"upstream sent too big header while reading response header from upstream"
I keep getting this when I try and do an authentication from facebook. I've increased my buffers:
proxy_buffer_size 256k;
proxy_buffers 8 256k;
proxy_busy_buffers_size 512k;
fastcgi_buffers 8 256k;
fastcgi_buffer_size 128k;
But it doesn't seem to help. Any thoughts as to why this might occur?
nginx.conf file:
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
# multi_accept on;
}
http {
include /etc/nginx/mime.types;
proxy_buffer_size 256k;
proxy_buffers 8 256k;
proxy_busy_buffers_size 512k;
fastcgi_buffers 8 256k;
fastcgi_buffer_size 128k;
access_log /var/log/nginx/access.log;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
tcp_nodelay on;
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-enabled/default
server {
listen 80 default;
server_name localhost;
access_log /var/log/nginx/localhost.access.log;
location / {
root /var/www/nginx-default;
index index.html index.htm;
}
location /doc {
root /usr/share;
autoindex on;
allow 127.0.0.1;
deny all;
}
location /images {
root /usr/share;
autoindex on;
}
}
In codeigniter I had the same error. This works for me:
http://forum.nginx.org/read.php?2,192785,196003#msg-196003
In .conf
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# 16-sept-2012 parametros para evitar el 502
fastcgi_temp_file_write_size 10m;
fastcgi_busy_buffers_size 512k;
fastcgi_buffer_size 512k;
fastcgi_buffers 16 512k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_intercept_errors on;
fastcgi_next_upstream error invalid_header timeout http_500;
}
I had the same exact issue this morning. However, increasing buffer size worked for me. This is the settings that I used:
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
The only setting I don't see in your config is
proxy_temp_file_write_size 256k;
Also, I added these values just for that vhost. I don't think it should matter, but might be worth trying.
Turns out Codeigniter sets its own max size. I haven't figured out how to limit that, but changing nginx won't change anything unfortunately. Thanks for all the help VBart and gsharma.
We are moving our production environment and the old one works without problem and had the same "upstream sent too big header while reading response header from upstream" problem. This is a Codeigniter 2.x application.
Like #gsharma said, after change the server config with this the error log disappeared.
fastcgi_buffers 256 4k;
fastcgi_buffer_size 8k;
However, still had some problems: login did'n work anymore.
The problem was around $config['sess_encrypt_cookie']=TRUE;
When using sess_encrypt_cookie, Codeigniter tries to use mcrypt library but if it doesn't exist uses a method called '_xor_encode'. Ok, I think this method it's buggy.
After install php-mcrypt everything worked without problems.
(sorry for my english)
I am getting this error, on a page that is 800 bytes long, 4 headers. It was a signout page to delete cookies. To expire cookies I was setting them back to my birthday. This did not work in nginx, they must be expired by less than a month to pass validation to remove the cookies.
I ran a check on a few more different, but invalid headers and got the same result. If nginx cannot validate the header it throws: upstream sent too big header while reading response header from upstream
2015: more information from experience:
upstream sent too big header while reading response header from upstream is nginx's generic way of saying "I don't like what I'm seeing"
Your upstream server thread crashed
The upstream server sent an invalid header back
The Notice/Warnings sent back from STDERR broke their buffer and both it and STDOUT were closed
3: Look at the error logs above the message, is it streaming with logged lines preceding the message? PHP message: PHP Notice: Undefined index:
Example snippet from a loop my log file:
2015/11/23 10:30:02 [error] 32451#0: *580927 FastCGI sent in stderr: "PHP message: PHP Notice: Undefined index: Firstname in /srv/www/classes/data_convert.php on line 1090
PHP message: PHP Notice: Undefined index: Lastname in /srv/www/classes/data_convert.php on line 1090
... // 20 lines of same
PHP message: PHP Notice: Undefined index: Firstname in /srv/www/classes/data_convert.php on line 1090
PHP message: PHP Notice: Undefined index: Lastname in /srv/www/classes/data_convert.php on line 1090
PHP message: PHP Notice:
2015/11/23 10:30:02 [error] 32451#0: *580927 FastCGI sent in stderr: "ta_convert.php on line 1090
PHP message: PHP Notice: Undefined index: Firstname
you can see in the 3rd line (from the 20 previous errors) the buffer limit was hit, broke, and the next thread wrote in over it. Nginx then closed the connection and returned 502 to the client.
2: log all the headers sent per request, review them and make sure they conform to standards (nginx does not permit anything older than 24 hours to delete/expire a cookie, sending invalid content length because error messages were buffered before the content counted...)
examples include:
<?php
//expire cookie
setcookie ( 'bookmark', '', strtotime('2012-01-01 00:00:00') );
// nginx will refuse this header response, too far past to accept
....
