our domain as follows:
>
> https://www.ourdomain.com/youtube/v/mydjFYoD4WS&hl=en_US&fs=1&rel=0&autoplay=1
>
> to:
>
> http://www.youtube.com/v/mydjFYoD4WS&hl=en_US&fs=1&rel=0&autoplay=1
>
> This is to solve a SSL warning issue. We're already doing it on
> another site using the .htaccess rule I provided.
>
> See: http://www.adammershon.com/display-youtube-videos-on-ssl-page/

Try this:

location /youtube {
rewrite ^/youtube/(.*)$ http://wwww.youtube.com/$1 break;
}

--- appa


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: apache to nginx rewrite rule

Thanks, but no, I'm not confusing location with host name.

I'm trying to redirect any requests on our domain as follows:


to:


This is to solve a SSL warning issue.  We're already doing it on another site using the .htaccess rule I provided.


for more specific information and example.

On Wed, Dec 29, 2010 at 10:37 AM, António P. P. Almeida <appa@perusio.net> wrote:
On 29 Dez 2010 15h30 WET, iberkner@gmail.com wrote:

> [1  <multipart/alternative (7bit)>]
> [1.1  <text/plain; ISO-8859-1 (7bit)>]
> Looking to do something like this:
>
> RewriteRule ^youtube/(.*)$ http://www.youtube.com/$1 [L]
>
> This the configuration I'm thinking of?
>
> location /youtube/
          ^^^^^^^^^

This means that you have a location /youtube not a host (vhost) youtube.com

> {
> rewrite ^(.*)$ http://www.youtube.com$1
> }

You seem to be confusing host (server_name) with location. That type
of rewriting must be done at the server (virtual host) level.

Cf. http://wiki.nginx.org/Pitfalls#Server_Name

--- appa


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: apache to nginx rewrite rule

On 29 Dez 2010 15h30 WET, iberkner@gmail.com wrote:

> [1 <multipart/alternative (7bit)>]
> [1.1 <text/plain; ISO-8859-1 (7bit)>]
> Looking to do something like this:
>
> RewriteRule ^youtube/(.*)$ http://www.youtube.com/$1 [L]
>
> This the configuration I'm thinking of?
>
> location /youtube/
^^^^^^^^^

This means that you have a location /youtube not a host (vhost) youtube.com

> {
> rewrite ^(.*)$ http://www.youtube.com$1
> }

You seem to be confusing host (server_name) with location. That type
of rewriting must be done at the server (virtual host) level.

Cf. http://wiki.nginx.org/Pitfalls#Server_Name

--- appa


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

apache to nginx rewrite rule

Looking to do something like this:

RewriteRule ^youtube/(.*)$ http://www.youtube.com/$1 [L]

This the configuration I'm thinking of?

location /youtube/
{
  rewrite ^(.*)$ http://www.youtube.com$1
}


Skipping the proxy cache based on a cookie?

Hi everyone,
I'm looking into setting up nginx as a proxy cache. I was wondering if
someone can elaborate a bit about ways to bypass the cache
in certain requests. For example, I'd like every new user to go to the
backend server once in order for some cookies to be written.
On further requests I'd like to serve the user with a cached copy of the
site.
How can I set a mechanism that bypasses the cache if a cookie with a
certain name does/does not exist?

Thanks!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,161969,161969#msg-161969


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

2010年12月28日星期二

Re: How to redirect all SSL traffic?

Things to do here:

* Select the "A redirection to a URL" option.
* Enter the https://yourdomain.com and then $S$Q. Remember, there's
no trailing slash after the domain.
* Select "The exact URL entered above""
* Select "A permanent redirection for this resource"
* Set Execute permission to None.
* You can select the same app pool as the original one.


https://www.thesslstore.com/geotrust/quickssl-premium.aspx>

--
Posted via http://www.ruby-forum.com/.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: "Hacking" the event model of Nginx

François Battail wrote in post #660685:
> Aleksandar Lazic <al-nginx@...> writes:
>
>> Have you taken a look into the libev
>> http://software.schmorp.de/pkg/libev.html or libevent
>> http://monkey.org/~provos/libevent/ before you have implement your own
>> epoll handlers
>
> Thank you for these hints, but I've already done this layer! I've
> bookmarked
> libev, maybe for an another project.
>
> Best regards

Is the implement of yours open?
I want to see how do you rewrite the epoll module,thanks

--
Posted via http://www.ruby-forum.com/.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

url rewriting problem

Hi,
I'm new to nginx, and I need to use many scripts which use apache2
rewrite rules.

