nginx+apache combo

jonn

Verified User
Joined
Mar 29, 2009
Messages
112
Location
Queensland, Australia.
I haven't used this nginx/apache combo before in DA, I need to ask if its normal for nginx to start with 600MB then climbs to 1.65GB to 1.8GB then back to 1.65GB, nothing is hammering the server at all. Is nginx caching this amount? Server isn't breaking a sweet, just got me thinking why so high.

I did however notice an odd entry in nginx/error_log every time mod_security blocks a connection this appears.

Code:
2016/01/01 01:19:57 [emerg] 19480#0: invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2
2016/01/01 01:19:59 [emerg] 19760#0: invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2
2016/01/01 01:19:59 [emerg] 19763#0: invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2
2016/01/01 01:19:59 [emerg] 19766#0: invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2
2016/01/01 01:19:59 [emerg] 19780#0: invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2
2016/01/01 01:20:01 [emerg] 20876#0: invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2
2016/01/01 01:20:02 [emerg] 21179#0: invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2
2016/01/01 01:20:07 [emerg] 22516#0: invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2
2016/01/01 01:20:13 [emerg] 22733#0: invalid port in "|IP|:|PORT_80|" of the "listen" directive in /etc/nginx/nginx-vhosts.conf:2

I would think that these entries are just due to connection blocked by mod security for the ip and that's all it is. But what about the high nginx ram is that normal or even to idle at 600MB, I thought it would be around 150mb - 250mb maybe then climb as needed but climb to 1.65GB 1.75GB seems a little high.

---
 
You shouldn't have |IP|:|PORT_80| code in /etc/nginx/nginx-vhosts.conf. Please try:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build rewrite_confs

As for the RAM usage, where did you take the numbers form? It might be numbers of shared memory usage (nginx shares a lot of memory between it's similar processes).
 
You shouldn't have |IP|:|PORT_80| code in /etc/nginx/nginx-vhosts.conf. Please try:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build rewrite_confs

|IP|:|PORT_80| isnt even in nginx-vhosts.conf, thats what made it strange to see in error logs.
Yes tried rewrite_confs yesterday morning before posting here in the afternoon, no change.

this is whats in nginx-vhosts.conf

Code:
   server {
        listen       xx.xx.xx.170:80;
        listen       127.0.0.1:80;
        #listen       [::1]:80;
        server_name  $hostname xx.xx.xx.170;

        root   /var/www/html;
        index  index.html index.htm index.php;

        include /etc/nginx/nginx-userdir.conf;

                location / {
                        access_log off;
                        proxy_pass http://xx.xx.xx.170:8080;
                        proxy_set_header X-Client-IP      $remote_addr;
                        proxy_set_header X-Accel-Internal /nginx_static_files;
                        proxy_set_header Host             $host;
                        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
                }

                location /nginx_static_files/ {
                        access_log  /var/log/nginx/access_log_proxy;
                        alias       /var/www/html/;
                        internal;
                }

                # deny access to .htaccess and .user.ini files
                        location ~ /(\.ht|\.user\.ini) {
                                deny  all;
                        }

                        include /etc/nginx/nginx-info.conf;
                        include /etc/nginx/webapps.hostname.conf;
    }

    # HTTPS server
    #
    server {
        listen       xx.xx.xx.170:443 ssl;
        listen       127.0.0.1:443 ssl;
        #listen       [::1]:443 ssl;
        server_name  $hostname xx.xx.xx.170;

        ssl                     on;
        ssl_certificate         /etc/httpd/conf/ssl.crt/server.crt.combined;
        ssl_certificate_key     /etc/httpd/conf/ssl.key/server.key;

        root   /var/www/html;
        index  index.html index.htm index.php;

        include /etc/nginx/nginx-userdir.conf;

                location / {
                        access_log off;
                        proxy_pass https://xx.xx.xx.170:8081;
                        proxy_set_header X-Client-IP      $remote_addr;
                        proxy_set_header X-Accel-Internal /nginx_static_files;
                        proxy_set_header Host             $host;
                        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
                }

                location /nginx_static_files/ {
                        access_log  /var/log/nginx/access_log_proxy;
                        alias       /var/www/html/;
                        internal;
                }

                # deny access to .htaccess and .user.ini files
        location ~ /(\.ht|\.user\.ini) {
            deny  all;
        }

        include /etc/nginx/nginx-info.conf;
        include /etc/nginx/webapps.hostname.conf;
    }


As for the RAM usage, where did you take the numbers form? It might be numbers of shared memory usage (nginx shares a lot of memory between it's similar processes).

From the service monitor on the control panel.
 
Last edited:
Ram peeked at 6.7GB for a few hours last night so I disabled csf messenger service which I enabled after trying the nginx/apache, ram has settled back to 600MB-1GB for the last day, so it might have just been the messenger service from csf firewall causing the spike and nginx error if an ip was blocked, the messenger service may be playing up, in a few days I will be certain that to be the reason.
 
confirmed: it was the csf firewall messenger service peaking ram and caused the nginx vhost error.
disabling messenger fixed the two problems.
 
Back
Top