search

apache / incubator-pagespeed-ngx

Automatic PageSpeed optimization module for Nginx
http://ngxpagespeed.com/
Apache License 2.0
4.36k stars 364 forks source link

Unfortunately, nginx and pagespeed stop working #1734

Open edatastyle opened 3 years ago

edatastyle commented 3 years ago

Hi i am running a server with nginx and page speed module and it's working great and working yesterday. Today i see my server is down, and it's not working anymore with the pagespeed module. below is my server config file .

`user www-data; worker_processes 1; pid /run/nginx.pid;

include /etc/nginx/modules-enabled/*.conf;

events { worker_connections 3096; use epoll;

Accept as many connections as possible, after nginx gets notification about a new connection.

multi_accept on;
accept_mutex on;
# Workflows will take turns Connection

} http {

# Basic Settings
##
charset                utf-8;
sendfile               on;
tcp_nopush             on;
tcp_nodelay            on;
access_log             off;
log_not_found          off;
types_hash_max_size    2048;
types_hash_bucket_size 64;
client_max_body_size   50m;
server_tokens           off;
server_name_in_redirect off;
error_log /var/log/nginx-error.log warn; 
reset_timedout_connection on;
send_timeout              3m;
keepalive_timeout         300;
keepalive_requests        100000;
client_body_buffer_size   50k;
client_header_buffer_size 3k;
large_client_header_buffers 2 6k;
client_body_timeout      10;
client_header_timeout    10;
include                mime.types;
default_type           application/octet-stream;
# Logging
access_log             /var/log/nginx/access.log;
error_log              /var/log/nginx/error.log warn;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
# Gzip Settings
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 32 16k;
gzip_http_version 1.1;
gzip_min_length 250;
gzip_types image/jpeg image/bmp image/svg+xml text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript image/x-icon font/ttf font/eot font/otf font/woff2 application/x-font application/x-font-opentype application/x-font-otf font/woff application/x-font-truetype application/x-font-ttf application/x-font-woff application/x-font-woff2 image/webp;
# Turn on caching of open files
open_file_cache max=10000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
 # buffers
 fastcgi_read_timeout 300;
# Connect php-fpm via socket - works faster than by tcp
upstream php-fpm {
    # This must corespond to "listen" directive in php-fpm pool
      server unix:/run/php-fpm/php7.4-fpm.sock;
}

# DDoS Mitigation 
limit_conn_zone $binary_remote_addr zone=perip:10m;
limit_conn perip 100;

limit_req_zone $binary_remote_addr zone=engine:10m rate=2r/s;
limit_req_zone $binary_remote_addr zone=static:10m rate=100r/s;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;

}`

and here is domain block

`server { listen 94.237.89.197:80; listen [2a04:3542:1000:910:6cd2:15ff:fe93:755c]:80;

#include /etc/nginx/snippets/letsencrypt.conf;

location / {
    return 301 https://domain.com$request_uri;
}

} server {
listen 94.237.89.197:443 ssl http2; listen [2a04:3542:1000:910:6cd2:15ff:fe93:755c]:443 ssl http2; server_name domain.com www.domain.com *.domain.com; root /var/www/domain;

http2_push_preload on;

ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

# intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;

 # HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;

add_header Content-Security-Policy upgrade-insecure-requests; add_header Expect-CT 'enforce; max-age=7776000'; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "no-referrer-when-downgrade" always; add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

Optimize session cache

ssl_session_cache shared:SSL:50m; ssl_session_timeout 24h;

Enable session tickets

ssl_session_tickets off;

# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver    1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844] 208.67.222.222 208.67.220.220 [2620:119:35::35] [2620:119:53::53] valid=60s;

resolver_timeout 5s;
ssl_buffer_size 6k;

ssl_trusted_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
include /etc/nginx/snippets/letsencrypt.conf;

#set client body size to 20M
client_max_body_size 10M;

index index.php index.html index.htm;

location ~ .php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; }

location / {
    # try_files $uri $uri/ =404;
    try_files $uri $uri/ /index.php?$args;

    #ignored: "-" thing used or unknown variable in regex/rew 
    if (!-f $request_filename){
     set $rule_1 1$rule_1;
    }
    if (!-d $request_filename){
        set $rule_1 2$rule_1;
    }

    if ($rule_1 = "21"){
    rewrite /. /index.php last;
    }   

    # START Nginx Rewrites for Rank Math Sitemaps
    rewrite ^/sitemap_index.xml$ /index.php?sitemap=1 last;
    rewrite ^/([^/]+?)-sitemap([0-9]+)?.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
    # END Nginx Rewrites for Rank Math Sitemaps

}

error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
    root /var/www/domain;
}

location /robots.txt {
     alias /var/www/domain/robots.txt;
}   
location ~ /.well-known {
    allow all;
}

       pagespeed on;
 pagespeed FileCachePath "/var/cache/ngx_pagespeed/";
 pagespeed RewriteLevel OptimizeForBandwidth;

 location ~ ".pagespeed.([a-z].)?[a-z]{2}.[^.]{10}.[^.]+" {
     add_header "" "";
 }

 location ~ "^/pagespeed_static/" { }
 location ~ "^/ngx_pagespeed_beacon$" { }

    # Media: images, icons, video, audio, HTC
    location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|mp3|ogg|ogv|webm|htc)$ {
         access_log off;
        expires 365d;
        add_header Cache-Control "public";

    }

    # CSS and Javascript
    location ~* \.(?:css|js|woff2|woff|webp|eot|ttf|ogg)$ {
        access_log off;
        expires 365d;
        add_header Cache-Control "public";

    }

}`

Lofesa commented 3 years ago

Hi What messages have you in the log files?