One of my script use two htaccess:

[code]
find /var/www/vhosts/mysite.com/httpdocs/ -name .htaccess
./manager/install/.htaccess
./manager/.htaccess
[/code]

./manager/install/.htaccess => http://pastebin.com/2S2dh0NL

I tried:
[code]
location ^~ /install/ {
root
/var/www/vhosts/mysite.com/httpdocs/manager/install;
if (!-e $request_filename)
{
return 403;
}
rewrite ^domains /index.php?page=domains break;
rewrite (.*)\.php /index.php?page=$1&$query_string
break;
}
[/code]

Result:
- http://www.mysite.com/manager/install.php not working
- http://www.mysite.com/manager/index.php?page=install is working

so there is a problem.


./manager/.htaccess => http://pastebin.com/u55eCFYA

Still didn't try, i need to setup my script first.

Thanks for your help !

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,161768,161768#msg-161768


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Prefixing URL's

Hi,

On 28/12/2010 07:12, David J. wrote:
> I have an app that uses relative URLs
>
> ie: /media/assets/css/style.css
This is not a relative URL, it's an absolute URL from the base of the
current host.

You need to either use

media/assets/css/style.css

or

/app/media/assets/css/style.css

Marcus.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Prefixing URL's

Hello!

On Tue, Dec 28, 2010 at 12:12:49AM -0500, David J. wrote:

> I have an app that uses relative URLs
>
> ie: /media/assets/css/style.css
>
> in my server config I have
>
> location /app {
>
> #config stuff here.
> }
>
> When I go to "/app" from a browser the urls are not prefixed with
> "/app" they stay the same ie: "/media/assets/css/style.css"
>
> But because I mounted the "/app" rather than the root "/" the urls
> are no longer valid.
>
> "/media/assets/css/style.css" should be "/app/media/assets/css/style.css"
>
> What options are available to fix this?

By saying "not prefixed" you mean nginx doesn't replace urls in
your app's response? It is not supposed to do so.

Some trivial things may be resolved with sub filter module[1], more
complex cases generally require fixing application.

[1] http://wiki.nginx.org/HttpSubModule

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Prefixing URL's

On 28 Dez 2010 05h12 WET, david@styleflare.com wrote:

> I have an app that uses relative URLs
>
> ie: /media/assets/css/style.css
>
> in my server config I have
>
> location /app {
>
> #config stuff here.
> }
>
> When I go to "/app" from a browser the urls are not prefixed with
> "/app" they stay the same ie: "/media/assets/css/style.css"
>
> But because I mounted the "/app" rather than the root "/" the urls
> are no longer valid.
>
> "/media/assets/css/style.css" should be
> "/app/media/assets/css/style.css"
>
> What options are available to fix this?

Try this: http://wiki.nginx.org/NginxHttpCoreModule#alias

--- appa


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

2010年12月27日星期一

Prefixing URL's

I have an app that uses relative URLs

ie: /media/assets/css/style.css

in my server config I have

location /app {

#config stuff here.
}

When I go to "/app" from a browser the urls are not prefixed with "/app"
they stay the same ie: "/media/assets/css/style.css"

But because I mounted the "/app" rather than the root "/" the urls are
no longer valid.

"/media/assets/css/style.css" should be "/app/media/assets/css/style.css"

What options are available to fix this?


Thanks in advance for any guidance.


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: ipv4 & ipv6 Virtual Hosting - address in use

Hello!

On Mon, Dec 27, 2010 at 10:55:35AM -0500, petteyg359 wrote:

