Hi,
This is our nginx configuration setup.
http {
include mime.types;
gzip on;
gzip_http_version 1.1;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain application/xml text/css
application/x-javascript text/xml application/javascript
text/javascript;
gzip_disable “MSIE [1-6].”;
autoindex off;
ssi off;
server_tokens off;
log_format main '$remote_addr [$time_local] - "$request" - '
'$status - $body_bytes_sent - "$http_referer"';
log_format lb_log '$remote_addr [$time_local] - "$request" - $status
-
’
'worker_addr $upstream_addr - ’
'worker_status $upstream_status - ’
'worker_response_time $upstream_response_time - ’
'total_processing_time $request_time - ’
‘content_type $upstream_http_content_type’;
log_format doc_log '$remote_addr [$time_local] - “$request” -
$status - ’
'worker_addr $upstream_addr - ’
'worker_status $upstream_status - ’
'worker_response_time $upstream_response_time - ’
'total_processing_time $request_time - ’
‘content_type $upstream_http_content_type’;
access_log logs/access.log main;
error_log logs/error.log;
sendfile on;
keepalive_timeout 60;
proxy_ssl_session_reuse on;
upstream loadbalancer {
server server1-ip:443 weight=1 max_fails=5 fail_timeout=3m;
server server2-ip:443 weight=1 max_fails=5 fail_timeout=3m;
}
upstream docproxy {
server 127.0.0.1:7443;
}
server {
listen 443 ssl;
server_name lb.abcd.net;
location ~ ^/documents/(.*)(jpg|jpeg|gif|png|txt|pdf|html|htm){
root /home;
access_log logs/doc_access.log doc_log;
}
location ~* ^.+.(jpg|jpeg|gif|png|ico|css|txt|js)$ {
expires 24h;
add_header Cache-Control public;
root media;
}
ssl_certificate
/root/Apache_New_SSL_Keys/lendingstream.co.uk.crt;
ssl_certificate_key
/root/Apache_New_SSL_Keys/lendingstream.key.nopass;
ssl_session_timeout 3m;
ssl_protocols SSLv3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
proxy_redirect / /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 360s;
location ~ ^/documents/ {
proxy_pass https://docproxy;
access_log logs/doc_access.log doc_log;
}
location / {
proxy_pass https://loadbalancer;
access_log logs/lb_access.log lb_log;
}
error_page 403 /403.html;
error_page 404 /404.html;
error_page 500 502 503 504 /500.html;
location ~ ^/(403.html|404.html|500.html)$ {
root html;
}
}
}
Here, we will forward all the requests except documents to LB, which in
turn send to either server1 or server2. The document related requests
will be proxy forwarded to apache running in the same machine at 7443
port. But, here comes the problem that when it is sending any request to
apache it is giving 500 error. In apache logs, it’s been logged as
[error] Hello. The apache configurations are:
httpd.conf is,
ServerRoot “/usr/local/apache2”
PidFile logs/httpd.pid
Listen 80
ServerTokens ProductOnly
ServerSignature Off
Loaded all modules which are required
LoadModule *****.so
Loaded all modules which are required
<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
User USER
Group GROUP
DocumentRoot “/usr/local/apache2/htdocs”
Options -Indexes +FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
<Directory “/usr/local/apache2/htdocs”>
Options -Indexes +FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
ErrorLog “logs/error_log”
LogLevel notice
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
<VirtualHost *:80>
Alias /documents /home/documents
<Directory /home/documents>
Order deny,allow
Allow from all
WSGIScriptAlias / apache/django.wsgi
<Directory "apache">
Order allow,deny
Allow from all
and the httpd-ssl.conf is,
LoadModule ssl_module modules/mod_ssl.so
LoadModule wsgi_module modules/mod_wsgi.so
Listen 7443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache
“shmcb:/usr/local/apache2/logs/ssl_scache(512000)”
SSLSessionCacheTimeout 15
SSLMutex “file:/usr/local/apache2/logs/ssl_mutex”