Nginx

Nginx

109
Views

Hi all, I have a situation where i have to use nginx.conf file in my angular project.

Reply

Questionsnanotree posted a question • 1 users followed • 0 replies • 109 views • 2019-03-23 15:22 • data from similar tags

96
Views

How to backup your whole website program on centos7 and nginx server as soon as possible?Just follow this step by step tutorial

ExperienceLuboff posted the article • 1 comments • 96 views • 2019-03-11 22:17 • data from similar tags

Step 1.  Login your server via terminal , I use ssh , so I typed ssh [email protected] your.server.ip.here

Step 2. My website program folder  in /user/local/openresty/ningx/html/. So I typed this command in my terminal .If you use 

nginx and apache , just make sure your folder dirctory is correct.tar -zcvf html.tar.gz /usr/local/openresty/nginx/html/*

step 3.  your server would begin to backup automatically ,keep wait until terminal show hashtag #  again. And then you would find html.tar.gz in your server root directory












step 4. Now ,you can use Transmit or Yummy Ftp server tools to download to your local computer. view all
Step 1.  Login your server via terminal , I use ssh , so I typed 
ssh [email protected]  your.server.ip.here


Step 2. My website program folder  in /user/local/openresty/ningx/html/. So I typed this command in my terminal .If you use 

nginx and apache , just make sure your folder dirctory is correct.
tar -zcvf html.tar.gz /usr/local/openresty/nginx/html/*


step 3.  your server would begin to backup automatically ,keep wait until terminal show hashtag #  again. And then you would find html.tar.gz in your server root directory



屏幕快照_2019-03-11_下午7.25_.04_.png






step 4. Now ,you can use Transmit or Yummy Ftp server tools to download to your local computer.
148
Views

Caddy vs SSLDocker vs Nginx , which is the best suitable web server for your vps ? I tested their performance with step by step tutorial

ExperienceEston posted the article • 0 comments • 148 views • 2019-03-08 11:28 • data from similar tags

1. I tested them on RAM 1 GB vps, i use hey 1 send requests 
 # ./hey -n=20000 -c=5 https://mydomain.com/
2. Caddy results:
 
 
 Summary:
Total: 64.9214 secs
Slowest: 0.7156 secs
Fastest: 0.0031 secs
Average: 0.0161 secs
Requests/sec: 308.0650

Response time histogram:
0.003 [1] |
0.074 [19888] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.146 [2] |
0.217 [2] |
0.288 [2] |
0.359 [90] |
0.431 [1] |
0.502 [11] |
0.573 [1] |
0.644 [1] |
0.716 [1] |
 
4. SSLDocker results:
 Summary:
Total: 63.0618 secs
Slowest: 0.4883 secs
Fastest: 0.0030 secs
Average: 0.0156 secs
Requests/sec: 317.1490

Response time histogram:
0.003 [1] |
0.052 [19865] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.100 [1] |
0.149 [2] |
0.197 [1] |
0.246 [0] |
0.294 [15] |
0.343 [95] |
0.391 [0] |
0.440 [2] |
0.488 [18] |
 
5. Nginx (openresty) results:Summary:
Total: 57.8501 secs
Slowest: 0.0523 secs
Fastest: 0.0029 secs
Average: 0.0144 secs
Requests/sec: 345.7212

Response time histogram:
0.003 [1] |
0.008 [539] |∎∎
0.013 [4327] |∎∎∎∎∎∎∎∎∎∎∎∎∎
0.018 [13150] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.023 [1397] |∎∎∎∎
0.028 [404] |∎
0.033 [120] |
0.037 [35] |
0.042 [18] |
0.047 [4] |
0.052 [5] |
 
6. Requests per second (RPS)Caddy 308 < SSLDocker 317 < Nginx 345
Nginx and SSLDocker have better performance
 
Caddy config:mydomain.com {
gzip
proxy / 127.0.0.1:8999
}
mydomain2.com {
proxy / 127.0.0.1:8888
}
SSLDocker config:{
"Email": "[email protected]",
"GzipOn": true,
"Http2https": true,
"MaxHeader": 10,
"Certs": "certs",
"ProxyItems": [
{"Host": "mydomain.com", "Target": "http://localhost:8999"},
{"Host": "mydomain2.com", "Target": "http://localhost:8888"}
]
}
Nginx config:
 server {
listen 443;
server_name mydomain.com;

ssl on;
ssl_certificate /root/ssl/chained.pem;
ssl_certificate_key /root/ssl/domain.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
ssl_prefer_server_ciphers on;

location ^~ /.well-known/acme-challenge/ {
alias /var/www/myapp/;
try_files $uri =404;
}

location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8999;
}
}
 
So  When should you use caddy and ssl docker?
 
my answer: if you run multiple websites,and each website use https .if you think it's hard and complex to config https ,you should use caddy and SSLDocker, they  would auto generate ssl . Nginx is stable and mature , you can search lots of solutions when you meet issues.
 
 
 
 
 
 
 
 
  view all
1. I tested them on RAM 1 GB vps, i use hey 1 send requests 
 
# ./hey -n=20000 -c=5 https://mydomain.com/

2. Caddy results:
 
 
 
Summary:
Total: 64.9214 secs
Slowest: 0.7156 secs
Fastest: 0.0031 secs
Average: 0.0161 secs
Requests/sec: 308.0650

Response time histogram:
0.003 [1] |
0.074 [19888] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.146 [2] |
0.217 [2] |
0.288 [2] |
0.359 [90] |
0.431 [1] |
0.502 [11] |
0.573 [1] |
0.644 [1] |
0.716 [1] |

 
4. SSLDocker results:
 
Summary: 
Total: 63.0618 secs
Slowest: 0.4883 secs
Fastest: 0.0030 secs
Average: 0.0156 secs
Requests/sec: 317.1490