> Linux 2.6.34-gentoo-r12 x86_64 Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
> GenuineIntel GNU/Linux
> # nginx -V
> nginx version: nginx/0.8.53
> TLS SNI support enabled
> configure arguments: --prefix=/usr --sbin-path=/usr/sbin/nginx
> --conf-path=/etc/nginx/nginx.conf
> --error-log-path=/var/log/nginx/error_log --pid-path=/var/run/nginx.pid
> --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx
> --with-cc-opt=-I/usr/include --with-ld-opt=-L/usr/lib
> --http-log-path=/var/log/nginx/access_log
> --http-client-body-temp-path=/var/tmp/nginx/client
> --http-proxy-temp-path=/var/tmp/nginx/proxy
> --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi
> --http-scgi-temp-path=/var/tmp/nginx/scgi
> --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --with-ipv6 --with-pcre
> --without-http_autoindex_module --without-http_browser_module
> --without-http_charset_module --without-http_geo_module
> --without-http_map_module --without-http_memcached_module
> --without-http_referer_module --without-http_ssi_module
> --without-http_split_clients_module --without-http_userid_module
> --with-http_realip_module --with-http_ssl_module
> --without-mail_imap_module --without-mail_pop3_module
> --without-mail_smtp_module
>
> server {
> listen [::]:80 default_server;
> listen 80 default_server;
> return 444;
> }
> #According to docs, this config should fail, because without
> ipv6only=on,
> #this line should automatically listen on ipv4 interfaces also.

This shouldn't fail as long as you have ipv6-only bind as
default in your system. It won't even fail on OSes where binds on
ipv6 with ipv4 doesn't conflict with ipv4 explicit binds. This is
unrelated though.

> # netstat -lp | grep nginx
> tcp 0 0 *:http *:*
> LISTEN 31704/nginx.conf
> tcp6 0 0 [::]:http [::]:*
> LISTEN 31704/nginx.conf
>
> server {
> listen [::]:80 default_server ipv6only=on;
> return 444;
> }
> #I remove the listen 80 line, and add ipv6only=on
> # /etc/init.d/nginx start
> * Checking nginx' configuration ...
> the configuration file /etc/nginx/nginx.conf syntax is ok
> configuration file /etc/nginx/nginx.conf test is successful
>
> [ ok ]
> * Starting nginx ...
> [emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
> in use)
> [emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
> in use)
> [emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
> in use)
> [emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
> in use)
> [emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
> in use)
> [emerg]: still could not bind()
> * start-stop-daemon: failed to start `/usr/sbin/nginx'
> * Failed to start nginx
>
> [ !! ]
> * ERROR: nginx failed to start
>
> Not only does it not work as described, it seems to be trying to bind a
> specific address multiple times, and maybe succeeding the first time,
> because there's nothing else running on any interface port 80, so it
> fails since it can't successfully bind the same address a second time.

Could you please provide *full config* which triggers the problem?
In particular, full list of server{} blocks with their "listen"
directives.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: ipv4 & ipv6 Virtual Hosting - address in use

Linux 2.6.34-gentoo-r12 x86_64 Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
GenuineIntel GNU/Linux
# nginx -V
nginx version: nginx/0.8.53
TLS SNI support enabled
configure arguments: --prefix=/usr --sbin-path=/usr/sbin/nginx
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error_log --pid-path=/var/run/nginx.pid
--lock-path=/var/lock/nginx.lock --user=nginx --group=nginx
--with-cc-opt=-I/usr/include --with-ld-opt=-L/usr/lib
--http-log-path=/var/log/nginx/access_log
--http-client-body-temp-path=/var/tmp/nginx/client
--http-proxy-temp-path=/var/tmp/nginx/proxy
--http-fastcgi-temp-path=/var/tmp/nginx/fastcgi
--http-scgi-temp-path=/var/tmp/nginx/scgi
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --with-ipv6 --with-pcre
--without-http_autoindex_module --without-http_browser_module
--without-http_charset_module --without-http_geo_module
--without-http_map_module --without-http_memcached_module
--without-http_referer_module --without-http_ssi_module
--without-http_split_clients_module --without-http_userid_module
--with-http_realip_module --with-http_ssl_module
--without-mail_imap_module --without-mail_pop3_module
--without-mail_smtp_module

server {
listen [::]:80 default_server;
listen 80 default_server;
return 444;
}
#According to docs, this config should fail, because without
ipv6only=on,
#this line should automatically listen on ipv4 interfaces also.
# netstat -lp | grep nginx
tcp 0 0 *:http *:*
LISTEN 31704/nginx.conf
tcp6 0 0 [::]:http [::]:*
LISTEN 31704/nginx.conf

server {
listen [::]:80 default_server ipv6only=on;
return 444;
}
#I remove the listen 80 line, and add ipv6only=on
# /etc/init.d/nginx start
* Checking nginx' configuration ...
the configuration file /etc/nginx/nginx.conf syntax is ok
configuration file /etc/nginx/nginx.conf test is successful

[ ok ]
* Starting nginx ...
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: still could not bind()
* start-stop-daemon: failed to start `/usr/sbin/nginx'
* Failed to start nginx

[ !! ]
* ERROR: nginx failed to start

Not only does it not work as described, it seems to be trying to bind a
specific address multiple times, and maybe succeeding the first time,
because there's nothing else running on any interface port 80, so it
fails since it can't successfully bind the same address a second time.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,154862,161461#msg-161461


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: underscores_in_headers not functioning when using default option for listen directive

Hello!