?>
and this:
<?php
header('Content-type: image/jpg');
?>
<?php //a space was injected into the output above this line
header('Content-length: ' . filesize('image.jpg') );
echo file_get_contents('image.jpg');
// error! the response is now 1-byte longer than header!!
?>
1: verify, or make a script log, to ensure your thread is reaching the correct end point and not exiting before completion.
Related
Recently our servers were facing status_code: 400 errors. We added logs to check what is happening.. these are our observations:
Log added in nginx.conf file:
log_format custom '$remote_addr STATUS_CODE:$status $request_length $bytes_sent REQUEST "$request" COOKIE "$http_cookie" Hello';
access_log /var/log/nginx/access.log custom;
We are observing that for 400 errors the below log is getting set:
xxx.xxx.xxx.xxx STATUS_CODE:400 0 326 REQUEST "GET www.xyz.abc" COOKIE "-"
Can you please help in finding what could be the possibility of request_length getting set to zero.
I have a server that runs on Nginx (ubuntu 16). I also have a domain name that redirects to the IP of this server. Of course, I want to show the user a domain name in the address bar, not IP (as it is now). To do this, I changed the site configuration settings in the /etc/nginx/sites-aviable folder to the following: (the project is written in symfony, location is mostly from docks on it)
server {
listen 80;
server_name **.***.***.***; #My server ip
return 301 $scheme://example.com$request_uri;
}
server {
listen 80;
server_name example.com www.example.com;
root /var/www/example.com/web;
index app.php app_dev.php;
location / {
try_files $uri /app.php$is_args$args;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
}
# DEV
location ~ ^/(app_dev|config)\.php(/|$) {
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
try_files $uri =404;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
internal;
}
# Phpmyadmin Configurations
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
#fastcgi_pass 127.0.0.1:9000;
#fastcgi_param HTTPS on; # <-- add this line
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~*^/phpmyadmin/(.+\.jpg|jpeg|gif|css|png|js|ico|html|xml|txt))${
root /usr/share/;
}
}
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location ~ \.php$ {
return 404;
}
error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}
As a result, now the user sees the domain name in the address bar, but it does not bring joy - the browsers write ERR_TOO_MANY_REDIRECTS and do not show the content.
As I understand, in some place there is a recursive redirect. In addition to */nginx/sites-aviable/example.com there are no other configs in this folder (default file is fully commented out).
Could it be that the server receiving a request to the address **.***.***.***:80 redirect it to example.com, and the domain services, catching the request, will redirect to **.***.***.***:80, and so on a loop?
How then to be? Or is the problem somewhere in local configurations?
UPD It is the contents of the access.log file after the attempt to open the site once:
(the line is repeated 9 times, . . . * - IP of my server)
**. ***. ***. *** - - [03/Oct/2017: 11: 59: 07 +0300] "GET / HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv: 54.0) Gecko/20100101 Firefox/54.0"
UPD 2
I try curl -L -I http://mysite
Result of curl:
'HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 03 Oct 2017 09:49:32 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: http://**.***.***.*** //(my server IP)
HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 03 Oct 2017 09:49:32 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: http://example.com //(my cite)
....
// some repeats this
....
curl: (52) Empty reply from server'
Redirect 301 is described in my configuration.
Why there is a redirect 302 - I do not know. Is this the result of DNS services?
Try to debug using curl:
For example:
curl -L -I http://yoursite
the option -L will follow redirects and the -I will only show the headers.
In the output search for HTTP/1.1 301 Moved Permanently and the Location: htt.....
Also try to change your conf to either use http or https in many cases is where the loop happends:
return 301 $scheme://
to
return 301 https://
The error was not on the side of my server or the nginx configuration, I did not correctly configure DNS when I had a domain name. Instead of creating an A-record, I set a redirect to the IP of my server
I'm currently testing a perl cgi application in nginx and fcgiwrap. It's partially working. However I'm having issues getting errors back in the response.
All requests return 200. If the cgi errors, it just returns blank content.
I'm running both nginx and fcgiwrap from supervisord.
This is my supervisord.conf file...
[supervisord]
logfile=/tmp/supervisord.log
nodaemon=true
[fcgi-program:fcgiwrap]
command = /usr/sbin/fcgiwrap
user = www-data
socket = unix:///var/run/supervisor/%(program_name)s.sock
socket_owner = www-data:www-data
socket_mode = 0770
autorestart=true
autostart=true
startsecs=1
startretries=3
stopsignal=QUIT
stopwaitsecs=10
environment=PATH='/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin'
redirect_stderr=false
stdout_logfile=/var/log/fcgiwrap_out.log
stderr_logfile=/var/log/fcgiwrap_err.log
[program:nginx]
command=/usr/sbin/nginx -g 'daemon off;'
I get the errors appearing in /var/log/fcgiwrap_err.log. However the error message, and more importantly the status, aren't returned to nginx.
