Hi MR
i had error 502 with
HTTPS only with nginx and php55m on some only domains..
after investigate further , i found this:
Working with https Domain conf file :
## web for 'XXXXXX.COM'
server {
#disable_symlinks if_not_owner;
## MR -- 'enable-cgi' not implementing yet
include '/opt/configs/nginx/conf/globals/listen_ssl.conf';
include '/opt/configs/nginx/conf/globals/gzip.conf';
ssl on;
ssl_certificate /home/kloxo/ssl/venet0_0___localhost.pem;
ssl_certificate_key /home/kloxo/ssl/venet0_0___localhost.key;
include '/opt/configs/nginx/conf/globals/ssl_base.conf';
server_name XXXX.cOM www.XXXXX.COM;
include '/opt/configs/nginx/conf/globals/acme-challenge.conf';
index index.php index.html index.shtml index.htm index.pl index.py index.cgi index.rb default.htm Default.aspx Default.asp;
set $var_domain XXXX.COM;
set $var_rootdir '/home/XXX/XXXX.COM';
root $var_rootdir;
set $var_user 'XXX';
set $var_fpmport '57820';
set $var_phpselected 'php';
include '/opt/configs/nginx/conf/globals/stats.conf';
include '/opt/configs/nginx/conf/globals/dirprotect_stats.conf';
include '/opt/configs/nginx/conf/globals/XXXX.COM.conf';
set $var_kloxoportssl '7777';
set $var_kloxoportnonssl '7778';
include '/opt/configs/nginx/conf/globals/generic.conf';
}
A 502 error domain has this in conf file :
## web for 'YYYYY.COM'
server {
#disable_symlinks if_not_owner;
## MR -- 'enable-cgi' not implementing yet
include '/opt/configs/nginx/conf/globals/listen_ssl.conf';
include '/opt/configs/nginx/conf/globals/gzip.conf';
ssl on;
ssl_certificate /home/kloxo/ssl/venet0_0___localhost.pem;
ssl_certificate_key /home/kloxo/ssl/venet0_0___localhost.key;
include '/opt/configs/nginx/conf/globals/ssl_base.conf';
server_name YYYYYY.COM www.YYYY.COM
include '/opt/configs/nginx/conf/globals/acme-challenge.conf';
index index.php index.html index.shtml index.htm index.pl index.py index.cgi index.rb default.htm Default.aspx Default.asp;
set $var_domain YYYYY.COM;
set $var_rootdir '/home/YYY/YYYYY.COM';
root $var_rootdir;
set $var_user 'YYYYY';
set $var_fpmport '57816';
set $var_phpselected 'php';
include '/opt/configs/nginx/conf/globals/stats.conf';
include '/opt/configs/nginx/conf/globals/dirprotect_stats.conf';
include '/opt/configs/nginx/conf/globals/switch_standard_ssl.conf';
set $var_kloxoportssl '7777';
set $var_kloxoportnonssl '7778';
include '/opt/configs/nginx/conf/globals/generic.conf';
}
So only diference here was the line
include '/opt/configs/nginx/conf/globals/switch_standard_ssl.conf';
The file
switch_standard_ssl.conf content was :
proxy_ignore_headers Expires Cache-Control;
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
## MR - increasing upload size to 64M (declare inside 'location /' not work
client_max_body_size 64M;
client_body_buffer_size 128k;
proxy_connect_timeout 600s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
#proxy_buffers 32 4k;
proxy_buffers 8 128k;
proxy_buffer_size 128k;
proxy_request_buffering off;
### MR -- must be using nginx-special (including ngx_purge_cache)
location ~ /purge(/.*) {
### MR -- just enough remove # below for enable
#proxy_cache_purge pcache "$scheme://$host$1$request_method";
allow 127.0.0.1;
deny all;
}
#location ~* \.(php|pl|py|rb|cgi)$ {
location / {
## MR -- move to ~lxcenter.conf
#limit_conn addr 25;
## MR - no need try_files because permalink handle by apache
#try_files $uri $uri/ /index.php;
proxy_pass https://127.0.0.1:30443/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-SSL on;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_header Set-Cookie;
proxy_headers_hash_max_size 512;
### MR -- just enough remove # below for enable cache
proxy_cache pcache;
#proxy_cache_valid 10m;
#proxy_cache_valid 404 1m;
## for microcache
proxy_cache_valid 200 10s;
proxy_cache_use_stale updating;
proxy_max_temp_file_size 1M;
proxy_cache_key "$scheme$request_method$host$request_uri";
add_header X-Micro-Cache $upstream_cache_status;
#proxy_cache_use_stale error timeout invalid_header http_500 http_502 http_504 http_404;
open_file_cache max=1024 inactive=600s;
open_file_cache_valid 2000s;
open_file_cache_min_uses 1;
open_file_cache_errors on;
}
### MR -- Enable this if not using nginx cache and not for wordpress
# location ~* ^.+\.(jpe?g|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|swf|avi|mp3)$ {
# expires 2d;
# access_log off;
# root $var_rootdir;
# }
location ~ /\.ht {
deny all;
}
if (-f $request_filename) {
break;
}
if (-d $request_filename) {
break;
}
I then copy file
php-fpm_standard_ssl.conf inside
switch_standard_ssl.conf and all works fine now...
Some extra info :
of course i run all the usual commands after upgrade and removed all custom-php53 conf files inside /opt/php-fpm/tpl and run sh /script/fix-all; fixweb etc etc...
sh /script/sysinfo -y
A. Control Panel:
- Kloxo-MR: 7.0.0.b-2016051305
- Web: hiawatha-10.2.0-f.6.mr.el6.x86_64
- PHP: php54s-5.4.40-1.ius.el6 (fpm mode)
B. Plateform:
- OS: CentOS release 6.7 (Final) x86_64
- Hostname: server2.sugarweb.gr
C. Services:
1. MySQL: MariaDB-server-10.0.25-1.el6.x86_64
2. PHP:
- Branch: php55u-cli-5.5.35-1.ius.el6.x86_64
- Multiple:
* php53m-5.3.29-1.ius.el6
* php54m-5.4.40-1.ius.el6
* php55m-5.5.24-1.ius.el6
* php56m-5.6.8-1.ius.el6
- Used: php55m
3. Web Used: nginx
- Hiawatha: --unused--
- Lighttpd: --uninstalled--
- Nginx: nginx-1.10.0-1.el6.ngx.x86_64
- Httpd: --uninstalled--
- PHP Type: php-fpm_event
4. WebCache: none
- ATS: --uninstalled--
- Squid: --uninstalled--
- Varnish: --uninstalled--
5. Dns: nsd
- Bind: --uninstalled--
- DJBDns: --uninstalled--
- NSD: nsd-4.1.9-1.mr.el6.x86_64
- PowerDNS: --uninstalled--
- Yadifa: --uninstalled--
6. Mail: qmail-toaster-1.03-1.3.55.mr.el6.x86_64
- pop3/imap4: courier-imap-toaster-4.1.2-1.3.18.mr.el6.x86_64
- spam: spamassassin
D. Memory:
total used free shared buffers cached
Mem: 20480 10719 9760 1111 0 7849
-/+ buffers/cache: 2869 17610
Swap: 1024 0 1024
E. Disk Space:
Filesystem Size Used Avail Use% Mounted on
/dev/simfs 80G 37G 44G 46% /
So is there a bug ?? Was the file switch_standard_ssl.conf corect
?