On Mon, Dec 27, 2010 at 03:38:10PM +0100, Sylvain Rabot wrote:

> On Mon, 2010-12-27 at 15:48 +0200, Maxim Dounin wrote:
> > Hello!
> >
> > On Mon, Dec 27, 2010 at 01:21:14PM +0100, Sylvain Rabot wrote:
> >
> > > Hi,
> > >
> > > We are using nginx 0.7.68 and we encountered a small problem with the
> > > underscores_in_headers directive.
> > >
> > > Use case, 2 servers section :
> > >
> > > server {
> > > listen 80 default;
> > > server_name *.domain.com;
> > >
> > > ...
> > > }
> > >
> > > server {
> > > listen 80;
> > > server_name titi.domain-b.com;
> > > underscores_in_headers on;
> > >
> > > ...
> > > }
> > >
> > > In that case the underscores_in_headers directive of the second server
> > > is not taken care of.
> >
> > This is expected. Header parsing happens in context of default
> > server, before server_name matching (as server_name matching
> > requires parsing Host header).
>
> It makes sense. So shouldn't this directive be in the 'http'
> configuration section only ?

No, it's still usable at server{} level for separate listen sockets
(i.e. non-virtual servers). Consider the following example:

server {
listen 127.0.0.1:80;
underscores_in_headers on;
...
}

server {
listen 80;
...
}

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: underscores_in_headers not functioning when using default option for listen directive

On Mon, 2010-12-27 at 15:48 +0200, Maxim Dounin wrote:
> Hello!
>
> On Mon, Dec 27, 2010 at 01:21:14PM +0100, Sylvain Rabot wrote:
>
> > Hi,
> >
> > We are using nginx 0.7.68 and we encountered a small problem with the
> > underscores_in_headers directive.
> >
> > Use case, 2 servers section :
> >
> > server {
> > listen 80 default;
> > server_name *.domain.com;
> >
> > ...
> > }
> >
> > server {
> > listen 80;
> > server_name titi.domain-b.com;
> > underscores_in_headers on;
> >
> > ...
> > }
> >
> > In that case the underscores_in_headers directive of the second server
> > is not taken care of.
>
> This is expected. Header parsing happens in context of default
> server, before server_name matching (as server_name matching
> requires parsing Host header).

It makes sense. So shouldn't this directive be in the 'http'
configuration section only ?

>
> > To make it work we have to either remove 'default'
> > option from the listen directive of the first server or add
> > 'underscores_in_headers on' in the first server as well.
>
> Just removing "default" from the first server won't help, as first
> defined server (for the listen socket in question) will be
> implicitly selected as default anyway. Otherwise correct.
>
> Maxim Dounin

--
Sylvain <sylvain.rabot@f-secure.com>


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: How to configure without extension on nginx

IE is successful , the test file is download with chrome, why?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,161032,161427#msg-161427


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: underscores_in_headers not functioning when using default option for listen directive

Hello!

On Mon, Dec 27, 2010 at 01:21:14PM +0100, Sylvain Rabot wrote:

> Hi,
>
> We are using nginx 0.7.68 and we encountered a small problem with the
> underscores_in_headers directive.
>
> Use case, 2 servers section :
>
> server {
> listen 80 default;
> server_name *.domain.com;
>
> ...
> }
>
> server {
> listen 80;
> server_name titi.domain-b.com;
> underscores_in_headers on;
>
> ...
> }
>
> In that case the underscores_in_headers directive of the second server
> is not taken care of.

This is expected. Header parsing happens in context of default
server, before server_name matching (as server_name matching
requires parsing Host header).

> To make it work we have to either remove 'default'
> option from the listen directive of the first server or add
> 'underscores_in_headers on' in the first server as well.

Just removing "default" from the first server won't help, as first
defined server (for the listen socket in question) will be
implicitly selected as default anyway. Otherwise correct.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: ipv4 & ipv6 Virtual Hosting - address in use

Hello!

