Nginx fastcgi_ignore_client_abort Howto

August 21, 2011 by admin · Leave a Comment 

Nginx fastcgi_ignore_client_abort Howto:

syntax: fastcgi_ignore_client_abort on|off

default: fastcgi_ignore_client_abort off

context: http, server, location

This directive determines if current request to the FastCGI-server must be aborted in case the client aborts the request to the server.

In 1.0.2 POST requests are not handled correctly when fastcgi_ignore_client_abort is set to on which can lead to workers processes segfaulting. Switching fastcgi_ignore_client_abort back to default (off) should resolve this issue.

Nginx fastcgi_hide_header Howto

August 21, 2011 by admin · Leave a Comment 

Nginx fastcgi_hide_header Howto:

syntax: fastcgi_hide_header name

context: http, server, location

By default, Nginx does not pass headers “Status” and “X-Accel-…” from the FastCGI process back to the client. This directive can be used to hide other headers as well.

If the headers “Status” and “X-Accel-…” must be provided, then it is necessary to use directive fastcgi_pass_header to force them to be returned to the client.

Nginx fastcgi_index Howto

August 21, 2011 by admin · Leave a Comment 

Nginx fastcgi_index Howto:

syntax: fastcgi_index file

default: none

context: http, server, location

The name of the file which will be appended to the URI and stored in the variable $fastcgi_script_name if URI concludes with a slash.

For example:

fastcgi_index  index.php;
fastcgi_param  SCRIPT_FILENAME  /home/www/scripts/php$fastcgi_script_name;

for the request “/page.php” parameter SCRIPT_FILENAME will be set to “/home/www/scripts/php/page.php”, but for the “/” — “/home/www/scripts/php/index.php”.

Nginx fastcgi_cache_valid Howto

August 21, 2011 by admin · Leave a Comment 

Nginx fastcgi_cache_valid Howto:

syntax: fastcgi_cache_valid [http_return_code [...]] time

default: none

context: http, server, location

Directive sets caching period for the specified http return codes. For example:

fastcgi_cache_valid  200 302  10m;
fastcgi_cache_valid  404      1m;

sets caching period of 10 minutes for return codes 200 and 302 and 1 minute for the 404 code.

In case only caching period is specified:

fastcgi_cache_valid  5m;

the default behavior is to cache only replies with the codes 200, 301 and 302.

It’s also possible to cache all the replies by specifying code “any”:

 
fastcgi_cache_valid  200 302 10m;
fastcgi_cache_valid  301 1h;
fastcgi_cache_valid  any 1m;

Nginx fastcgi_cache_use_stale Howto

August 21, 2011 by admin · Leave a Comment 

Nginx fastcgi_cache_use_stale Howto:

syntax: fastcgi_cache_use_stale updating|error|timeout|invalid_header|http_500

default: fastcgi_cache_use_stale off

context: http, server, location

Determines whether or not Nginx will serve stale cached data in case of gateway event such as error, timeout etc.

Nginx fastcgi_cache_path Howto

August 21, 2011 by admin · Leave a Comment 

Nginx fastcgi_cache_path Howto:

syntax: fastcgi_cache_path path [levels=m:n] keys_zone=name:size [inactive=time] [max_size=size]

default: none

context: http

The clean_time parameter was removed in 0.7.45.

This directive specifies path to the cache storage and other cache parameters. All data is stored in the files. The cache key and the name of cache file are calculated as MD5 sum of the proxied URL.

Level parameter sets number and width of the names of subdirectories used to store caching files. For example, with the directive like:

fastcgi_cache_path  /data/nginx/cache  levels=1:2   keys_zone=one:10m;

the data will be stored in the following file:

/data/nginx/cache/c/29/b7f54b2df7773722d382f4809d65029c

Caching data is first written to the temporary file which is then moved to the final location in a cache directory. Starting from 0.8.9 it is possible to store temporary and cache files on different file systems, but it should be kept in mind that in such a case instead of cheap and atomic rename syscall a full file copy is performed. So it’s better to use the same file system in both parameters of fastcgi_temp_path and fastcgi_cache_path directives.