Response time histogram:
0.003 [1] |
0.052 [19865] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.100 [1] |
0.149 [2] |
0.197 [1] |
0.246 [0] |
0.294 [15] |
0.343 [95] |
0.391 [0] |
0.440 [2] |
0.488 [18] |

 
5. Nginx (openresty) results:
Summary:
Total: 57.8501 secs
Slowest: 0.0523 secs
Fastest: 0.0029 secs
Average: 0.0144 secs
Requests/sec: 345.7212

Response time histogram:
0.003 [1] |
0.008 [539] |∎∎
0.013 [4327] |∎∎∎∎∎∎∎∎∎∎∎∎∎
0.018 [13150] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.023 [1397] |∎∎∎∎
0.028 [404] |∎
0.033 [120] |
0.037 [35] |
0.042 [18] |
0.047 [4] |
0.052 [5] |

 
6. Requests per second (RPS)
Caddy 308 < SSLDocker 317 < Nginx 345

Nginx and SSLDocker have better performance
 
Caddy config:
mydomain.com {
gzip
proxy / 127.0.0.1:8999
}
mydomain2.com {
proxy / 127.0.0.1:8888
}

SSLDocker config:
{
"Email": "[email protected]",
"GzipOn": true,
"Http2https": true,
"MaxHeader": 10,
"Certs": "certs",
"ProxyItems": [
{"Host": "mydomain.com", "Target": "http://localhost:8999"},
{"Host": "mydomain2.com", "Target": "http://localhost:8888"}
]
}

Nginx config:
 
server {
listen 443;
server_name mydomain.com;

ssl on;
ssl_certificate /root/ssl/chained.pem;
ssl_certificate_key /root/ssl/domain.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
ssl_prefer_server_ciphers on;

location ^~ /.well-known/acme-challenge/ {
alias /var/www/myapp/;
try_files $uri =404;
}

location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8999;
}
}

 
So  When should you use caddy and ssl docker?
 
my answer: if you run multiple websites,and each website use https .if you think it's hard and complex to config https ,you should use caddy and SSLDocker, they  would auto generate ssl . Nginx is stable and mature , you can search lots of solutions when you meet issues.
 
 
 
 
 
 
 
 
 
152
Views

How to check and generate an accurate nginx config file

Experienceevan posted the article • 0 comments • 152 views • 2019-03-08 10:49 • data from similar tags

1.  go to https://nginxconfig.io and select what stacks your are using . this site support Php,node js ,Django,Magento,etc.
 
2. type your domain name ,e.g .  I typed mydomain.com for test.





 
 
3. click the Generated config blue button and download a zip file,and open it.
 





 
4. these are common config file you can view(Server):# Virtual host: create symbolic links
ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf /etc/nginx/sites-enabled

# HTTPS - certbot (before first run): create ACME-challenge common directory
mkdir -p /var/www/_letsencrypt && chown www-data /var/www/_letsencrypt

# HTTPS - certbot (before first run): disable SSL directives
sed -i -r 's/(listen .*443)/\1;#/g; s/(ssl_(certificate|certificate_key|trusted_certificate) )/#;#\1/g' /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf

# HTTPS - certbot: obtain certificates
certbot certonly --webroot -d example.com -d www.example.com --email [email protected] -w /var/www/_letsencrypt -n --agree-tos --force-renewal
certbot certonly --webroot -d mydomain.com -d www.mydomain.com --email [email protected] -w /var/www/_letsencrypt -n --agree-tos --force-renewal

# HTTPS - certbot (after first run): enable SSL directives
sed -i -r 's/#?;#//g' /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf
 
/etc/nginx/nginx.conf
 # Generated by nginxconfig.io
# https://nginxconfig.io/%3F1.do ... false

user www-data;
pid /run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;

events {
multi_accept on;
worker_connections 65535;
}

http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
log_not_found off;
types_hash_max_size 2048;
client_max_body_size 16M;

# MIME
include mime.types;
default_type application/octet-stream;

# logging
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;

# SSL
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;

# modern configuration
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_prefer_server_ciphers on;

# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s;
resolver_timeout 2s;

# load configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
 
/etc/nginx/sites-available/example.com.confserver {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name www.example.com;
set $base /var/www/example.com;
root $base/public;

# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

# index.php
index index.php;

# index.php fallback
location / {
try_files $uri $uri/ /index.php?$query_string;
}

# handle .php
location ~ \.php$ {
include nginxconfig.io/php_fastcgi.conf;
}

include nginxconfig.io/general.conf;
}

# non-www, subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name .example.com;

# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

return 301 https://www.example.com$request_uri;
}

# HTTP redirect
server {
listen 80;
listen [::]:80;

server_name .example.com;

include nginxconfig.io/letsencrypt.conf;

location / {
return 301 https://example.com$request_uri;
}
}
 
 
 
/etc/nginx/sites-available/mydomain.com.conf
 server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name www.mydomain.com;
set $base /var/www/mydomain.com;
root $base/public;

# SSL
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/chain.pem;

# index.php
index index.php;

# index.php fallback
location / {
try_files $uri $uri/ /index.php?$query_string;
}

# handle .php
location ~ \.php$ {
include nginxconfig.io/php_fastcgi.conf;
}

include nginxconfig.io/general.conf;
}

# non-www, subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name .mydomain.com;

# SSL
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/chain.pem;

return 301 https://www.mydomain.com$request_uri;
}

# HTTP redirect
server {
listen 80;
listen [::]:80;

server_name .mydomain.com;

include nginxconfig.io/letsencrypt.conf;

location / {
return 301 https://www.mydomain.com$request_uri;
}
}
 
/etc/nginx/nginxconfig.io/php_fastcgi.conf
 # 404
try_files $fastcgi_script_name =404;

# default fastcgi_params
include fastcgi_params;

# fastcgi settings
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;

# fastcgi params
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$base/:/usr/lib/php/:/tmp/";
 
/etc/nginx/nginxconfig.io/general.conf# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

# . files
location ~ /\.(?!well-known) {
deny all;
}

# assets, media
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 7d;
access_log off;
}

# svg, fonts
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
expires 7d;
access_log off;
}

# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/xml+rss application/atom+xml image/svg+xml;
 
 
 
  view all
1.  go to https://nginxconfig.io and select what stacks your are using . this site support Php,node js ,Django,Magento,etc.
 
