On Wed, Apr 10, 2019 at 2:21 PM allenhe wrote:
> Hi,
>
> My Nginx is configured with:
> proxy_next_upstream error timeout http_429 http_503;
>
> But I find it won't try the next available upstream server with the
> following error returned:
>
> 2019/04/05 20:11:41 [error] 85#85: *4903418 recv() f
The host is defined by the server, surely, and not by what the client tells
the server it is? And you tell the server what host it is by the
server_name directive (
https://nginx.org/en/docs/http/ngx_http_core_module.html#server_name).
-jf
On Sat, 24 Aug 2019, 01:39 Nuno Gonçalves, wrote:
> I a
On Sat, Aug 24, 2019 at 5:18 PM Nuno Gonçalves wrote:
>
> On Sat, Aug 24, 2019 at 8:24 AM Jeffrey 'jf' Lim wrote:
> >
> > The host is defined by the server, surely, and not by what the client tells
> > the server it is? And you tell the server what host it is
On Sat, Aug 24, 2019 at 9:32 PM Jeffrey 'jf' Lim wrote:
>
> On Sat, Aug 24, 2019 at 5:18 PM Nuno Gonçalves wrote:
> >
> > On Sat, Aug 24, 2019 at 8:24 AM Jeffrey 'jf' Lim
> > wrote:
> > >
> > > The host is defined by the server, su
I've been trying and scratching my head over this for some time now.
I've always set up a default server to return 444, but I've not been
able to make it do the 444 *always*. If I get an invalid response,
nginx "skips" the 444 to return 400 instead. I'd rather nginx do the
444, and not return 400.
directive. It seems
> like you need BOTH that and the `return 444` in the location block.
>
> Moshe
>
>
>
> On Mon, Jun 8, 2020 at 4:35 PM Jeffrey 'jf' Lim wrote:
>>
>> I've been trying and scratching my head over this for some time now.
>> I&#
ich
> is fine since it's a do-nothing site anyway), then you don't have to worry
> about it.
>
> Moshe
>
>
>
> On Mon, Jun 8, 2020 at 8:40 PM Jeffrey 'jf' Lim wrote:
>>
>> Thanks, Moshe. I've tried that, but I've found that if you s
dule.html#errors
>
> Moshe
>
>
>
> On Mon, Jun 8, 2020 at 9:30 PM Jeffrey 'jf' Lim wrote:
>>
>> No problem, Moshe! Thank you so much for testing this out for me! This
>> does take care of the case of "not HTTP" being sent (which is what
>
I've traditionally kept the 2 separate, but I'm wondering if it's ok
or if there are going to be any problems having the 2 directives write
to the same file. My sense is that it should be fine, but can anybody
who's more familiar - especially with the internals - comment? My file
path contains no v
I am discovering that nginx is logging the bytes sent by a client - in
raw form - in my error.log for the following error:
client sent invalid method while reading client request line, client:
NN.N.N.N, server: NAME, request: ",'�Cookie: mstshash=eltons"
Is there a way to get nginx to escape the
On Thu, Jul 30, 2020 at 8:06 PM Maxim Dounin wrote:
>
> Hello!
>
> On Tue, Jul 28, 2020 at 01:08:32PM +0800, Jeffrey 'jf' Lim wrote:
>
> > I am discovering that nginx is logging the bytes sent by a client - in
> > raw form - in my error.log for the followi
On Wed, Jan 13, 2021 at 2:04 PM sanjay wrote:
>
> Thanks for the update.
> I have already taken care to hide the "nginx".
>
> With CAPITAL letters, my testcase using "POSTSSS" for request_method, works
> fine.However, for mixed-case and small-case , nginx default rule applies and
> control doe
Does anybody know what will get logged (I assume in error_log) for the
case when send_timeout is exceeded?
-jf
--
He who settles on the idea of the intelligent man as a static entity
only shows himself to be a fool.