In addition, all active keys and information about data are kept in the shared memory zone, which name and size are specified by the options of the key_zone parameter. In case this data haven’t been accessed for the time, specified in the option of inactive parameter, it is wiped out from the memory. By default inactive period is set to 10 minutes.

To maintain the maximum size of the cache, which is set by max_size parameter, a special process cache manager periodically deletes old data from the cache.

Nginx fastcgi_cache_key Howto

August 21, 2011 by admin · Leave a Comment 

Nginx fastcgi_cache_key Howto:

syntax: fastcgi_cache_key line

default: none

context: http, server, location

The directive sets the key for caching, for example:

  fastcgi_cache_key localhost:9000$request_uri;

Be advised that a HEAD request can cause an empty response to be cached & later be distributed to GET requests, avoid this by having $request_method in the cache key.

Django under Nginx with SCGI and WSGI

August 21, 2011 by admin · Leave a Comment 

Here is a excellent tutorial show you about Django under Nginx with SCGI and WSGI:

A module called mod_wsgi is currently developed for Nginx (0.5 series supported currently). Latest news we will find on Nginx wiki. To install this module you have to

  • Get the latest code (mercurial RCS):
    hg clone http://hg.mperillo.ath.cx/nginx/mod_wsgi/
  • Compile nginx adding –add-module=/ścieżka/do/mod_wsgi/ to configure, for example:
    ./configure –add-module=/ścieżka/do/mod_wsgi/
  • After compile and install you are ready to go.

php-fcgi on Windows

June 23, 2011 by admin · Leave a Comment 

Here is a good tutorial show you about php-fcgi on Windows:

nginx can interface with PHP on Windows via a FastCGI daemon, which ships with PHP: php-cgi.exe. You need to run php-cgi.exe -b 127.0.0.1:<port> and use fastcgi_pass 127.0.0.1:<port>; in the nginx configuration file. After being launched, php-cgi.exe will keep listening for connections in a command prompt window. To hide that window, use the tiny utility RunHiddenConsole (the original can be found at http://www.msfn.org/board/index.php?act=ST&f=70&t=49184 but downloading requires signing up for the message board. However, the binaries are identical – md5sum abc6379205de2618851c4fcbf72112eb).

Steps

  • Download and install the Windows binaries of PHP making sure that php-cgi.exe is installed in the same directory as php.exe.
  • Create somewhere a batch file start-php-fcgi.bat similar to this one:
@ECHO OFF
ECHO Starting PHP FastCGI...
set PATH=C:\PHP;%PATH%
c:\bin\RunHiddenConsole.exe C:\PHP\php-cgi.exe -b 127.0.0.1:9123
  • In nginx.conf use Cygwin paths (/cygdrive/c/www) for nginx and native PHP paths (c:/www) for PHP scripts. Note that setting the root directory on Windows is buggy, at least in version 0.7.32, and you have to use relative directory paths.
location / {
  root ../www;
}

location ~ \.php$ {
  fastcgi_pass   127.0.0.1:9123;
  fastcgi_index  index.php;
  fastcgi_param  SCRIPT_FILENAME  c:/www$fastcgi_script_name;
  include        fastcgi_params;
}

Autostarting PHP and nginx

  • Schedule a basic (on Windows Vista) task to run the batch file above at system start up under the SYSTEM account.
  • If using Windows nginx from http://www.kevinworthington.com/nginx-for-windows, schedule a basic (on Windows Vista) task to run C:\nginx\conf\start-nginx.bat file at system start up under the SYSTEM account in starting directory C:\nginx.
  • A home made Cygwin build of Nginx can be scheduled using a batch file similar to this:
cd /d C:\cygwin\bin && bash -c /usr/local/nginx/sbin/nginx