2. type your domain name ,e.g .  I typed mydomain.com for test.

屏幕快照_2019-03-08_上午8.36_.04_.png

 
 
3. click the Generated config blue button and download a zip file,and open it.
 
屏幕快照_2019-03-08_上午8.37_.54_.png


 
4. these are common config file you can view(Server):
# Virtual host: create symbolic links
ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf /etc/nginx/sites-enabled

# HTTPS - certbot (before first run): create ACME-challenge common directory
mkdir -p /var/www/_letsencrypt && chown www-data /var/www/_letsencrypt

# HTTPS - certbot (before first run): disable SSL directives
sed -i -r 's/(listen .*443)/\1;#/g; s/(ssl_(certificate|certificate_key|trusted_certificate) )/#;#\1/g' /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf

# HTTPS - certbot: obtain certificates
certbot certonly --webroot -d example.com -d www.example.com --email [email protected] -w /var/www/_letsencrypt -n --agree-tos --force-renewal
certbot certonly --webroot -d mydomain.com -d www.mydomain.com --email [email protected] -w /var/www/_letsencrypt -n --agree-tos --force-renewal

# HTTPS - certbot (after first run): enable SSL directives
sed -i -r 's/#?;#//g' /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf

 
/etc/nginx/nginx.conf
 
# Generated by nginxconfig.io
# https://nginxconfig.io/%3F1.do ... false

user www-data;
pid /run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;

events {
multi_accept on;
worker_connections 65535;
}

http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
log_not_found off;
types_hash_max_size 2048;
client_max_body_size 16M;

# MIME
include mime.types;
default_type application/octet-stream;

# logging
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;

# SSL
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;

# modern configuration
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_prefer_server_ciphers on;

# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s;
resolver_timeout 2s;

# load configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

 
/etc/nginx/sites-available/example.com.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name www.example.com;
set $base /var/www/example.com;
root $base/public;

# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

# index.php
index index.php;

# index.php fallback
location / {
try_files $uri $uri/ /index.php?$query_string;
}

# handle .php
location ~ \.php$ {
include nginxconfig.io/php_fastcgi.conf;
}

include nginxconfig.io/general.conf;
}

# non-www, subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name .example.com;

# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

return 301 https://www.example.com$request_uri;
}

# HTTP redirect
server {
listen 80;
listen [::]:80;

server_name .example.com;

include nginxconfig.io/letsencrypt.conf;

location / {
return 301 https://example.com$request_uri;
}
}

 
 
 
/etc/nginx/sites-available/mydomain.com.conf
 
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name www.mydomain.com;
set $base /var/www/mydomain.com;
root $base/public;

# SSL
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/chain.pem;

# index.php
index index.php;

# index.php fallback
location / {
try_files $uri $uri/ /index.php?$query_string;
}

# handle .php
location ~ \.php$ {
include nginxconfig.io/php_fastcgi.conf;
}

include nginxconfig.io/general.conf;
}

# non-www, subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name .mydomain.com;

# SSL
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/chain.pem;

return 301 https://www.mydomain.com$request_uri;
}

# HTTP redirect
server {
listen 80;
listen [::]:80;

server_name .mydomain.com;

include nginxconfig.io/letsencrypt.conf;

location / {
return 301 https://www.mydomain.com$request_uri;
}
}

 
/etc/nginx/nginxconfig.io/php_fastcgi.conf
 
# 404
try_files $fastcgi_script_name =404;

# default fastcgi_params
include fastcgi_params;

# fastcgi settings
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;

# fastcgi params
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$base/:/usr/lib/php/:/tmp/";

 
/etc/nginx/nginxconfig.io/general.conf
# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

# . files
location ~ /\.(?!well-known) {
deny all;
}

# assets, media
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 7d;
access_log off;
}

# svg, fonts
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
expires 7d;
access_log off;
}

# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/xml+rss application/atom+xml image/svg+xml;

 
 
 
 
175
Views

i heard the newest version of ubuntu doesn't work very well on computers that are 4 years old and older, does linux-mint 18.3 have similar issues?

QuestionsTomas replied • 2 users followed • 1 replies • 175 views • 2018-11-26 16:45 • data from similar tags

183
Views

People talk about "learning Ubuntu". It seems simple enough to navigate the desktop to me. What am I missing , because I love to learn new things?

QuestionsAlex replied • 2 users followed • 1 replies • 183 views • 2018-11-26 16:17 • data from similar tags

141
Views
120
Views

I started using Ubuntu on a bootable usb drive

QuestionsTomas replied • 2 users followed • 1 replies • 120 views • 2018-10-31 13:58 • data from similar tags

145
Views

Can u guys suggest me one stable kernel for ubuntu 18.04.1 becasue im having random freezes with fresh install ubuntu with kernel 4.18.8

QuestionsCyril replied • 2 users followed • 1 replies • 145 views • 2018-10-21 16:48 • data from similar tags

155
Views

Can someone please help me with an error in ubuntu?

QuestionsEdikan replied • 2 users followed • 1 replies • 155 views • 2018-10-21 16:41 • data from similar tags

213
Views

I am building an image with WordPress and own templates. Unfortunately this takes long time, at least 5 minutes most of the time.