___
nginx mailing list
nginx@nginx.or
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling
has a note about not needing 'ssl_trusted_certificate' if
ssl_certificate has intermediate certificates. I do not see a similar
note for ssl_stapling_verify
(http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling_verif
On Wed, Sep 29, 2021 at 9:24 PM Maxim Dounin wrote:
>
> Hello!
>
> On Wed, Sep 29, 2021 at 12:47:58PM +0800, Jeffrey 'jf' Lim wrote:
>
> > http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling
> > has a note about not needing 'ssl_trust
On Wed, Sep 29, 2021 at 9:42 PM Jeffrey 'jf' Lim wrote:
>
> On Wed, Sep 29, 2021 at 9:24 PM Maxim Dounin wrote:
> >
> > Hello!
> >
> > On Wed, Sep 29, 2021 at 12:47:58PM +0800, Jeffrey 'jf' Lim wrote:
> >
> > > http://nginx.org/en
On Sun, Feb 13, 2022 at 10:45 AM Moshe Katz wrote:
>
> I can't speak for the nginx team, but as noted by "Severity: none", I assume
> they agree with many other vendors that this is not actually a vulnerability
> in nginx itself.
>
> For example, here is what the authors of Varnish said in respo
On Sun, Dec 11, 2022 at 8:03 AM Mik J via nginx wrote:
>
> Hello,
>
> My Nginx server sends syslogs to my remote syslog server with a host =
> myserver.mydomain.org
> However I would like that the host to be the IP a specific IP of the server
> (which exists)
>
> On my Nginx server
> server {
>
This is more of a curiosity thing, I guess, than anything else, but...
how do you trigger an "proxy_next_upstream invalid_header" when
testing?
I've tried basically sending random text from an upstream ('nc -l')...
but nginx holds on to the connection and ends up triggering a
"timeout" instead. If
On Thu, Jan 25, 2018 at 8:22 PM, Roman Arutyunyan wrote:
> Hi Jeffrey,
>
> On Thu, Jan 25, 2018 at 05:41:50PM +0800, Jeffrey 'jf' Lim wrote:
>> This is more of a curiosity thing, I guess, than anything else, but...
>> how do you trigger an "proxy_next_upst
On Tue, Mar 19, 2013 at 10:43 PM, Peter Booth wrote:
> The code does the following:
>
> 1. remove an HTTP header named "SWSSLHDR"
> 2. replaces it with SWSSLHDR: port, where the port is the local port of
> the "current context's TCP connection", presumably the port that your F5
> virtual server is
On Wed, Mar 20, 2013 at 3:05 PM, Igor Sysoev wrote:
> On Mar 19, 2013, at 19:42 , wbr...@e1b.org wrote:
>
>> Peter Booth wrote on 03/19/2013 10:43:12 AM:
>>
>>> The code does the following:
>>>
>>> 1. remove an HTTP header named "SWSSLHDR"
>>> 2. replaces it with SWSSLHDR: port, where the port is
On Thu, Jul 18, 2013 at 5:06 PM, Kim Yong wrote:
> Hi I'd like to know if setting keepalive for a specific location is
> possible. Right now I have only managed to get it working on server {}
> directive but not location {} directive.
>
it seems possible according to the docs.
http://wiki.nginx.o
could open other cans of worms.
>
eh... no kidding? IF you really, really have to stick to that version,
perhaps a chain of nginxes might work.
-jf
>
> On Thu, Jul 18, 2013 at 5:15 PM, Jeffrey 'jf' Lim
> wrote:
>>
>> On Thu, Jul 18, 2013 at 5:06 PM, Kim Yong
On Thu, Feb 15, 2024 at 1:59 AM Maxim Dounin wrote:
> Hello!
>
> As you probably know, F5 closed Moscow office in 2022, and I no
> longer work for F5 since then. Still, we’ve reached an agreement
> that I will maintain my role in nginx development as a volunteer.
> And for almost two years I was
25 matches
Mail list logo