Perl with FastCGI authorization example

May 31, 2011 by admin · Leave a Comment 

Perl with FastCGI authorization example:

#!/usr/bin/perl
use strict;
use DBI;
use FCGI;
use constant PATH_NEVER  => 0;
use constant PATH_MAYBE  => 1;
use constant PATH_ALWAYS => 2;
# normally, I would abstract this stuff out into a sitewide config module,
# but for didactic reasons, I’ll just define some constants here:
use constant COOKIE_NAME => ‘AUTH_TOKEN’;
use constant DBI_DSN     => ‘dbi:mysql:hostname=DBHOSTNAME;database=DBNAME’;
use constant DBI_USR     => ‘monty’;
use constant DBI_PWD     => ‘widenius’;
use constant AUTH_ERR => -1;
use constant AUTH_NOK =>  0;
use constant AUTH_OK  =>  1;
use constant AUTH_QUERY => <<AQ_SQL;
select count(*) as authorized
from   login_table
where  user  = ?
and    token = ?
and    expiry > unix_timestamp()
AQ_SQL
use vars qw($DBH $STH $N);
sub _init ();
sub _exit ();
sub authorized ($$$);
sub get_login_cookie ();
sub query_decode (;@);
_init();
for ($N = 0; FCGI::accept() >= 0; $N++)
{
    # check the path to see if we want/need to authorize access:
    my $path_auth = check_path($ENV{REQUEST_URI});
    if($path_auth == PATH_MAYBE)
    {
        my $auth = undef();
        my $user;
        my $token;
        my $cookie;
        # get the login cookie and decompose it into user + token:
        # cookie format: USERNAME:OPAQUETOKENFROMDB
        $cookie = get_login_cookie();
        ($user,$token) = split(/:/,$cookie,2);
        # check to see if an unexpired entry exists in the db:
        $auth = authorized($STH, $user, $token);
        if($auth == AUTH_OK)
        {
            # return 200 Ok, and set the AUTH_USER_NAME env variable
            # in case there is a dynamic content generator:
            # variables you want to set for the requested script/page
            # need to be prefixed w. the string ‘Variable-’,
            # or they will be passed back to the client, not the server.
            print(STDOUT “Status: 200 Authorized\r\n”);
            print(STDOUT “Variable-AUTH_USER_NAME: $user\r\n”);
            print(STDOUT “\r\n”);
        }
        elsif($auth == AUTH_NOK)
        {
            # Not authorized.
            # You can make your login page the default
            # 401 page with the htaccess ErrorDocument 401 directive:
            print(STDOUT “Status: 401 Not Authorized\r\n”);
            print(STDOUT “WWW-Authenticate: basic realm=\”foo\”\r\n”);
            print(STDOUT “\r\n”);
        }
        else
        {
            # Waah. Something blew up.
            print(STDOUT “Status: 500 Internal Auth Error\r\n”);
            print(STDOUT “\r\n”);
        }
    }
    elsif($path_auth == PATH_NEVER)
    {
        # we never allow anyone in to these:
        print(STDOUT “Status: 403 Denied\r\n”);
        print(STDOUT “\r\n”);
    }
    elsif($path_auth == PATH_ALWAYS)
    {
        # these we don’t really care about, just let them in.
        # your error pages, icon, etc should all fall into this
        # category, as should your login page:
        print(STDOUT “Status: 200 Ok\r\n”);
        print(STDOUT “\r\n”);
    }
    else
    {
        # This should not be able to happen: If it does,
        # your site needs attention from you:
        print(STDOUT “Status: 500 Internal Auth Error\r\n”);
        print(STDOUT “\r\n”);
    }
}
_exit();
##############
# Access rules, first match wins:
# /auth/login.cgi is always allowed
# /share
create table login_table (token  char(32) not null,
                          user   char(32) not null,
                          expiry int(11)  not null)

Next Page »