This is my nginx config...
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/web;
index index.html index.cgi;
server_name _;
location / {
try_files $uri $uri/ =404;
}
location ~ \.cgi$ {
gzip off;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/supervisor/fcgiwrap.sock;
fastcgi_index index.cgi;
fastcgi_param SCRIPT_FILENAME /var/www/web$fastcgi_script_name;
}
# deny access to .htaccess files
location ~ /\.ht {
deny all;
}
}
I'm not sure whether the issue is due to a misconfiguration of fcgiwrap, nginx, or supervisord.
You said to supervisord to monitor a socket (/var/run/supervisor/fcgiwrap.sock) but didn't say to fcgiwrap to use that socket.
So PHP connection through this empty socket will never reach fcgiwrap process, and hence you have no error message from fcgiwrap.
You need to change the fcgiwrap command to specify the socket, using -s parameter.
I'm unable to post any pictures or other media in facebook. I have used the debuger (http://developers.facebook.com/tools/debug) and I always get:
Scrape Information
Response Code: 502
I use nginx 1.2.0 with php-fpm with sock not port (9000)
My errror log does not show any error. The access log
69.171.237.14 - - [23/Mar/2013:19:00:29 +0100] "GET /video/X1KAW64412WH1OO/5123 HTTP/1.1" 200 11715 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)" "-"
Currently I have disabled the IPtables. php.ini and most of the timeouts are set to 3600
nginx.conf part:
location ~ \.php$ {
root /home/blabla/www;
# fastcgi_pass 127.0.0.1:9000;
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /home/blabla/blabla/$fastcgi_script_name;
# fastcgi_param REQUEST_URI $request_uri;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
access_log logs/access._php.log main;
fastcgi_send_timeout 5m;
fastcgi_read_timeout 5m;
fastcgi_connect_timeout 5m; }
I have tested using cloudflare services and it works great, but when I only point to my server it stop. It happen to all my other websites located to this machine so it must be webserver configuration prolem I guess. I use centos x64
I was running into the same issue.
My nginx logs indicated that a 200 response was being served, and requests in the browser showed a 200 response. Facebook was insistent that it was a 502 error.
It turns out that '502' can mean either 'Your server returned a 502' or 'I ran into a difficulty parsing the response'.
In my case, I had a non-compliant HTTP header (it conained a single question mark), which was causing Facebook to reject the response as being invalid. Removing this header fixed the issue.
Facebook by default use ipv6 address if available To Solve this problem you have to enable iPv6 in a Ningx config file for each virtual host (if many sites hosted) to listen Any IPv6 address at port 80.
This will solve the issue with Facebook opengraph.
Unfortunately I'm unable to fix Class 'MongoPool' not found error. Rechecked everything in configs and everything looks normal to me :( Spent 4 hours on this already :(
I'm using:
Ubuntu 12.04
nginx 1.1.19
php 5.3.10-1ubuntu3.4 as php-fpm extension to nginx
mongodb driver 1.3.0RC1-dev
Configuration info:
my phpinfo() output is here
nginx.conf is here
fastcgi_params is here
php.ini is here
php-fpm.conf is here
mongo.ini in php folder is this
extension=mongo.so
mongo.native_long = true
mongo.utf8 = 1
/etc/php5/fpm/pool.d/www.conf is pretty short too
[www]
user = www-data
group = www-data
listen = /var/run/php-fpm.sock
pm = dynamic
pm.max_children = 10
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 6
access.log = /var/www/log/$pool.access.log
;chroot = /var/www/
chdir = /
Could you please take a look at my configs and help me ?
Test page is this
<?php
MongoPool::setSize(2);
?>
nginx server's config is
server {
root /usr/share/nginx/www;
index index.php index.html index.htm;
server_name localhost 192.168.1.149;
location / {
try_files $uri $uri/ /index.html;
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
deny all;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
}
Log snippet from nginx
2012/10/21 06:35:48 [error] 21418#0: *1 FastCGI sent in stderr: "PHP message: PHP Fatal error: Class 'MongoPool' not found in /usr/share/nginx/www/test2.php on line 2
PHP message: PHP Stack trace:
PHP message: PHP 1. {main}() /usr/share/nginx/www/test2.php:0" while reading response header from upstream, client: 192.168.1.2, server: localhost, request: "GET /test2.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "192.168.1.149"
As user eicto hinted above creators of MongoDb Driver for PHP removed this class from trunk version of the driver about 2 months ago (see this commit).
We will be adding back MongoPool and couple of the other methods for backwards compatibility, but they won't do anything and just issue E_DEPRECATED warning
Take care when using development versions.