nginx添加如下配置然后reload一下就好了:
worker_rlimit_nofile 655350;
分类目录归档:Nginx
php-fpm 高并发、502解决方案
nginx 优化参数合集
X-Frame-Options 响应头
X-Frame-Options HTTP 响应头是用来给浏览器指示允许一个页面可否在 <frame>, <iframe>或者 <object> 中展现的标记。网站可以使用此功能,来确保自己网站的内容没有被嵌到别人的网站中去,也从而避免了点击劫持 (clickjacking) 的攻击。
X-Frame-Options 有三个值:
DENY- 表示该页面不允许在 frame 中展示,即便是在相同域名的页面中嵌套也不允许。
SAMEORIGIN- 表示该页面可以在相同域名页面的 frame 中展示。
ALLOW-FROM uri- 表示该页面可以在指定来源的 frame 中展示。
换一句话说,如果设置为 DENY,不光在别人的网站 frame 嵌入时会无法加载,在同域名页面中同样会无法加载。另一方面,如果设置为 SAMEORIGIN,那么页面就可以在同域名页面的 frame 中嵌套。
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/X-Frame-Options
nginx代理转发之,丢失的cookie处理
| Syntax: | proxy_cookie_path off;proxy_cookie_path path replacement; |
|---|---|
| Default: |
proxy_cookie_path off; |
| Context: | http, server, location |
This directive appeared in version 1.1.15.
upstream timed out (110: Connection timed out) while reading upstream
2018/04/26 23:34:39 [error] 10872#0: *268906 upstream timed out (110: Connection timed out) while reading upstream, client: 119.103.223.107, server: ****, request: “GET /**** HTTP/1.1”, upstream: “****”, host: “****”
#fastcgi_connect_timeout 600;
#fastcgi_read_timeout 600;
#fastcgi_send_timeout 600;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
upstream timed out (110: Connection timed out) while reading upstream,
upstream timed out (110: Connection timed out) while reading response header from upstream
(24: Too many open files)
2018/04/26 23:32:58 [crit] 1457#0: *259351 open() “/usr/share/nginx/html/50x.html” failed (24: Too many open files), client: 112.17.247.117, server: ***, request: “GET /*** HTTP/1.1”, upstream: “***”, host: “***”
worker_rlimit_nofile 65535;
nginx: [emerg] unknown directive “proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for” in
nginx配置代理转发,部分配置如下
location / {
# index index.html index.htm index.php;
# try_files $uri $uri/ /index.php$request_uri;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-Port $remote_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://10.29.185.61:8063;
}
reload nginx,正常,配置和header生效
restart nginx,重启失败。。。。
运行nginx,返回:
nginx: [emerg] unknown directive “proxy_set_header X-Real-IP $remote_addr” in /etc/nginx/doufu.la.conf:54
注释掉
# proxy_set_header X-Real-IP $remote_addr;
运行nginx,返回:
nginx: [emerg] unknown directive “proxy_set_header X-Real-Port $remote_port” in /etc/nginx/doufu.la.conf:55
注释掉
# proxy_set_header X-Real-Port $remote_port;
运行nginx,返回:
nginx: [emerg] unknown directive “proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for” in /etc/nginx/doufu.la.conf:56
注释掉
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
MMP,咋回事啊?
nginx -t啊,先test,论test的重要性
正确:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
结论:
不要随便copy代码
nginx location
| Syntax: | location [ = | ~ | ~* | ^~ ] uri { ... }location @name { ... } |
|---|---|
| Default: | — |
| Context: | server, location |
location匹配命令
~ #波浪线表示执行一个正则匹配,区分大小写
~* #表示执行一个正则匹配,不区分大小写
^~ #^~表示普通字符匹配,如果该选项匹配,只匹配该选项,不匹配别的选项,一般用来匹配目录
= #进行普通字符精确匹配
@ #”@” 定义一个命名的 location,使用在内部定向时,例如 error_page, try_files
location 匹配的优先级(与location在配置文件中的顺序无关)
nginx 413 request entity too large
http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size
| Syntax: | client_max_body_size size; |
|---|---|
| Default: |
client_max_body_size 1m;
|
| Context: | http, server, location |
这次不能忘记了啊