QuestionsRoman replied • 4 users followed • 3 replies • 213 views • 2018-10-20 01:29 • data from similar tags

217
Views

How to install and start ipmitool on Ubuntu/Debian ,step by step tutorial

ExperienceCHARLIE posted the article • 0 comments • 217 views • 2018-09-30 18:53 • data from similar tags

1. We need use two core modules
 
modprobe ipmi_si
modprobe ipmi_devintf
echo ipmi_si >> /etc/modprobe
echo ipmi_devintf >> /etc/modprobe2. Install ipmitool via apt-get
 
apt-get install ipmitool3. List ipmi   network infos
 
ipmitool lan print4. List users
 
ipmitool user list 1 view all
1. We need use two core modules
 
modprobe ipmi_si
modprobe ipmi_devintf
echo ipmi_si >> /etc/modprobe
echo ipmi_devintf >> /etc/modprobe
2. Install ipmitool via apt-get
 
apt-get install ipmitool
3. List ipmi   network infos
 
ipmitool lan print
4. List users
 
ipmitool user list 1
195
Views

Failed to start Docker Application Container Engine on centos7

Questionshans replied • 2 users followed • 1 replies • 195 views • 2018-09-28 03:02 • data from similar tags

188
Views

nginx error: 500 error

Questionshans replied • 2 users followed • 1 replies • 188 views • 2018-09-26 16:31 • data from similar tags

141
Views

How to install Python3.6.5 on Debian9

ExperienceElias posted the article • 0 comments • 141 views • 2018-09-25 23:48 • data from similar tags

1. check installed python version
 
python
Python 2.7.9 (default, Mar 1 2015, 18:22:53)
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
2. update software packages
 
apt-get update
apt-get upgrade
3. install some essential packages
 
aptitude -y install gcc make zlib1g-dev libffi-dev libssl-devif alert -bash: aptitude: command not found ,you need have to install aptitude
 
apt-get install aptitude4. download python3.6.5
 
wget https://www.python.org/ftp/pyt ... 5.tgz
 
 
5. unzip it
 
tar -xvf Python-3.6.5.tgz
 
6.add authority to this file
 
chmod -R +x Python-3.6.57. enter and install it
 
cd Python-3.6.5/
./configure8. move to other file 
 
./configure --prefix=/opt/python3.6.5you would see this infomation
If you want a release build with all optimizations active (LTO, PGO, etc), please run ./configure --enable-optimizations.9. install some other packages
aptitude -y install libffi-dev libssl-devmake && make installif you can see information as follows ,you installed it successfully
Collecting setuptools
Collecting pip
Installing collected packages: setuptools, pip
Successfully installed pip-9.0.1 setuptools-28.8.010. clean
 
make clean
make distclean
  view all
1. check installed python version
 
python
Python 2.7.9 (default, Mar 1 2015, 18:22:53)
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>

2. update software packages
 
apt-get update
apt-get upgrade

3. install some essential packages
 
aptitude -y install gcc make zlib1g-dev libffi-dev libssl-dev
if alert -bash: aptitude: command not found ,you need have to install aptitude
 
apt-get install aptitude
4. download python3.6.5
 
wget https://www.python.org/ftp/pyt ... 5.tgz

 
 
5. unzip it
 
tar -xvf Python-3.6.5.tgz

 
6.add authority to this file
 
chmod -R +x Python-3.6.5
7. enter and install it
 
cd Python-3.6.5/
./configure
8. move to other file 
 
./configure --prefix=/opt/python3.6.5
you would see this infomation
If you want a release build with all optimizations active (LTO, PGO, etc), please run ./configure --enable-optimizations.
9. install some other packages
aptitude -y install  libffi-dev libssl-dev
make && make install
if you can see information as follows ,you installed it successfully
Collecting setuptools
Collecting pip
Installing collected packages: setuptools, pip
Successfully installed pip-9.0.1 setuptools-28.8.0
10. clean
 
make clean 
make distclean

 
161
Views

Which C++ ide should I use on Ubuntu

QuestionsDkiptoo replied • 4 users followed • 3 replies • 161 views • 2018-09-23 22:54 • data from similar tags

162
Views

Why are so many deep learning platforms using Ubuntu?

Questionskevin replied • 2 users followed • 1 replies • 162 views • 2018-09-22 23:55 • data from similar tags

189
Views

How I can fix error nginx: connect() failed (111: Connection refused) while connecting to upstream

ExperienceGeorge posted the article • 0 comments • 189 views • 2018-09-06 22:19 • data from similar tags

On CentOS 7 this file was at /etc/php-fpm.d/www.conf for me and I had to add listen = 9000 and comment out listen = /var/run/php-fpm/php-fpm.sock. 
 
listen = /var/run/php-fpm/php-fpm.sock
listen = 9000and then ,typed commands
 
systemctl restart php-fpm.service view all
On CentOS 7 this file was at /etc/php-fpm.d/www.conf for me and I had to add listen = 9000 and comment out listen = /var/run/php-fpm/php-fpm.sock. 
 
listen = /var/run/php-fpm/php-fpm.sock
listen = 9000
and then ,typed commands
 
systemctl restart php-fpm.service
163
Views

How to fix nginx 403 forbidden step by step

ExperienceBritt Maree posted the article • 0 comments • 163 views • 2018-09-06 20:23 • data from similar tags

 
      Issue:Recently ,I deloyed my nginx server and found https cannot work and php file cannot work,but http works well.
       1.Check out your nginx.conf file and modify user = apache into user = root
 
      2.Execute these commands in you terminal
          
         [[email protected] ~]# ps ax | grep nginx

653 pts/1 S+ 0:00 grep --color=auto nginx
5974 ? S 0:04 nginx: worker process

[[email protected] ~]# sudo kill -2 5974 (kill the runing nginx process)

[[email protected] ~]# sudo kill -2 5974

kill: sending signal to 5974 failed: No such process

[[email protected] ~]# ps ax | grep nginx

694 pts/1 S+ 0:00 grep --color=auto nginx

[[email protected] ~]# service openresty restart

Restarting openresty (via systemctl): [ OK ]
 
 
3.Restart your server # systemctl status openresty
 
4.Edit your php-fpm file   ,the directory is etc/php-fm.d / www.conf
    
and modify its contents as follows:; Start a new pool named 'www'.
[www]

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 127.0.0.1
listen = 9000

; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =

; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
listen.allowed_clients = 127.0.0.1

; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19

; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic

; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 50

; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 8

; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 6

; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 35

; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;

; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
;pm.max_requests = 500

; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: @[email protected]/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status

; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping

; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong

; The access log file
; Default: not set
;access.log = log/$pool.access.log

; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"

; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/php-fpm/www-slow.log

; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0

; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_terminate_timeout = 0

; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024

; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0

; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =

; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
;chdir = /var/www

; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
;catch_workers_output = yes

; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no

; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7

; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.

; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.

; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected]
;php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
 
6.  Restart your openresty server again
 
   systemctl restart openresty
 
 
 
 
        view all
 
      Issue:Recently ,I deloyed my nginx server and found https cannot work and php file cannot work,but http works well.
       1.Check out your nginx.conf file and modify user = apache into user = root
 
      2.Execute these commands in you terminal
          
         
[[email protected] ~]# ps ax | grep nginx

653 pts/1 S+ 0:00 grep --color=auto nginx
5974 ? S 0:04 nginx: worker process

[[email protected] ~]# sudo kill -2 5974 (kill the runing nginx process)

[[email protected] ~]# sudo kill -2 5974

kill: sending signal to 5974 failed: No such process

[[email protected] ~]# ps ax | grep nginx

694 pts/1 S+ 0:00 grep --color=auto nginx

[[email protected] ~]# service openresty restart

Restarting openresty (via systemctl): [ OK ]

 
 
3.Restart your server 
# systemctl status openresty

 
4.Edit your php-fpm file   ,the directory is etc/php-fm.d / www.conf
    
and modify its contents as follows:
; Start a new pool named 'www'.
[www]

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 127.0.0.1
listen = 9000

; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =

; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
listen.allowed_clients = 127.0.0.1

; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19

; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic

; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 50

; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 8

; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 6

; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 35

; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;

; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
;pm.max_requests = 500

; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: @[email protected]/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status

; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping

; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong

; The access log file
; Default: not set
;access.log = log/$pool.access.log

; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"

; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/php-fpm/www-slow.log

; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0

; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_terminate_timeout = 0

; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024

; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0

; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =

; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
;chdir = /var/www

; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
;catch_workers_output = yes

; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no

; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7

; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.

; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.

; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected]
;php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache

 
6.  Restart your openresty server again
 
   
systemctl restart openresty

 
 
 
 
       
109
Views

Hi all, I have a situation where i have to use nginx.conf file in my angular project.

Reply

Questionsnanotree posted a question • 1 users followed • 0 replies • 109 views • 2019-03-23 15:22 • data from similar tags

141
Views
188
Views

nginx error: 500 error

Reply

Questionshans replied • 2 users followed • 1 replies • 188 views • 2018-09-26 16:31 • data from similar tags

96
Views

How to backup your whole website program on centos7 and nginx server as soon as possible?Just follow this step by step tutorial

ExperienceLuboff posted the article • 1 comments • 96 views • 2019-03-11 22:17 • data from similar tags

Step 1.  Login your server via terminal , I use ssh , so I typed ssh [email protected] your.server.ip.here

Step 2. My website program folder  in /user/local/openresty/ningx/html/. So I typed this command in my terminal .If you use 

nginx and apache , just make sure your folder dirctory is correct.tar -zcvf html.tar.gz /usr/local/openresty/nginx/html/*

step 3.  your server would begin to backup automatically ,keep wait until terminal show hashtag #  again. And then you would find html.tar.gz in your server root directory












step 4. Now ,you can use Transmit or Yummy Ftp server tools to download to your local computer. view all
Step 1.  Login your server via terminal , I use ssh , so I typed 
ssh [email protected]  your.server.ip.here


Step 2. My website program folder  in /user/local/openresty/ningx/html/. So I typed this command in my terminal .If you use 

nginx and apache , just make sure your folder dirctory is correct.
tar -zcvf html.tar.gz /usr/local/openresty/nginx/html/*


step 3.  your server would begin to backup automatically ,keep wait until terminal show hashtag #  again. And then you would find html.tar.gz in your server root directory



屏幕快照_2019-03-11_下午7.25_.04_.png






step 4. Now ,you can use Transmit or Yummy Ftp server tools to download to your local computer.
148
Views

Caddy vs SSLDocker vs Nginx , which is the best suitable web server for your vps ? I tested their performance with step by step tutorial

ExperienceEston posted the article • 0 comments • 148 views • 2019-03-08 11:28 • data from similar tags

1. I tested them on RAM 1 GB vps, i use hey 1 send requests 
 # ./hey -n=20000 -c=5 https://mydomain.com/
2. Caddy results:
 
 
 Summary:
Total: 64.9214 secs
Slowest: 0.7156 secs
Fastest: 0.0031 secs
Average: 0.0161 secs
Requests/sec: 308.0650

Response time histogram:
0.003 [1] |
0.074 [19888] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.146 [2] |
0.217 [2] |
0.288 [2] |
0.359 [90] |
0.431 [1] |
0.502 [11] |
0.573 [1] |
0.644 [1] |
0.716 [1] |
 
4. SSLDocker results:
 Summary:
Total: 63.0618 secs
Slowest: 0.4883 secs
Fastest: 0.0030 secs
Average: 0.0156 secs
Requests/sec: 317.1490

Response time histogram:
0.003 [1] |
0.052 [19865] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.100 [1] |
0.149 [2] |
0.197 [1] |
0.246 [0] |
0.294 [15] |
0.343 [95] |
0.391 [0] |
0.440 [2] |
0.488 [18] |
 
