NODEBB: Nginx error performance & High CPU
-
@DownPW And the
worker_processesvalue ? I expect this to be between 1 and 4 ?Mark
Founder - Phenomlab LtdExecutive Technology & Security Leadership
-
worker_processes auto;PW and WS Spirit alive
-
worker_processes auto;@DownPW ok. You should refer to that some article I previously provided. You can probably set this to a static value.
Mark
Founder - Phenomlab LtdExecutive Technology & Security Leadership
-
@DownPW ok. You should refer to that some article I previously provided. You can probably set this to a static value.
Ok I will see it for better worker_processes value
I add a rate limite request and limit_conn_zone on http block and vhost block :
– nginx.conf:
http { #Requete maximun par ip limit_req_zone $binary_remote_addr zone=flood:10m rate=100r/s; #Connexions maximum par ip limit_conn_zone $binary_remote_addr zone=ddos:1m;-- vhost.conf : location / { limit_req zone=flood burst=100 nodelay; limit_conn ddos 10;–> I have test other value for rate and burst but they cause problem access to the forum. If you have better, I take it
I add today a proxy_read_timeout on vhost.conf (60 by default)
proxy_read_timeout 180;I have deactivate underattack mode on CF and change for high Level
I have add other rules on CF waf :
PW and WS Spirit alive
-
Ok I will see it for better worker_processes value
I add a rate limite request and limit_conn_zone on http block and vhost block :
– nginx.conf:
http { #Requete maximun par ip limit_req_zone $binary_remote_addr zone=flood:10m rate=100r/s; #Connexions maximum par ip limit_conn_zone $binary_remote_addr zone=ddos:1m;-- vhost.conf : location / { limit_req zone=flood burst=100 nodelay; limit_conn ddos 10;–> I have test other value for rate and burst but they cause problem access to the forum. If you have better, I take it
I add today a proxy_read_timeout on vhost.conf (60 by default)
proxy_read_timeout 180;I have deactivate underattack mode on CF and change for high Level
I have add other rules on CF waf :
@DownPW what settings do you have in advanced (in settings) for rate limit etc?
Mark
Founder - Phenomlab LtdExecutive Technology & Security Leadership
-
@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW what settings do you have in advanced (in settings) for rate limit etc?
In cloudflare ?
PW and WS Spirit alive
-
I wanted to test awstats on virtualmin with root account and it hasn’t updated since August 2022.
I wanted to regenerate the files but I have a problem of rights.
What do you think ? and how t ore-generate a rapport correctly
I would like to use it to better manage the @ips that connect to the server
PW and WS Spirit alive
-
@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW what settings do you have in advanced (in settings) for rate limit etc?
In cloudflare ?
@DownPW no, sorry - in NodeBB ACP
Mark
Founder - Phenomlab LtdExecutive Technology & Security Leadership
-
I wanted to test awstats on virtualmin with root account and it hasn’t updated since August 2022.
I wanted to regenerate the files but I have a problem of rights.
What do you think ? and how t ore-generate a rapport correctly
I would like to use it to better manage the @ips that connect to the server
@DownPW from recollection,
awstatsis accessible via the web front end, so (for example) https://mydomain.com/awstatsHowever, as you are pushing everything into a reverse proxy you’ll need to add a custom route in the
nginx.conffile you are using on the website so this can be rendered outside of NodeBB.Mark
Founder - Phenomlab LtdExecutive Technology & Security Leadership
-
@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW no, sorry - in NodeBB ACP
Here is the value
PW and WS Spirit alive
-
@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW no, sorry - in NodeBB ACP
Here is the value
@DownPW what is the result of disabling it altogether? That will resolve the 503 rate limit error but could we leave the system exposed to bring overwhelmed.
Mark
Founder - Phenomlab LtdExecutive Technology & Security Leadership
-
@DownPW what is the result of disabling it altogether? That will resolve the 503 rate limit error but could we leave the system exposed to bring overwhelmed.
@DownPW you should also review this
https://docs.nodebb.org/configuring/scaling/
In particular, the part concerning proxied assets.
-
@DownPW from recollection,
awstatsis accessible via the web front end, so (for example) https://mydomain.com/awstatsHowever, as you are pushing everything into a reverse proxy you’ll need to add a custom route in the
nginx.conffile you are using on the website so this can be rendered outside of NodeBB.@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW from recollection,
awstatsis accessible via the web front end, so (for example) https://mydomain.com/awstatsHowever, as you are pushing everything into a reverse proxy you’ll need to add a custom route in the
nginx.conffile you are using on the website so this can be rendered outside of NodeBB.Thats why I have a permission error like the screen? Odd
Nope, Awstats is accessible like this via Virtualmin:
https://XXXX:8443/virtualmin-awstats/view.cgi?config=XXXXXX.XX
I have jsut an error of permission whe nI test to regenerate a Report because the script can’t access to log file
PW and WS Spirit alive
-
@DownPW what is the result of disabling it altogether? That will resolve the 503 rate limit error but could we leave the system exposed to bring overwhelmed.
