当前位置 主页 > 网站技术 > 代码类 >

    解决nginx 503 Service Temporarily Unavailable方法示例

    栏目:代码类 时间:2019-12-04 12:05

    最近网站刷新后经常出现503 Service Temporarily Unavailable错误,有时有可以,联想到最近在nginx.conf里做了单ip访问次数限制,(limit_req_zone $binary_remote_addr zone=allips:20m rate=20r/s;) 把这个数量放大后在刷新发现问题解决。(还顺便把这个改大了 limit_req zone=allips burst=50 nodelay;   )为了证实该问题,反复改动该数量测试发现问题确实在这。这个数量设得太小有问题,通过fiddler发现web页面刷新一下,因为页面上引用的js,css,图片都算一个连接。所以单个页面刷新下就有可能刷爆这个限制,超过这个限制就会提示503 Service Temporarily Unavailable。

    附上nginx.conf

    #user nobody;
    worker_processes 1;
    #worker_rlimit_nofile 100000; 
    #error_log logs/error.log;
    #error_log logs/error.log notice;
    #error_log logs/error.log info;
     
    #pid    logs/nginx.pid;
     
    events {
      worker_connections 1024;
    }
     
    http {
      include    mime.types;
      default_type application/octet-stream;
     
    ##cache##
     proxy_connect_timeout 5;
     proxy_read_timeout 60;
     proxy_send_timeout 5;
     proxy_buffer_size 16k;
     proxy_buffers 4 64k;
     proxy_busy_buffers_size 128k;
     proxy_temp_file_write_size 128k;
     proxy_temp_path /home/temp_dir;
     proxy_cache_path /usr/local/nginx/cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g;
     ##end##
    #limit per ip per second access times 10 
    limit_req_zone $binary_remote_addr zone=allips:20m rate=20r/s;
     
      #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
      #         '$status $body_bytes_sent "$http_referer" '
      #         '"$http_user_agent" "$http_x_forwarded_for"';
     
      #access_log logs/access.log main;
     
      sendfile    on;
      #tcp_nopush   on;
     
      #keepalive_timeout 0;
      keepalive_timeout 65;
     
      #gzip on;
    upstream myweb80{
      ip_hash;
      server 192.168.3.105:80;
      server 192.168.3.103:80;
    }
     
    upstream myweb8080{
      ip_hash;
      server 192.168.3.222:10080;
      #server 192.168.3.103:8080;
     } 
    upstream myweb10086{
      ip_hash;
      server 192.168.3.102:10086;
      server 192.168.3.108:10086;
     } 
    upstream myweb443{
      ip_hash;
      server 192.168.3.105:443;
      server 192.168.3.103:443;
     } 
     
      # another virtual host using mix of IP-, name-, and port-based configuration
      #
      server {
        listen    80;
        allow  218.17.158.2;
    allow 127.0.0.0/24;
    allow 192.168.0.0/16;
    allow 58.251.130.1;
    allow 183.239.167.3;
    allow 61.145.164.1;
    deny  all;
    server_name myweb.com;
        location / {
            proxy_pass http://myweb80;
    proxy_set_header X-Real-IP $remote_addr;
    limit_req zone=allips burst=50 nodelay;  
        }
      }
     
      server {
        listen    8080;
    allow  218.17.158.2;
    allow 127.0.0.0/24;
    allow 192.168.0.0/16;
    allow 58.251.130.1;
    allow 183.239.167.3;
    allow 61.145.164.1;
    deny  all;
        location / {
            proxy_pass http://myweb8080;
    proxy_set_header X-Real-IP $remote_addr;
    limit_req zone=allips burst=50 nodelay;  
        }
      }
     
    # HTTPS server
      #
      server {
        listen    10086 ssl;
        server_name localhost;
    allow  218.17.158.2;
    allow 127.0.0.0/24;
    allow 192.168.0.0/16;
    allow 58.251.130.1;
    allow 183.239.167.3;
    allow 61.145.164.1;
    #deny  all;
        ssl_certificate   ssl/1_www.myweb.com_bundle.crt;
        ssl_certificate_key ssl/2_www.myweb.com.key;
     
      #  ssl_session_cache  shared:SSL:1m;
      #  ssl_session_timeout 5m;
     
      #  ssl_ciphers HIGH:!aNULL:!MD5;
      #  ssl_prefer_server_ciphers on;
     
        location / { 
       proxy_pass https:// myweb10086; 
       #roft html; 
       #index index.html index.htm; 
        } 
      }
     
      服务器{ 
        listen 443 ssl; 
        server_name localhost;
     
        ssl_certificate ssl / 1_www.myweb.com_bundle.crt; 
        ssl_certificate_key ssl / 2_www.myweb.com.key;
     
      #ssl_session_cache共享:SSL:1m; 
      #ssl_session_timeout 5m;
     
      #ssl_ciphers HIGH:!aNULL:!MD5; 
      #ssl_prefer_server_ciphers on;
     
        location / { 
       proxy_pass https:// myweb443; 
       #roft html; 
       #roft html; 
       #index index.html index.htm; 
        } 
      } 
    }