5. Nginx (openresty) results:Summary:
Total: 57.8501 secs
Slowest: 0.0523 secs
Fastest: 0.0029 secs
Average: 0.0144 secs
Requests/sec: 345.7212

Response time histogram:
0.003 [1] |
0.008 [539] |∎∎
0.013 [4327] |∎∎∎∎∎∎∎∎∎∎∎∎∎
0.018 [13150] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.023 [1397] |∎∎∎∎
0.028 [404] |∎
0.033 [120] |
0.037 [35] |
0.042 [18] |
0.047 [4] |
0.052 [5] |
 
6. Requests per second (RPS)Caddy 308 < SSLDocker 317 < Nginx 345
Nginx and SSLDocker have better performance
 
Caddy config:mydomain.com {
gzip
proxy / 127.0.0.1:8999
}
mydomain2.com {
proxy / 127.0.0.1:8888
}
SSLDocker config:{
"Email": "[email protected]",
"GzipOn": true,
"Http2https": true,
"MaxHeader": 10,
"Certs": "certs",
"ProxyItems": [
{"Host": "mydomain.com", "Target": "http://localhost:8999"},
{"Host": "mydomain2.com", "Target": "http://localhost:8888"}
]
}
Nginx config:
 server {
listen 443;
server_name mydomain.com;

ssl on;
ssl_certificate /root/ssl/chained.pem;
ssl_certificate_key /root/ssl/domain.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
ssl_prefer_server_ciphers on;

location ^~ /.well-known/acme-challenge/ {
alias /var/www/myapp/;
try_files $uri =404;
}

location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8999;
}
}
 
So  When should you use caddy and ssl docker?
 
my answer: if you run multiple websites,and each website use https .if you think it's hard and complex to config https ,you should use caddy and SSLDocker, they  would auto generate ssl . Nginx is stable and mature , you can search lots of solutions when you meet issues.
 
 
 
 
 
 
 
 
  view all
1. I tested them on RAM 1 GB vps, i use hey 1 send requests 
 
# ./hey -n=20000 -c=5 https://mydomain.com/

2. Caddy results:
 
 
 
Summary:
Total: 64.9214 secs
Slowest: 0.7156 secs
Fastest: 0.0031 secs
Average: 0.0161 secs
Requests/sec: 308.0650

Response time histogram:
0.003 [1] |
0.074 [19888] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.146 [2] |
0.217 [2] |
0.288 [2] |
0.359 [90] |
0.431 [1] |
0.502 [11] |
0.573 [1] |
0.644 [1] |
0.716 [1] |

 
4. SSLDocker results:
 
Summary: 
Total: 63.0618 secs
Slowest: 0.4883 secs
Fastest: 0.0030 secs
Average: 0.0156 secs
Requests/sec: 317.1490

Response time histogram:
0.003 [1] |
0.052 [19865] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.100 [1] |
0.149 [2] |
0.197 [1] |
0.246 [0] |
0.294 [15] |
0.343 [95] |
0.391 [0] |
0.440 [2] |
0.488 [18] |

 
5. Nginx (openresty) results:
Summary:
Total: 57.8501 secs
Slowest: 0.0523 secs
Fastest: 0.0029 secs
Average: 0.0144 secs
Requests/sec: 345.7212

Response time histogram:
0.003 [1] |
0.008 [539] |∎∎
0.013 [4327] |∎∎∎∎∎∎∎∎∎∎∎∎∎
0.018 [13150] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.023 [1397] |∎∎∎∎
0.028 [404] |∎
0.033 [120] |
0.037 [35] |
0.042 [18] |
0.047 [4] |
0.052 [5] |

 
6. Requests per second (RPS)
Caddy 308 < SSLDocker 317 < Nginx 345

Nginx and SSLDocker have better performance
 
Caddy config:
mydomain.com {
gzip
proxy / 127.0.0.1:8999
}
mydomain2.com {
proxy / 127.0.0.1:8888
}

SSLDocker config:
{
"Email": "[email protected]",
"GzipOn": true,
"Http2https": true,
"MaxHeader": 10,
"Certs": "certs",
"ProxyItems": [
{"Host": "mydomain.com", "Target": "http://localhost:8999"},
{"Host": "mydomain2.com", "Target": "http://localhost:8888"}
]
}

Nginx config:
 
server {
listen 443;
server_name mydomain.com;

ssl on;
ssl_certificate /root/ssl/chained.pem;
ssl_certificate_key /root/ssl/domain.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
ssl_prefer_server_ciphers on;

location ^~ /.well-known/acme-challenge/ {
alias /var/www/myapp/;
try_files $uri =404;
}

location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8999;
}
}

 
So  When should you use caddy and ssl docker?
 
my answer: if you run multiple websites,and each website use https .if you think it's hard and complex to config https ,you should use caddy and SSLDocker, they  would auto generate ssl . Nginx is stable and mature , you can search lots of solutions when you meet issues.
 
 
 
 
 
 
 
 
 
152
Views

How to check and generate an accurate nginx config file

Experienceevan posted the article • 0 comments • 152 views • 2019-03-08 10:49 • data from similar tags

1.  go to https://nginxconfig.io and select what stacks your are using . this site support Php,node js ,Django,Magento,etc.
 
2. type your domain name ,e.g .  I typed mydomain.com for test.





 
 
3. click the Generated config blue button and download a zip file,and open it.
 





