Ich habe ein nginx webserver hier auf meinem Heimserver installiert.
Manchmal laedt die Seite nicht, keine Fehlermeldung. 20 Sekunden spaeter geht es dann ohne Probleme. Kurz danach geht es wieder von vorne los.
curl <https://URL> oder curl -i <https://URL> geht immer.
In den logs finde ich nichts. Da kommt erst was an wenn die Seite auch im browser angezeigt wird.
Das ganze macht es auch so schwer es zu debuggen.
Andere services gehen wunderbar. Torrent, ssh oder andere http server.
curl -i:
Code: Alles auswählen
HTTP/2 200
server: nginx/1.14.2
date: Tue, 14 Jan 2020 15:19:12 GMT
content-type: text/html
content-length: 251
last-modified: Thu, 18 Apr 2019 20:37:16 GMT
vary: Accept-Encoding
etag: "5cb8dffc-fb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src: https: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
sites-available/reeeeee.com.conf
Code: Alles auswählen
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name reeeeee.com;
root /var/www/reeeeee.com/public;
include nginxconfig.io/general.reeeeee.com;
}
nginxconfig.io/general.reeeeee.com
Code: Alles auswählen
# SSL
ssl_certificate /etc/letsencrypt/live/reeeeee.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/reeeeee.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/reeeeee.com/chain.pem;
# logging
access_log /var/log/nginx/reeeeee.com.access.log;
error_log /var/log/nginx/reeeeee.com.error.log warn;
include nginxconfig.io/general.conf;
Code: Alles auswählen
# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
#Disabled because of <redacted>
#add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
add_header Content-Security-Policy "default-src: https: 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# . files
location ~ /\.(?:!well-known|files) {
deny all;
}
# favicon.ico
location = /favicon.ico {
log_not_found off;
access_log off;
}
# robots.txt
location = /robots.txt {
log_not_found off;
access_log off;
}
# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;