On Sun, Dec 26, 2010 at 03:36:16PM -0500, petteyg359 wrote:

> ipv6only=on seems to behave the opposite of what it should. I have a
> default_server listening on all interfaces. It works fine using
> listen [::]:80 default_server;
> listen 80 default_server;
>
> but if I do
> listen [::]:80 default_server ipv6only=on;
> listen 80 default_server;
>
> then I get a bunch of errors about already bound addresses on startup.
> net.ipv6.bindv6only is set to 1.

Works ok here.

You may want to provide more details, i.e. exact nginx version you
are using, full config which triggers the problem and OS details.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

underscores_in_headers not functioning when using default option for listen directive

Hi,

We are using nginx 0.7.68 and we encountered a small problem with the
underscores_in_headers directive.

Use case, 2 servers section :

server {
listen 80 default;
server_name *.domain.com;

...
}

server {
listen 80;
server_name titi.domain-b.com;
underscores_in_headers on;

...
}

In that case the underscores_in_headers directive of the second server
is not taken care of. To make it work we have to either remove 'default'
option from the listen directive of the first server or add
'underscores_in_headers on' in the first server as well.

Regards.

--
Sylvain <sylvain.rabot@f-secure.com>

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Fair Module

Fair ModuleHi,

> Is there a possibility to check if the HttpUpstreamFairModule is installed
> right on our Nginx setup?

You can check compile-time options with "nginx -V". They should contain
something like "--add-module=/path/to/fair" if you've got "upstream_fair"
installed... But you've got it, otherwise nginx would complain about unknown
"fair" directive.

> We are using the fair module in combination with ip hash to keep the
> sessions alive.

You can't do that. Load balancers ("ip_hash" & "fair") are exclusive, so you
can't combine them.

> We've tested it from several ip spaces but we always are thrown to the
> same web server.
>
> Config upstream:
>
> upstream testvip {
> fair default; #default weighted least-connection round robin
> #ip_hash;
> server xxx.xxx.xxx.xxx max_fails=5 fail_timeout=20s weight=3;
> server xxx.xxx.xxx.xxx max_fails=5 fail_timeout=20s weight=1 ;
> }

Fair Module

Fair Module Hello,

Is there a possibility to check if the HttpUpstreamFairModule is installed right on our Nginx setup?

When we make a new setup to test the fair module it doesn’t load balance. We are using the fair module in combination with ip hash to keep the sessions alive.

We’ve tested it from several ip spaces but we always are thrown to the same web server.

Config upstream:

upstream testvip {
        fair default; #default weighted least-connection round robin
        #ip_hash;
        server xxx.xxx.xxx.xxx max_fails=5 fail_timeout=20s weight=3;
        server xxx.xxx.xxx.xxx max_fails=5 fail_timeout=20s weight=1 ;
    }

2010年12月26日星期日

Re: DDoS protection module suggestion

ken107 at 2010-12-26 17:49 wrote:
> My friend's website promoting freedom of speech in communist Vietnam has
> recently been brought down by a 400k+ IP DDOS launched affirmatively by
> a government-sponsored cyber army. I've been asked for some ideas, and
> have had some experienced warding off some minor DDOS on my own
> non-political website.
>
> Anyway, I've read this great discussion thread and came up with an idea
> that I think might work, especially for us individual webmasters who
> can't afford large distributed networks that can absorb such massive
> attacks. It is as follows, please let me know your thoughts:
>
> 1. Use iptables to redirect all traffic to reCaptcha validation page
> - reCaptcha generation is handled by Google's distributed network
> designed to withstand DDOS
> - the reCaptcha validation page is therefore a static page and does not
> weigh down your server's processing power
>
> 2. Once validated, the IP is added to iptables Allow list, and the user
> is redirected back to homepage
> - entries that have been idle for some time should be removed from the
> list
>
>
You also can use my nginx_secure_cookie_module(https:
//github.com/yaoweibin/nginx_secure_cookie_module)to add some secure
cookie after reCaptcha validation.
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,147105,161145#msg-161145
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx
>
>


--
Weibin Yao


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: ipv4 & ipv6 Virtual Hosting - address in use

ipv6only=on seems to behave the opposite of what it should. I have a
default_server listening on all interfaces. It works fine using
listen [::]:80 default_server;
listen 80 default_server;

but if I do
listen [::]:80 default_server ipv6only=on;
listen 80 default_server;

then I get a bunch of errors about already bound addresses on startup.
net.ipv6.bindv6only is set to 1.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,154862,161268#msg-161268


