服务器启动的时候dns解析失败,host直接绑定域名是一个解决方案,但是这样不太好
分类目录归档:Nginx
可怕的KCFErrordomainCFNetWork
Nginx 快速解决静态文件POST 405 Not Allowed
error_page 405 =200 $uri;produced an unexpected error: ‘ascii’ codec can’t decode byte 0xe9 in position
把配置文件里的中文字符串删除就好了
- $ sudo grep -r -P ‘[^\x00-\x7f]’ /etc/apache2 /etc/letsencrypt /etc/nginx
- 將看到的內容,全部進去檔案刪除
- 刪除這些編碼後,在重新執行 Let’s encrypt script 就可以通過囉~
Attempting to renew cert (www.xxx.com) from /etc/letsencrypt/renewal/www.xxx.com.conf produced an unexpected error: 'ascii' codec can't decode byte 0xe9 in position 5: ordinal not in range(128). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/m.xxx.com/fullchain.pem (failure)
/etc/letsencrypt/live/www.xxx.com/fullchain.pem (failure)参考链接:https://blog.longwin.com.tw/2019/01/letsencrypt-ascii-codec-decode-fixed-2019/
2019/08/21 14:39:53 [warn] 11628#11628: *2856217 an upstream response is buffered to a temporary file /var/cache/nginx/proxy_temp
“GET /_nuxt/fonts/c61b9c1.woff2 HTTP/1.1”
“GET /_nuxt/e46e23e8722289834df1.js HTTP/1.1”
代理里请求比较大的静态文件导致的!
nginx: [warn] duplicate MIME type “text/html”
我检查配置文件发现疑似gzip漏写了text/html,加上去后反而报警告了,百度发现:
https://blog.csdn.net/liangyuannao/article/details/21378113
解决办法:去掉下面一行中的“text/html”。
gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
原因:text/html根本就不需要写的,gzip默认就会压缩它的,只不过以前的nginx版本不提示这个警告而已,新版本的会出这个警告。
laravel 获取真实ip的事项
# 这个逻辑可以放在中间件里,判断白名单(127.0.0.1或你的其他代理服务器ip)
$ip = $request->ip();
if (in_array($ip, ['127.0.0.1']))
$request->setTrustedProxies($request->getClientIps(), Request::HEADER_X_FORWARDED_ALL);
# nginx 配套配置,如果你是nginx转发,按照这个标准来
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# 获取IP
echo $request->ip();X-Forwarded-For 相关连接:https://en.wikipedia.org/wiki/X-Forwarded-For
proxy_pass isn’t working when SELinux is enabled, why?
$ sudo setsebool httpd_can_network_connect 1 -P
https://stackoverflow.com/questions/27435655/proxy-pass-isnt-working-when-selinux-is-enabled-why
SELinux nginx切换目录
is forbidden (13: Permission denied), client:
chcon -R --reference=/usr/share/nginx/html/ /home/html/
# 将默认目录的权限配置复制到新的目录里ab压力测试
apr_socket_recv: Connection reset by peer:
https://www.cnblogs.com/archoncap/p/5883723.html
ulimit解除: https://blog.51cto.com/853056088/2091839
2019/05/03 07:43:36 [crit] 27684#27684: accept4() failed (24: Too many open files):
worker_rlimit_nofile 51200;
selinux 解除:
2019/05/03 07:46:07 [alert] 43314#43314: setrlimit(RLIMIT_NOFILE, 10000) failed (1: Operation not permitted)
setsebool -P httpd_setrlimit 1
php开启opcache可以提升80%左右qps
[root@abcdocker ~]# tail /etc/php.ini
zend_extension="opcache.so"