 
4. these are common config file you can view(Server):# Virtual host: create symbolic links
ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf /etc/nginx/sites-enabled

# HTTPS - certbot (before first run): create ACME-challenge common directory
mkdir -p /var/www/_letsencrypt && chown www-data /var/www/_letsencrypt

# HTTPS - certbot (before first run): disable SSL directives
sed -i -r 's/(listen .*443)/\1;#/g; s/(ssl_(certificate|certificate_key|trusted_certificate) )/#;#\1/g' /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf

# HTTPS - certbot: obtain certificates
certbot certonly --webroot -d example.com -d www.example.com --email [email protected] -w /var/www/_letsencrypt -n --agree-tos --force-renewal
certbot certonly --webroot -d mydomain.com -d www.mydomain.com --email [email protected] -w /var/www/_letsencrypt -n --agree-tos --force-renewal

# HTTPS - certbot (after first run): enable SSL directives
sed -i -r 's/#?;#//g' /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf
 
/etc/nginx/nginx.conf
 # Generated by nginxconfig.io
# https://nginxconfig.io/%3F1.do ... false

user www-data;
pid /run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;

events {
multi_accept on;
worker_connections 65535;
}

http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
log_not_found off;
types_hash_max_size 2048;
client_max_body_size 16M;

# MIME
include mime.types;
default_type application/octet-stream;

# logging
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;

# SSL
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;

# modern configuration
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_prefer_server_ciphers on;

# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s;
resolver_timeout 2s;

# load configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
 
/etc/nginx/sites-available/example.com.confserver {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name www.example.com;
set $base /var/www/example.com;
root $base/public;

# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

# index.php
index index.php;

# index.php fallback
location / {
try_files $uri $uri/ /index.php?$query_string;
}

# handle .php
location ~ \.php$ {
include nginxconfig.io/php_fastcgi.conf;
}

include nginxconfig.io/general.conf;
}

# non-www, subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name .example.com;

# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

return 301 https://www.example.com$request_uri;
}

# HTTP redirect
server {
listen 80;
listen [::]:80;

server_name .example.com;

include nginxconfig.io/letsencrypt.conf;

location / {
return 301 https://example.com$request_uri;
}
}
 
 
 
/etc/nginx/sites-available/mydomain.com.conf
 server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name www.mydomain.com;
set $base /var/www/mydomain.com;
root $base/public;

# SSL
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/chain.pem;

# index.php
index index.php;

# index.php fallback
location / {
try_files $uri $uri/ /index.php?$query_string;
}

# handle .php
location ~ \.php$ {
include nginxconfig.io/php_fastcgi.conf;
}

include nginxconfig.io/general.conf;
}

# non-www, subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name .mydomain.com;

# SSL
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/chain.pem;

return 301 https://www.mydomain.com$request_uri;
}

# HTTP redirect
server {
listen 80;
listen [::]:80;

server_name .mydomain.com;

include nginxconfig.io/letsencrypt.conf;

location / {
return 301 https://www.mydomain.com$request_uri;
}
}
 
/etc/nginx/nginxconfig.io/php_fastcgi.conf
 # 404
try_files $fastcgi_script_name =404;

# default fastcgi_params
include fastcgi_params;

# fastcgi settings
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;

# fastcgi params
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$base/:/usr/lib/php/:/tmp/";
 
/etc/nginx/nginxconfig.io/general.conf# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

# . files
location ~ /\.(?!well-known) {
deny all;
}

# assets, media
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 7d;
access_log off;
}

# svg, fonts
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
expires 7d;
access_log off;
}

# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/xml+rss application/atom+xml image/svg+xml;
 
 
 
  view all
1.  go to https://nginxconfig.io and select what stacks your are using . this site support Php,node js ,Django,Magento,etc.
 
2. type your domain name ,e.g .  I typed mydomain.com for test.

屏幕快照_2019-03-08_上午8.36_.04_.png

 
 
3. click the Generated config blue button and download a zip file,and open it.
 
屏幕快照_2019-03-08_上午8.37_.54_.png


 
4. these are common config file you can view(Server):
# Virtual host: create symbolic links
ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf /etc/nginx/sites-enabled

# HTTPS - certbot (before first run): create ACME-challenge common directory
mkdir -p /var/www/_letsencrypt && chown www-data /var/www/_letsencrypt

# HTTPS - certbot (before first run): disable SSL directives
sed -i -r 's/(listen .*443)/\1;#/g; s/(ssl_(certificate|certificate_key|trusted_certificate) )/#;#\1/g' /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf

# HTTPS - certbot: obtain certificates
certbot certonly --webroot -d example.com -d www.example.com --email [email protected] -w /var/www/_letsencrypt -n --agree-tos --force-renewal
certbot certonly --webroot -d mydomain.com -d www.mydomain.com --email [email protected] -w /var/www/_letsencrypt -n --agree-tos --force-renewal

# HTTPS - certbot (after first run): enable SSL directives
sed -i -r 's/#?;#//g' /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-available/mydomain.com.conf

 
/etc/nginx/nginx.conf
 
# Generated by nginxconfig.io
# https://nginxconfig.io/%3F1.do ... false

user www-data;
pid /run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;

events {
multi_accept on;
worker_connections 65535;
}

http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
log_not_found off;
types_hash_max_size 2048;
client_max_body_size 16M;

# MIME
include mime.types;
default_type application/octet-stream;

# logging
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;

# SSL
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;

# modern configuration
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_prefer_server_ciphers on;

# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s;
resolver_timeout 2s;

# load configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

 
/etc/nginx/sites-available/example.com.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name www.example.com;
set $base /var/www/example.com;
root $base/public;

# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

# index.php
index index.php;

# index.php fallback
location / {
try_files $uri $uri/ /index.php?$query_string;
}

# handle .php
location ~ \.php$ {
include nginxconfig.io/php_fastcgi.conf;
}

include nginxconfig.io/general.conf;
}

# non-www, subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name .example.com;

# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

return 301 https://www.example.com$request_uri;
}

# HTTP redirect
server {
listen 80;
listen [::]:80;

server_name .example.com;

include nginxconfig.io/letsencrypt.conf;

location / {
return 301 https://example.com$request_uri;
}
}

 
 
