最近網站刷新后經常出現503 Service Temporarily Unavailable錯誤,有時有可以,聯想到最近在nginx.conf里做了單ip訪問次數限制,(limit_req_zone $binary_remote_addr zone=allips:20m rate=20r/s;) 把這個數量放大后在刷新發現問題解決。(還順便把這個改大了 limit_req zone=allips burst=50 nodelay; )為了證實該問題,反復改動該數量測試發現問題確實在這。這個數量設得太小有問題,通過fiddler發現web頁面刷新一下,因為頁面上引用的js,css,圖片都算一個連接。所以單個頁面刷新下就有可能刷爆這個限制,超過這個限制就會提示503 Service Temporarily Unavailable。
附上nginx.conf
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
#user nobody;worker_processes 1;#worker_rlimit_nofile 100000; #error_log logs/error.log;#error_log logs/error.log notice;#error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024;} http { include mime.types; default_type application/octet-stream; ##cache## proxy_connect_timeout 5; proxy_read_timeout 60; proxy_send_timeout 5; proxy_buffer_size 16k; proxy_buffers 4 64k; proxy_busy_buffers_size 128k; proxy_temp_file_write_size 128k; proxy_temp_path /home/temp_dir; proxy_cache_path /usr/local/nginx/cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g; ##end###limit per ip per second access times 10 limit_req_zone $binary_remote_addr zone=allips:20m rate=20r/s; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on;upstream myweb80{ ip_hash; server 192.168.3.105:80; server 192.168.3.103:80;} upstream myweb8080{ ip_hash; server 192.168.3.222:10080; #server 192.168.3.103:8080; } upstream myweb10086{ ip_hash; server 192.168.3.102:10086; server 192.168.3.108:10086; } upstream myweb443{ ip_hash; server 192.168.3.105:443; server 192.168.3.103:443; } # another virtual host using mix of IP-, name-, and port-based configuration # server { listen 80; allow 218.17.158.2;allow 127.0.0.0/24;allow 192.168.0.0/16;allow 58.251.130.1;allow 183.239.167.3;allow 61.145.164.1;deny all;server_name myweb.com; location / { proxy_pass http://myweb80;proxy_set_header X-Real-IP $remote_addr;limit_req zone=allips burst=50 nodelay; } } server { listen 8080;allow 218.17.158.2;allow 127.0.0.0/24;allow 192.168.0.0/16;allow 58.251.130.1;allow 183.239.167.3;allow 61.145.164.1;deny all; location / { proxy_pass http://myweb8080;proxy_set_header X-Real-IP $remote_addr;limit_req zone=allips burst=50 nodelay; } } # HTTPS server # server { listen 10086 ssl; server_name localhost;allow 218.17.158.2;allow 127.0.0.0/24;allow 192.168.0.0/16;allow 58.251.130.1;allow 183.239.167.3;allow 61.145.164.1;#deny all; ssl_certificate ssl/1_www.myweb.com_bundle.crt; ssl_certificate_key ssl/2_www.myweb.com.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; location / { proxy_pass https:// myweb10086; #roft html; #index index.html index.htm; } } 服務器{ listen 443 ssl; server_name localhost; ssl_certificate ssl / 1_www.myweb.com_bundle.crt; ssl_certificate_key ssl / 2_www.myweb.com.key; #ssl_session_cache共享:SSL:1m; #ssl_session_timeout 5m; #ssl_ciphers HIGH:!aNULL:!MD5; #ssl_prefer_server_ciphers on; location / { proxy_pass https:// myweb443; #roft html; #roft html; #index index.html index.htm; } } } |
以上就是本文的全部內容,希望對大家的學習有所幫助,也希望大家多多支持服務器之家。
原文鏈接:https://blog.csdn.net/huwei2003/article/details/46743105