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: How to configure without extension on nginx

On Sat, Dec 25, 2010 at 10:40:16PM -0500, letgohome wrote:

> I try it, but unsuccessful,
>
> [code]
> server {
> listen 80;
> server_name localhost;
> root /www/linux;
> index index.html index.php index.htm;
>
> location = /test {
> types {}
> default_type text/html;
> }
>
> location ~ \.php$ {
> # fastcgi_pass unix:/tmp/php-cgi.sock;
> fastcgi_pass 127.0.0.1:9000;
> fastcgi_index index.php;
> include fcgi.conf;
> }
> }
> [/code]

Probably browser has already cache the response.
Try another browser or try to rename location:

location = /test1 {
alias /www/linux/text;
...


--
Igor Sysoev
http://sysoev.ru/en/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: nginx_http_push_module production ready?

The last release was in february. I think I tried it last about 6 months ago and it was not stable. Nginx workers kept getting stuck in some sort of endless loop (100% cpu). There have been a few github commits since then, perhaps it got fixed.



Sergej


On Sun, Dec 26, 2010 at 5:26 PM, dpooy <nginx-forum@nginx.us> wrote:
We read about this wonderful module that turns our Nginx server into a
comet server as well - http://pushmodule.slact.net/, was just wondering
if other people have tried it in production, is it production ready?
Any real life stats?

Don't really want to add another java or python comet server if we don't
have to...

Thanks!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,161207,161207#msg-161207


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

nginx_http_push_module production ready?

We read about this wonderful module that turns our Nginx server into a
comet server as well - http://pushmodule.slact.net/, was just wondering
if other people have tried it in production, is it production ready?
Any real life stats?

Don't really want to add another java or python comet server if we don't
have to...

Thanks!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,161207,161207#msg-161207


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: https rewrite for subdirectory only

Ok, thanks.

On Sun, 26 Dec 2010 18:17:33 +0800, Edho P Arief <edhoprima@gmail.com>
wrote:

> On Sun, Dec 26, 2010 at 5:13 PM, gunawan <satemie@gmail.com> wrote:
>> Attached is the nginx.conf file, no separtion between server 80 and
>> server
>> 443.
>>
>> If I make separation between server 80 and server 443, it's ok.
>>
>
> That's the problem.
>
> Also it's recommended to make separate block for http and https.
>
> Here's what happens:
>
> 1. access http://$server_name/admin
> 2. matches /admin { } block, nginx redirects to
> https://$server_name/admin
> 3. matches /admin { } block, nginx redirects to
> https://$server_name/admin
> 4. repeat for infinity
>
> Firefox sanely stops following redirection when it detects such loop.
>
> tip: use
>
> rewrite ^ https://$server_name$request_uri?$args permanent;
>
> instead of
>
> rewrite ^(.*) https://$server_name$1 permanent;
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: https rewrite for subdirectory only

Attached is the nginx.conf file, no separtion between server 80 and server
443.

If I make separation between server 80 and server 443, it's ok.

Thanks.

On Sun, 26 Dec 2010 17:23:37 +0800, Edho P Arief <edhoprima@gmail.com>
wrote:

> On Sun, Dec 26, 2010 at 12:20 PM, gunawan <satemie@gmail.com> wrote:
>>
>> Hi,
>>
>> I'm a noob.
>>
>> How to rewrite http to https in /admin location only ?
>>
>> I put something like this in nginx.conf :
>> location /admin {
>> rewrite ^(.*) https://$server_name$1 permanent;
>> }
>>
>> But I always get error message "The page isn't redirecting properly" in
>> Firefox when I browse http://$server_name/admin
>>
>
>
> ...how about posting the full config file you're using.
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx


--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: https rewrite for subdirectory only

On Sun, Dec 26, 2010 at 5:13 PM, gunawan <satemie@gmail.com> wrote:
> Attached is the nginx.conf file, no separtion between server 80 and server
> 443.
>
> If I make separation between server 80 and server 443, it's ok.
>

That's the problem.

Also it's recommended to make separate block for http and https.

Here's what happens:

1. access http://$server_name/admin
2. matches /admin { } block, nginx redirects to https://$server_name/admin
3. matches /admin { } block, nginx redirects to https://$server_name/admin
4. repeat for infinity

Firefox sanely stops following redirection when it detects such loop.

tip: use

rewrite ^ https://$server_name$request_uri?$args permanent;

instead of

rewrite ^(.*) https://$server_name$1 permanent;

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: https rewrite for subdirectory only

Attached is the nginx.conf file, no separtion between server 80 and server
443.