 
/etc/nginx/sites-available/mydomain.com.conf
 
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name www.mydomain.com;
set $base /var/www/mydomain.com;
root $base/public;

# SSL
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/chain.pem;

# index.php
index index.php;

# index.php fallback
location / {
try_files $uri $uri/ /index.php?$query_string;
}

# handle .php
location ~ \.php$ {
include nginxconfig.io/php_fastcgi.conf;
}

include nginxconfig.io/general.conf;
}

# non-www, subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name .mydomain.com;

# SSL
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/chain.pem;

return 301 https://www.mydomain.com$request_uri;
}

# HTTP redirect
server {
listen 80;
listen [::]:80;

server_name .mydomain.com;

include nginxconfig.io/letsencrypt.conf;

location / {
return 301 https://www.mydomain.com$request_uri;
}
}

 
/etc/nginx/nginxconfig.io/php_fastcgi.conf
 
# 404
try_files $fastcgi_script_name =404;

# default fastcgi_params
include fastcgi_params;

# fastcgi settings
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;

# fastcgi params
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$base/:/usr/lib/php/:/tmp/";

 
/etc/nginx/nginxconfig.io/general.conf
# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

# . files
location ~ /\.(?!well-known) {
deny all;
}

# assets, media
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 7d;
access_log off;
}

# svg, fonts
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
expires 7d;
access_log off;
}

# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/xml+rss application/atom+xml image/svg+xml;

 
 
 
 
189
Views

How I can fix error nginx: connect() failed (111: Connection refused) while connecting to upstream

ExperienceGeorge posted the article • 0 comments • 189 views • 2018-09-06 22:19 • data from similar tags

On CentOS 7 this file was at /etc/php-fpm.d/www.conf for me and I had to add listen = 9000 and comment out listen = /var/run/php-fpm/php-fpm.sock. 
 
listen = /var/run/php-fpm/php-fpm.sock
listen = 9000and then ,typed commands
 
systemctl restart php-fpm.service view all
On CentOS 7 this file was at /etc/php-fpm.d/www.conf for me and I had to add listen = 9000 and comment out listen = /var/run/php-fpm/php-fpm.sock. 
 
listen = /var/run/php-fpm/php-fpm.sock
listen = 9000
and then ,typed commands
 
systemctl restart php-fpm.service
163
Views

How to fix nginx 403 forbidden step by step

ExperienceBritt Maree posted the article • 0 comments • 163 views • 2018-09-06 20:23 • data from similar tags

 
      Issue:Recently ,I deloyed my nginx server and found https cannot work and php file cannot work,but http works well.
       1.Check out your nginx.conf file and modify user = apache into user = root
 
      2.Execute these commands in you terminal
          
         [[email protected] ~]# ps ax | grep nginx

653 pts/1 S+ 0:00 grep --color=auto nginx
5974 ? S 0:04 nginx: worker process

[[email protected] ~]# sudo kill -2 5974 (kill the runing nginx process)

[[email protected] ~]# sudo kill -2 5974

kill: sending signal to 5974 failed: No such process

[[email protected] ~]# ps ax | grep nginx

694 pts/1 S+ 0:00 grep --color=auto nginx

[[email protected] ~]# service openresty restart

Restarting openresty (via systemctl): [ OK ]
 
 
3.Restart your server # systemctl status openresty
 
4.Edit your php-fpm file   ,the directory is etc/php-fm.d / www.conf
    
and modify its contents as follows:; Start a new pool named 'www'.
[www]

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 127.0.0.1
listen = 9000

; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =

; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
listen.allowed_clients = 127.0.0.1

; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19

; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic

; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 50

; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 8

; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 6

; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 35

; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;

; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
;pm.max_requests = 500

; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: @[email protected]/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status

; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping

; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong

; The access log file
; Default: not set
;access.log = log/$pool.access.log

; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"

; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/php-fpm/www-slow.log

; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0

; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_terminate_timeout = 0

; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024

; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0

; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =

; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
;chdir = /var/www

; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
;catch_workers_output = yes

; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no

; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7

; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.

; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.

; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected]
;php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
 
6.  Restart your openresty server again
 
   systemctl restart openresty
 
 
 
 
        view all
 
      Issue:Recently ,I deloyed my nginx server and found https cannot work and php file cannot work,but http works well.
       1.Check out your nginx.conf file and modify user = apache into user = root
 
      2.Execute these commands in you terminal
          
         
[[email protected] ~]# ps ax | grep nginx

653 pts/1 S+ 0:00 grep --color=auto nginx
5974 ? S 0:04 nginx: worker process

[[email protected] ~]# sudo kill -2 5974 (kill the runing nginx process)

[[email protected] ~]# sudo kill -2 5974

kill: sending signal to 5974 failed: No such process

[[email protected] ~]# ps ax | grep nginx

694 pts/1 S+ 0:00 grep --color=auto nginx

[[email protected] ~]# service openresty restart

Restarting openresty (via systemctl): [ OK ]

 
 
3.Restart your server 
# systemctl status openresty

 
4.Edit your php-fpm file   ,the directory is etc/php-fm.d / www.conf
    
and modify its contents as follows:
; Start a new pool named 'www'.
[www]

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 127.0.0.1
listen = 9000

; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =

; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
listen.allowed_clients = 127.0.0.1

; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19

; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic

; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 50

; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 8

; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 6

; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 35

; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;

; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
;pm.max_requests = 500

; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: @[email protected]/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status

; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping

; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong

; The access log file
; Default: not set
;access.log = log/$pool.access.log

; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"

; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/php-fpm/www-slow.log

; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0

; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_terminate_timeout = 0

; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024

; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0

; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =

; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
;chdir = /var/www

; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
;catch_workers_output = yes

; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no

; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7

; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.

; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.

; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected]
;php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache

 
6.  Restart your openresty server again
 
   
systemctl restart openresty