Nginx - 405不允许-快速405超时
我正在尝试使用php5.6和nginx建立一个使用synology的网站。该网站是WordPress和一个主题。在处理演示导入时,我们有一个NGINX错误405 (不允许)。
这有点令人沮丧,因为我喜欢把事情做好。
我查看了php.ini文件和nginx.conf文件。
# Copyright (c) 2000-2016 Synology Inc. All rights reserved.
worker_processes auto;
#worker_cpu_affinity auto;
worker_rlimit_nofile 65535;
include conf.d/main.conf;
events {
use epoll;
multi_accept on;
worker_connections 1024;
include conf.d/events.conf;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
#access_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_access,nohostname main;
error_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_error,nohostname error;
sendfile on;
server_tokens off;
proxy_request_buffering off;
fastcgi_request_buffering off;
scgi_request_buffering off;
proxy_buffering off;
fastcgi_buffering off;
scgi_buffering off;
resolver_timeout 5s;
client_header_timeout 10s;
client_body_timeout 60s;
send_timeout 60s;
keepalive_timeout 65s 20s;
client_max_body_size 0;
server_names_hash_max_size 8192;
ssl_certificate /usr/syno/etc/certificate/system/default/fullchain.pem;
ssl_certificate_key /usr/syno/etc/certificate/system/default/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
ssl_dhparam /usr/syno/etc/ssl/dh2048.pem;
ssl_prefer_server_ciphers on;
gzip_disable "msie6";
gzip_min_length 1000;
gzip_types text/plain text/css application/javascript application/json;
gzip_vary on;
gzip_static on;
upstream synoscgi {
server unix:/run/synoscgi.sock;
}
index index.html index.htm index.php;
set_real_ip_from 127.0.0.1;
real_ip_header X-Real-IP;
server {
listen 5000 default_server;
listen [::]:5000 default_server;
server_name _;
gzip on;
include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;
ignore_invalid_headers off;
include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;
location = / {
try_files $uri /index.cgi$is_args$query_string;
}
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}
location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ~ ^/webman/modules/Indexer/ {
deny all;
}
location ~ ^/webapi/lib/ {
deny all;
}
location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}
}
server {
listen 5001 default_server ssl;
listen [::]:5001 default_server ssl;
server_name _;
include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;
ignore_invalid_headers off;
include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;
location = / {
try_files $uri /index.cgi$is_args$query_string;
}
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}
location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ~ ^/webman/modules/Indexer/ {
deny all;
}
location ~ ^/webapi/lib/ {
deny all;
}
location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 default_server ssl;
listen [::]:443 default_server ssl;
server_name _;
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
include app.d/www.*.conf;
include app.d/alias.*.conf;
include /usr/syno/share/nginx/conf.d/www.*.conf;
include conf.d/www.*.conf;
location = /webman/pingpong.php {
rewrite /webman/pingpong.php /webman/pingpong.cgi break;
root /usr/syno/synoman;
include scgi_params;
scgi_pass synoscgi;
}
location = /webdefault/images/logo.jpg {
alias /usr/syno/share/nginx/logo.jpg;
}
error_page 405 =200 $uri;
location ~* \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_read_timeout 240;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ^~ /.well-known/acme-challenge {
root /var/lib/letsencrypt;
default_type text/plain;
}
include app.d/.location.webstation.conf*;
location ~ ^/$ {
if ($scheme = https) {
rewrite / https://$host:5001/ redirect;
}
rewrite / http://$host:5000/ redirect;
}
}
include conf.d/http.*.conf;
include app.d/server.*.conf;
include sites-enabled/*;
}我在网上搜索了很多,到目前为止只找到了一些有趣的线索,但都没有用。
我尝试在nginx.conf中添加以下内容(这就是我的实际nginx.conf有这些行的原因),但它并没有解决我的问题。
location ~* \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_read_timeout 240;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}有关信息,以下是日志文件中的错误:
2017/02/10 18:14:07错误18555#18555:*2563上游超时(110:连接超时)当从上游读取响应头时,客户机:xxx.xxx,服务器: example.com,请求:"POST /wp/admin-ajax.php HTTP/1.1",上游:“ajax.php://unix:/run/php-fpm/php56-fpm.sock”,主机:"www.example.com",referrer:http://example.com/wp-admin/admin.php?page=laborator-demo-content-installer&install-pack=agency&
如果你有办法解决这个问题..。因为几个星期以来我一直在挣扎.提前谢谢
回答 1
Stack Overflow用户
发布于 2017-06-02 13:45:22
你的WordPress太慢了。跳到底部,看看如何使NGINX返回正确的504 GATEWAY TIMEOUT状态代码。
更长的版本:你有一堆单独的问题,以一种无助的方式一起工作。
1.您的上游服务器WordPress没有足够快地响应。
这需要超过4分钟,这就是为什么您在日志中看到一个110: Connection timed out。慢度的解决方案是加速WordPress。作为解决办法,您可以给它更多的时间来处理请求。为此,增加fastcgi_read_timeout 240;规则中的数目。请注意,超时以秒为单位,因此,如果您可以等待10分钟,请将此设置为600。
不过,我建议不要增加超时时间。您应该真正解决性能问题本身。如此长的请求阻塞了NGINX和WordPress中的资源,因此允许您很容易地成为DDoSed,即使是自己意外地。
因为上游花费的时间太长,NGINX会使用504 GATEWAY TIMEOUT进行响应。它不能因为…
2. POST请求不能用静态文件回答
在您的error_page位置,您告诉NGINX使用静态文件来处理请求。对于GET或HEAD来说,这是可以的,但是它不适用于POST,因为它将要求NGINX覆盖/创建文件。NGINX既不打算也不支持这一点。(出于同样的原因,使用其他修改动词(如PUT和DELETE )请求也会失败。)
注意,您使用的是一个名为@error_page的位置,对于该位置,方法仍然是POST,如手册所述。
If there is no need to change URI and method during internal redirection it is possible to pass error processing into a named location.您已经知道其中的一部分,这就是为什么您添加了error_page 405 =200 $uri;规则。不幸的是,这并没有拯救你,因为…
3.内部error_page重定向在默认情况下不是递归的。
据我所见,在error_page手册的文档中没有提到这一点,但是在以下指令的文档中提到了这一点:
解决方案:启用递归error_page重定向
指令页面允许您处理在处理前一个错误时发生的错误。从医生那里:
Enables or disables doing several redirects using the error_page directive. The number of such redirects is limited.如果您通过将recursive_error_pages on;放入服务器块来启用这一功能,您将允许启动error_page 405指令。
不幸的是,由于您仍在用$uri部件请求相同的资源,所以WordPress将再次被查询相同的URL,这次是GET请求。不知道您的WordPress是如何处理这个问题的,但是可能发生的错误不会帮助您调试这个错误。
这实际上是在回避问题;您应该得到的是原始的504。因此,我建议您执行以下操作,而不是启用递归错误页重定向:
GET 解决方案:使用获取错误页
我假设您仍然希望返回您的error.html,即使是在发布请求时也是如此。为此,您需要强制NGINX删除POST并使用GET处理错误,以便可以使用静态文件。我发现实现这一目标的唯一方法是不使用命名的位置(最初使用@的位置),而是使用内部位置。
若要使用此选项,请将@error_page位置更改为包含伪路径和internal指令,例如:
location /error_page {
internal;
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}之后,修改error_page指令,以使用新位置:
error_page 403 404 500 502 503 504 /error_page;资源:关于NGINX邮件列表的有益讨论。
https://stackoverflow.com/questions/42167669
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号