If I make separation between server 80 and server 443, it's ok.

Thanks.

On Sun, 26 Dec 2010 17:23:37 +0800, Edho P Arief <edhoprima@gmail.com>
wrote:

> On Sun, Dec 26, 2010 at 12:20 PM, gunawan <satemie@gmail.com> wrote:
>>
>> Hi,
>>
>> I'm a noob.
>>
>> How to rewrite http to https in /admin location only ?
>>
>> I put something like this in nginx.conf :
>> location /admin {
>> rewrite ^(.*) https://$server_name$1 permanent;
>> }
>>
>> But I always get error message "The page isn't redirecting properly" in
>> Firefox when I browse http://$server_name/admin
>>
>
>
> ...how about posting the full config file you're using.
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx


--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: DDoS protection module suggestion

My friend's website promoting freedom of speech in communist Vietnam has
recently been brought down by a 400k+ IP DDOS launched affirmatively by
a government-sponsored cyber army. I've been asked for some ideas, and
have had some experienced warding off some minor DDOS on my own
non-political website.

Anyway, I've read this great discussion thread and came up with an idea
that I think might work, especially for us individual webmasters who
can't afford large distributed networks that can absorb such massive
attacks. It is as follows, please let me know your thoughts:

1. Use iptables to redirect all traffic to reCaptcha validation page
- reCaptcha generation is handled by Google's distributed network
designed to withstand DDOS
- the reCaptcha validation page is therefore a static page and does not
weigh down your server's processing power

2. Once validated, the IP is added to iptables Allow list, and the user
is redirected back to homepage
- entries that have been idle for some time should be removed from the
list

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,147105,161145#msg-161145


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: https rewrite for subdirectory only

On Sun, Dec 26, 2010 at 12:20 PM, gunawan <satemie@gmail.com> wrote:
>
> Hi,
>
> I'm a noob.
>
> How to rewrite http to https in /admin location only ?
>
> I put something like this in nginx.conf :
> location /admin {
>    rewrite     ^(.*)   https://$server_name$1 permanent;
> }
>
> But I always get error message "The page isn't redirecting properly" in
> Firefox when I browse http://$server_name/admin
>


...how about posting the full config file you're using.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

2010年12月25日星期六

Re: Amazon S3 authentication patch

On Feb 05, Vicente Aguilar wrote:
>Hi
>
>>> I believe better aproach would be to build separate module able to
>>> calculate required hash and then use proxy_set_header with
>>> appropriate variable.
>>
>> For whatever it's worth, I agree that we should make things as easy to
>> combine as possible, rather than making monolithic modules that cover
>> all cases.
>
>I guess you're both right, but I wouldn't know how to do that right
>now, I'm new to nginx internals. :-) I needed this feature ASAP and
>this approach was easier.
>
>I might rework it into a separate module as time permits.


Here is a module that provides basic S3 proxying without patching any of
the existing files: https://github.com/anomalizer/ngx_aws_auth

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

https rewrite for subdirectory only

Hi,

I'm a noob.

How to rewrite http to https in /admin location only ?

I put something like this in nginx.conf :
location /admin {
rewrite ^(.*) https://$server_name$1 permanent;
}

But I always get error message "The page isn't redirecting properly" in
Firefox when I browse http://$server_name/admin

Thanks.

Best regards

Gunawan
--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: How to configure without extension on nginx

I try it, but unsuccessful,

[code]
server {
listen 80;
server_name localhost;
root /www/linux;
index index.html index.php index.htm;

location = /test {
types {}
default_type text/html;
}

location ~ \.php$ {
# fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
}
[/code]

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,161032,161117#msg-161117


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: How to configure without extension on nginx

Hello!

On Sat, Dec 25, 2010 at 11:59:52AM -0500, letgohome wrote:

> Hi, I want to set http://abc.com/test can be viewed, not downloaded.
> how to configure mime.type.conf or nginx.conf file. Thank you!

location = /test {
types {}
default_type text/html;
}

http://wiki.nginx.org/HttpCoreModule#default_type
http://wiki.nginx.org/HttpCoreModule#types

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

How to configure without extension on nginx

Hi, I want to set http://abc.com/test can be viewed, not downloaded.
how to configure mime.type.conf or nginx.conf file. Thank you!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,161032,161032#msg-161032


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Nginx Warn Log

Hello!