@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW what is the result of disabling it altogether? That will resolve the 503 rate limit error but could we leave the system exposed to bring overwhelmed.
Disabling What ? Traffic management? HSTS ?
-
@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW from recollection,
awstatsis accessible via the web front end, so (for example) https://mydomain.com/awstatsHowever, as you are pushing everything into a reverse proxy you’ll need to add a custom route in the
nginx.conffile you are using on the website so this can be rendered outside of NodeBB.Thats why I have a permission error like the screen? Odd
Nope, Awstats is accessible like this via Virtualmin:
https://XXXX:8443/virtualmin-awstats/view.cgi?config=XXXXXX.XX
I have jsut an error of permission whe nI test to regenerate a Report because the script can’t access to log file
@DownPW said in NODEBB: Nginx error performance & High CPU:
Thats why I have a permission error like the screen? Odd
No, not at all. That error is because
www-dataowns the files when it should be the account you are using to run the website itself under.Mark
Founder - Phenomlab LtdExecutive Technology & Security Leadership
-
@DownPW said in NODEBB: Nginx error performance & High CPU:
Thats why I have a permission error like the screen? Odd
No, not at all. That error is because
www-dataowns the files when it should be the account you are using to run the website itself under.@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW said in NODEBB: Nginx error performance & High CPU:
Thats why I have a permission error like the screen? Odd
No, not at all. That error is because
www-dataowns the files when it should be the account you are using to run the website itself under.I thought that was weird
strange than that.
–> Would you have a solution so that I can regenerate the report and use awstats via virtualmin?
PW and WS Spirit alive
-
@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW said in NODEBB: Nginx error performance & High CPU:
Thats why I have a permission error like the screen? Odd
No, not at all. That error is because
www-dataowns the files when it should be the account you are using to run the website itself under.I thought that was weird
strange than that.
–> Would you have a solution so that I can regenerate the report and use awstats via virtualmin?
@DownPW try this
https://manpages.org/awstatsMark
Founder - Phenomlab LtdExecutive Technology & Security Leadership
-
@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW try this
https://manpages.org/awstatsIt worked with the following command (very long) in cli but I’m afraid it won’t work with the virtualmin module
awstats -config=XXX-XXX.XXX -update
PW and WS Spirit alive
-
@phenomlab said in NODEBB: Nginx error performance & High CPU:
@DownPW try this
https://manpages.org/awstatsIt worked with the following command (very long) in cli but I’m afraid it won’t work with the virtualmin module
awstats -config=XXX-XXX.XXX -update@DownPW yes, that was a command line to get you the immediate information you needed. Did you try adding the necessary config to
nginxin order that it bypasses the reverse proxy?Mark
Founder - Phenomlab LtdExecutive Technology & Security Leadership
-
Hello
Since yesterday, we have been experiencing a massive influx of new users.
Today we have more than 1000 simultaneous connections (account creation, participation in topics, etc.)
I had a lot of issues with Nginx that I think I got fixed.
I have several “worker_connections is too long” & “too many openfiles” errors on nginx log :
I think I solved his 2 problems in the following way :
systemctl edit --full nginx.service [Service] LimitNOFILE=70000nano /etc/nginx/nginx.conf worker_rlimit_nofile 70000; events { # worker_connections 768; worker_connections 65535; # multi_accept on; multi_accept on; }I have “client intended to send too large body” errors too :
I think I solved this problem in the following way :
nano /etc/nginx/nginx.conf http { ## # Basic Settings ## client_max_body_size 10M;–> I hope this will be enough for Nginx.
But now, I have a problem of CPU performance (sometimes, not ) which causes nodebb 503 errors (not nginx) or latencies because nodeJS and mongodb takes a lot of CPU.
– Would there be tweaks for nodejs, nodebb or mongodb to prevent the influx of users from draining the CPU - RAM ?
– If you have better values for nginx error (see above the topic) or better fix, tell me
Thanks in advance @phenomlab
@DownPW one day a year, we have the same problem in our forum, where several thousand users become online at the same minute and get similar problems… but we are getting better each year at handling this…
I do not have full technical details about our solution but I know for sure that using NodeBB that listens to three ports help… 4567, 4568, and 4569… Is your NodeBB set up this way?
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register LoginDid this solution help you?
Related Topics
-
-
-
-
-
-
-
-
Iframely (Nodebb)
Solved Configure
