You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pagespeed.apache.org by GitBox <gi...@apache.org> on 2021/05/27 20:02:30 UTC
[GitHub] [incubator-pagespeed-ngx] edatastyle opened a new issue #1734: Unfortunately, nginx and pagespeed stop working
edatastyle opened a new issue #1734:
URL: https://github.com/apache/incubator-pagespeed-ngx/issues/1734
Hi
i am running a server with nginx and page speed module and it's working great and working yesterday. Today i see my server is down, and it's not working anymore with the pagespeed module. below is my server config file .
nginx.conf
`user www-data;
worker_processes 1;
pid /run/nginx.pid;
#include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 3096;
use epoll;
# Accept as many connections as possible, after nginx gets notification about a new connection.
multi_accept on;
accept_mutex on;
# Workflows will take turns Connection
}
http {
##
# Basic Settings
##
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
access_log off;
log_not_found off;
types_hash_max_size 2048;
types_hash_bucket_size 64;
client_max_body_size 50m;
server_tokens off;
server_name_in_redirect off;
error_log /var/log/nginx-error.log warn;
reset_timedout_connection on;
send_timeout 3m;
keepalive_timeout 300;
keepalive_requests 100000;
client_body_buffer_size 50k;
client_header_buffer_size 3k;
large_client_header_buffers 2 6k;
client_body_timeout 10;
client_header_timeout 10;
include mime.types;
default_type application/octet-stream;
# Logging
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
# Gzip Settings
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 32 16k;
gzip_http_version 1.1;
gzip_min_length 250;
gzip_types image/jpeg image/bmp image/svg+xml text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript image/x-icon font/ttf font/eot font/otf font/woff2 application/x-font application/x-font-opentype application/x-font-otf font/woff application/x-font-truetype application/x-font-ttf application/x-font-woff application/x-font-woff2 image/webp;
# Turn on caching of open files
open_file_cache max=10000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
# buffers
fastcgi_read_timeout 300;
# Connect php-fpm via socket - works faster than by tcp
upstream php-fpm {
# This must corespond to "listen" directive in php-fpm pool
server unix:/run/php-fpm/php7.4-fpm.sock;
}
# DDoS Mitigation
limit_conn_zone $binary_remote_addr zone=perip:10m;
limit_conn perip 100;
limit_req_zone $binary_remote_addr zone=engine:10m rate=2r/s;
limit_req_zone $binary_remote_addr zone=static:10m rate=100r/s;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
`
and here is domain block
`server {
listen 94.237.89.197:80;
listen [2a04:3542:1000:910:6cd2:15ff:fe93:755c]:80;
#include /etc/nginx/snippets/letsencrypt.conf;
location / {
return 301 https://domain.com$request_uri;
}
}
server {
listen 94.237.89.197:443 ssl http2;
listen [2a04:3542:1000:910:6cd2:15ff:fe93:755c]:443 ssl http2;
server_name domain.com www.domain.com *.domain.com;
root /var/www/domain;
http2_push_preload on;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
add_header Content-Security-Policy upgrade-insecure-requests;
add_header Expect-CT 'enforce; max-age=7776000';
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# Optimize session cache
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 24h;
# Enable session tickets
ssl_session_tickets off;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844] 208.67.222.222 208.67.220.220 [2620:119:35::35] [2620:119:53::53] valid=60s;
resolver_timeout 5s;
ssl_buffer_size 6k;
ssl_trusted_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
include /etc/nginx/snippets/letsencrypt.conf;
#set client body size to 20M
client_max_body_size 10M;
index index.php index.html index.htm;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location / {
# try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?$args;
#ignored: "-" thing used or unknown variable in regex/rew
if (!-f $request_filename){
set $rule_1 1$rule_1;
}
if (!-d $request_filename){
set $rule_1 2$rule_1;
}
if ($rule_1 = "21"){
rewrite /. /index.php last;
}
# START Nginx Rewrites for Rank Math Sitemaps
rewrite ^/sitemap_index.xml$ /index.php?sitemap=1 last;
rewrite ^/([^/]+?)-sitemap([0-9]+)?.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
# END Nginx Rewrites for Rank Math Sitemaps
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/domain;
}
location /robots.txt {
alias /var/www/domain/robots.txt;
}
location ~ /.well-known {
allow all;
}
pagespeed on;
pagespeed FileCachePath "/var/cache/ngx_pagespeed/";
pagespeed RewriteLevel OptimizeForBandwidth;
location ~ ".pagespeed.([a-z].)?[a-z]{2}.[^.]{10}.[^.]+" {
add_header "" "";
}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|mp3|ogg|ogv|webm|htc)$ {
access_log off;
expires 365d;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js|woff2|woff|webp|eot|ttf|ogg)$ {
access_log off;
expires 365d;
add_header Cache-Control "public";
}
}
`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-pagespeed-ngx] Lofesa commented on issue #1734: Unfortunately, nginx and pagespeed stop working
Posted by GitBox <gi...@apache.org>.
Lofesa commented on issue #1734:
URL: https://github.com/apache/incubator-pagespeed-ngx/issues/1734#issuecomment-850543357
Hi
What messages have you in the log files?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org