On Sat, Dec 25, 2010 at 09:46:14AM -0500, codetr wrote:

> I added the line [code]
> proxy_buffering off;
> [/code]
> for parkeddomain and problem seems solved.. recommended for performance
> or stability can have a different setting vhost.conf and nginx.conf
> thanks.

Switching off proxy_buffering just to suppress warning about disk
buffering is bad idea. If you want to disable disk buffering
completely - use

proxy_max_temp_file_size 0;

instead.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Nginx Warn Log

I added the line [code]
proxy_buffering off;
[/code]
for parkeddomain and problem seems solved.. recommended for performance
or stability can have a different setting vhost.conf and nginx.conf
thanks.

my vhost.conf

[code]
server {
access_log off;

error_log /var/log/nginx/error.log warn;
listen 80;
server_name maindomain.com www.maindomain.com;

# uncomment location below to make nginx serve static files instead of
Apache
# NOTE this will cause issues with bandwidth accounting as files wont be
logged
location ~* \.(gif|jpg|jpeg|png|ico|js|css|exe|zip|rar)$ {
root /home/user/public_html;
}

location / {
proxy_send_timeout 90;
proxy_read_timeout 90;

proxy_buffer_size 4k;
# you can increase proxy_buffers here to suppress "an upstream response
# is buffered to a temporary file" warning
proxy_buffers 16 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;

proxy_connect_timeout 30s;

proxy_redirect http://www.maindomain.com:81 http://www.maindomain.com;
proxy_redirect http://maindomain.com:81 http://maindomain.com;

proxy_pass http://serverip:81/;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
access_log off;

error_log /var/log/nginx/error.log warn;
listen 80;
server_name forum.maindomain.com www.forum.maindomain.com;

# uncomment location below to make nginx serve static files instead of
Apache
# NOTE this will cause issues with bandwidth accounting as files wont be
logged
location ~* \.(gif|jpg|jpeg|ico|png|js|css)$ {
root /home/user/public_html/community;
}

location / {
proxy_send_timeout 90;
proxy_read_timeout 90;

proxy_buffer_size 4k;
# you can increase proxy_buffers here to suppress "an upstream response
# is buffered to a temporary file" warning
proxy_buffers 16 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;

proxy_connect_timeout 30s;

proxy_redirect http://www.forum.maindomain.com:81
http://www.forum.maindomain.com;
proxy_redirect http://forum.maindomain.com:81
http://forum.maindomain.com;

proxy_pass http://serverip:81/;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
access_log off;

error_log /var/log/nginx/error.log warn;
listen 80;
server_name domainparked.com www.domainparked.com;

# uncomment location below to make nginx serve static files instead of
Apache
# NOTE this will cause issues with bandwidth accounting as files wont be
logged
#location ~* \.(gif|jpg|jpeg|png|ico|js|css|exe|zip|rar)$ {
#root /home/user/public_html;
#}

location / {
proxy_send_timeout 90;
proxy_read_timeout 90;

proxy_buffering off; #add this line
#proxy_buffer_size 4k;
# you can increase proxy_buffers here to suppress "an upstream response
# is buffered to a temporary file" warning
#proxy_buffers 16 32k;
#proxy_busy_buffers_size 64k;
#proxy_temp_file_write_size 64k;

proxy_connect_timeout 30s;

proxy_redirect http://www.domainparked.com:81
http://www.domainparked.com;
proxy_redirect http://domainparked.com:81 http://domainparked.com;

proxy_pass http://serverip:81/;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
[/code]

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,161001,161013#msg-161013


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Issue with proxy_cache_key after rewrite

Hi,

Am 25.12.2010 04:48, schrieb Maxim Dounin:
> Default listed in wiki/docs isn't what actually used by default as
> proxy_cache_key. In russian docs[1] you may find something like
>
> By default value is similar to
> proxy_cache_key $scheme$proxy_host$uri$is_args$args;
>
> Word "similar" is key one. Actual value can't be expressed with
> variables. It's something like $proxy_url - but there are no such
> variable.
>
> [1] http://sysoev.ru/nginx/docs/http/ngx_http_proxy_module.html#proxy_cache_key

Aww, okay. So its a wiki documentation Bug. :) Thanks a lot, works now.

Regards,
Sven

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx