When using nginx in reverse proxy mode, is it possible to have nginx cache the result it got from the backend server (say for 1 minute) and just serve that without asking the backend server any more (until the 1 minute is up...)?
Scoundrel
· 3 years ago
joe, Actually, no. Nginx has only non-caching reverse proxying mode. But if your backend is some dynamic application on php/perl/java/etc, you can use memcached module to cache your answers and then nginx can get pages from cache.
matthew
· 3 years ago
I'm running nginx with a mongrel process in the background to serve RoR applications, but I'm having trouble getting nginx to serve static HTML pages from the document root. The server passes all requests, regardless of whether there is a directory/file in the document root to mongrel.
As you'll see, I have two virtual hosts defined. Eventually, I would like to have both hosts capable of server both RoR applications and static server content.
Thanks in advance for any advice.
Ian
· 3 years ago
Thanks for the resource. How do you have nginx reverse-proxy to http and https for apache?
It looks really interesting, can't wait to try it out.
Scoundrel
· 3 years ago
2Ian: You can take a look at sample config file from nginx distribution. there is some https example.
All ideas are the same but you need some additional params in server section of config to assign specific certificates for virtual host.
Scoundrel
· 3 years ago
2matthew: Take a look at my post about using nginx with rails and mongrel. there is some config file with rails caching support.
Ian
· 3 years ago
I just thought of something...
If nginx is running the ssl and reverse proxying to apache, does the _Apache_ have to be running ssl...or is the connection between nginx and apache encrypted. Just thought of that after reading some info on Pound and seeing how it acts as an SSL wrapper.
Scoundrel
· 3 years ago
2Ian: AFAIU, you can setup non-encrypted connection between nginx and apache. As for pound, afair, it is simple tcp balancer, so it may require ssl on apache because it would simple proxy users connection on ISO Model Level 3.
Ian
· 3 years ago
Made a partial jump last night...
Fired up nginx running an ssl connection and reverse proxying it to Apache.
All seemed to work okay. Fired up Squirrelmail and was able to read messages just fine. I did notice a problem when I tried to send message. After I hit "send" in Squirrelmail, the page wouldn't refresh to the message list, but stayed in the message edit page. The message DID get sent (I checked) but Squirrel wouldn't leave the compose message page.
I checked the error logs for nginx and saw this message:
SSL_do_handshake() failed (SSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 aler t bad certificate) while reading client request line, client: xxx.xxx.xxx.xxx, server: www.myserver.com
2Ian: Honestly speaking, I have not so big experience with nginx+ssl... I've forwarded your question to russian nginx mailing list. Will answer here or by email if someone will answer about this issue.
Ian
· 3 years ago
Thanks.
Ian
· 3 years ago
2scoundrel: I might have a bit of an "aha" moment here...fired up firefox's live headers and rec'd this after hitting the "send":
So, it looks like the Apache backend is misbehaving and not trying to redirect to
"https://www.myserver.com/webmail..."
I've seen several pages on how to configure Apache as a reverse proxy, but can't seem to find much on how it should be configured to be the backend.
aim
· 2 years ago
вот хотел спросить -- а есть возможность каждому виртуальному серверу своего пользователя указать?
сейчас у меня крутится apache-mpm-itk но в общем-то мне не нужен апач на сервере. но нужно раздавать кучу всякой статики для которой судя по всему nginx подходит как нельзя лучше...
Scoundrel
· 2 years ago
2aim: не - нельзя. Но можно извратиться и запустить N нгинксов по одному воркеру на каждого и на них спроксировать... через нгинкс номер N+1 :-)
Ray
· 2 years ago
I am testing nginx with your static configuration (first example in your post) and getting some strange behaviour:
For files larger than a few hundred kB, I often get a 206 partial or a 200, but the file does not send completely. This is very irregular. Sometimes it works, sometimes not. Any ideas?
hi anyone know how to get nginx to autostart on reboot.. using ssl and be able to have the passphrase ( which it always ask for on restart ) automatically entered. ??
Hi I am trying to configure Nginx as proxy POP3 server on a Linux 2.6.x system. When I try to use the example config files, nginx daemon says imap and mail as unrecognized words. Would appreciate any help in this regards.
2Fritzie: AFAIU, you need to enable mail support when you compile your nginx.
K Achary
· 1 year ago
Hi, Thanks for the previous response. Is it possible to enable SSL between NGINX and backend POP server. Can somebody please share any example configuration to achive this.
Basically the scenario I am talking about is, the end user POP3 client talks to the NGINX pop proxy over TCP port 110, then the NGINX server talks to backend POP3 server over SSL socket say 995.
I tried compiling the NGINX with mail_ssl support, but the TCP connection between NGINX and backend pop3 server gets established but SSL session set up does not happen.
I appreciate any help in this regard.
Thanks and regards
K Achary
Администраторша
· 1 year ago
Скажите, а где прописывать эти команды для нгинкс? Если создать .htaccess и в нём прописать. то будет работать?
Bruno
· 1 year ago
Hi, its possible to use Trac SCM on nginx with basic auth?
Добрые комиксы
· 1 year ago
i'm tired of fighting with nginx, so changed it with lighttpd
Anton
· 1 year ago
Здравствуйте. Кто нибудь в курсе как настроить nginx, так чтобы он смог обрабатывать URL большой длины т.е. длина HTTP GET запросов могла быть более 4-5 кб. При моей текущей конфигурации запросы такой длины приводят к появлению 414 ошибки.
Hans
· 1 year ago
Thanks for the nice overview. A question:
Could nginx be used as a HTTP wrapper for TCP protocols that do not speak HTTP, such as RTMP? Or with added SSL to function like stunnel?
All Comments
Actually, no. Nginx has only non-caching reverse proxying mode. But if your backend is some dynamic application on php/perl/java/etc, you can use memcached module to cache your answers and then nginx can get pages from cache.
For reference, I've uploaded my configuration file to a different server: http://macographie.com/nginx.conf.txt
As you'll see, I have two virtual hosts defined. Eventually, I would like to have both hosts capable of server both RoR applications and static server content.
Thanks in advance for any advice.
It looks really interesting, can't wait to try it out.
All ideas are the same but you need some additional params in server section of config to assign specific certificates for virtual host.
If nginx is running the ssl and reverse proxying to apache, does the _Apache_ have to be running ssl...or is the connection between nginx and apache encrypted. Just thought of that after reading some info on Pound and seeing how it acts as an SSL wrapper.
Fired up nginx running an ssl connection and reverse proxying it to Apache.
All seemed to work okay. Fired up Squirrelmail and was able to read messages just fine. I did notice a problem when I tried to send message. After I hit "send" in Squirrelmail, the page wouldn't refresh to the message list, but stayed in the message edit page. The message DID get sent (I checked) but Squirrel wouldn't leave the compose message page.
I checked the error logs for nginx and saw this message:
SSL_do_handshake() failed (SSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 aler
t bad certificate) while reading client request line, client: xxx.xxx.xxx.xxx, server: www.myserver.com
Here's the server config:
server {
listen 443;
root /usr/local/apache/htdocs;
server_name www.myserver.com;
ssl on;
ssl_certificate /usr/local/apache/conf/server.pem;
ssl_certificate_key /usr/local/apache/conf/server.key;
ssl_session_timeout 5m;
location / {
root shtml;
index index.shtml index.html;
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
Location: http://www.myserver.com:8080/webmail/src/right_...
So, it looks like the Apache backend is misbehaving and not trying to redirect to
"https://www.myserver.com/webmail..."
I've seen several pages on how to configure Apache as a reverse proxy, but can't seem to find much on how it should be configured to be the backend.
сейчас у меня крутится apache-mpm-itk но в общем-то мне не нужен апач на сервере. но нужно раздавать кучу всякой статики для которой судя по всему nginx подходит как нельзя лучше...
For files larger than a few hundred kB, I often get a 206 partial or a 200, but the file does not send completely. This is very irregular. Sometimes it works, sometimes not. Any ideas?
Thanks.
An example req/resp:
GET /static/f/testimage.jpg HTTP/1.1
Host: www.xxxx.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Range: bytes=544487-
If-Range: Wed, 04 Apr 2007 12:20:33 GMT
Cache-Control: max-age=0
HTTP/1.x 206 Partial Content
Date: Sat, 02 Jun 2007 11:15:58 GMT
Server: nginx/0.5.22
Content-Type: image/jpeg
Content-Length: 2949459
Last-Modified: Wed, 04 Apr 2007 12:20:33 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Range: bytes 544487-3493945/3493946
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
please send answer to chrisangileri@yahoo.com
thanks muchly
I am trying to configure Nginx as proxy POP3 server on a Linux 2.6.x system. When I try to use the example config files, nginx daemon says imap and mail as unrecognized words. Would appreciate any help in this regards.
achari_98 AT yahoo.com
Thanks for the previous response.
Is it possible to enable SSL between NGINX and backend POP server. Can somebody please share any example configuration to achive this.
Basically the scenario I am talking about is, the end user POP3 client talks to the NGINX pop proxy over TCP port 110, then the NGINX server talks to backend POP3 server over SSL socket say 995.
I tried compiling the NGINX with mail_ssl support, but the TCP connection between NGINX and backend pop3 server gets established but SSL session set up does not happen.
I appreciate any help in this regard.
Thanks and regards
K Achary
Если создать .htaccess и в нём прописать. то будет работать?
Could nginx be used as a HTTP wrapper for TCP protocols that do not speak HTTP, such as RTMP? Or with added SSL to function like stunnel?