服务器 发布日期:2024/12/29 浏览次数:1
最近网站刷新后经常出现503 Service Temporarily Unavailable错误,有时有可以,联想到最近在nginx.conf里做了单ip访问次数限制,(limit_req_zone $binary_remote_addr zone=allips:20m rate=20r/s;) 把这个数量放大后在刷新发现问题解决。(还顺便把这个改大了 limit_req zone=allips burst=50 nodelay; )为了证实该问题,反复改动该数量测试发现问题确实在这。这个数量设得太小有问题,通过fiddler发现web页面刷新一下,因为页面上引用的js,css,图片都算一个连接。所以单个页面刷新下就有可能刷爆这个限制,超过这个限制就会提示503 Service Temporarily Unavailable。
附上nginx.conf
#user nobody; worker_processes 1; #worker_rlimit_nofile 100000; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; ##cache## proxy_connect_timeout 5; proxy_read_timeout 60; proxy_send_timeout 5; proxy_buffer_size 16k; proxy_buffers 4 64k; proxy_busy_buffers_size 128k; proxy_temp_file_write_size 128k; proxy_temp_path /home/temp_dir; proxy_cache_path /usr/local/nginx/cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g; ##end## #limit per ip per second access times 10 limit_req_zone $binary_remote_addr zone=allips:20m rate=20r/s; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; upstream myweb80{ ip_hash; server 192.168.3.105:80; server 192.168.3.103:80; } upstream myweb8080{ ip_hash; server 192.168.3.222:10080; #server 192.168.3.103:8080; } upstream myweb10086{ ip_hash; server 192.168.3.102:10086; server 192.168.3.108:10086; } upstream myweb443{ ip_hash; server 192.168.3.105:443; server 192.168.3.103:443; } # another virtual host using mix of IP-, name-, and port-based configuration # server { listen 80; allow 218.17.158.2; allow 127.0.0.0/24; allow 192.168.0.0/16; allow 58.251.130.1; allow 183.239.167.3; allow 61.145.164.1; deny all; server_name myweb.com; location / { proxy_pass http://myweb80; proxy_set_header X-Real-IP $remote_addr; limit_req zone=allips burst=50 nodelay; } } server { listen 8080; allow 218.17.158.2; allow 127.0.0.0/24; allow 192.168.0.0/16; allow 58.251.130.1; allow 183.239.167.3; allow 61.145.164.1; deny all; location / { proxy_pass http://myweb8080; proxy_set_header X-Real-IP $remote_addr; limit_req zone=allips burst=50 nodelay; } } # HTTPS server # server { listen 10086 ssl; server_name localhost; allow 218.17.158.2; allow 127.0.0.0/24; allow 192.168.0.0/16; allow 58.251.130.1; allow 183.239.167.3; allow 61.145.164.1; #deny all; ssl_certificate ssl/1_www.myweb.com_bundle.crt; ssl_certificate_key ssl/2_www.myweb.com.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; location / { proxy_pass https:// myweb10086; #roft html; #index index.html index.htm; } } 服务器{ listen 443 ssl; server_name localhost; ssl_certificate ssl / 1_www.myweb.com_bundle.crt; ssl_certificate_key ssl / 2_www.myweb.com.key; #ssl_session_cache共享:SSL:1m; #ssl_session_timeout 5m; #ssl_ciphers HIGH:!aNULL:!MD5; #ssl_prefer_server_ciphers on; location / { proxy_pass https:// myweb443; #roft html; #roft html; #index index.html index.htm; } } }
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。