Nginx returns HTTP Code 500 for large request

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Nginx returns HTTP Code 500 for large request

vergil
Hi all,

I've faced with the next issue and need some help.
When I send a large request with json content (the request size is above
10kB), Nginx returns "500 Internal Server Error".
But, when I send the same request with less size, it works fine.

My steps:

1. I enabled "debug" logging for error.log, but I don't see any errors.

2. Also, I added '$upstream_response_length $upstream_response_time
$upstream_status $request_body'
parameters for logging for access.log.
Once "500 Internal Server Error" error happens, I can see these parameters
are empty.
This is an example of my log in access.log:
"POST /report/exportreport HTTP/1.1" 500 186 9216 "-" - - - -
"PostmanRuntime/7.25.0" "-"
But I can see these parameters for other successful requests.

3. Also, I tried to use 'client_max_body_size' parameters in config file,
but it doesn't work for me.

It seems that Nginx trims large request.
Please, could any help me?

Thank you in advance.

Version of Nginx: 1.14.1

Config Nginx:

user centos;
worker_processes auto;
error_log /var/log/nginx/error.log debug;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request"
'
                      '$status $body_bytes_sent $request_length
"$http_referer" '
                      '$upstream_response_length $upstream_response_time
$upstream_status '
                      '$request_body '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log main;

    access_log on;
    error_log on;

    client_max_body_size 1m;
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    # don't send the nginx version number in error pages and Server header
    server_tokens off;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        # enable session resumption to improve https performance
        #
http://vincent.bernat.im/en/blog/2011-ssl-session-reuse-rfc5077.html
        ssl_session_cache shared:SSL:50m;
        ssl_session_timeout 1d;
        ssl_session_tickets off;

        ##
        # Gzip Settings
        ##

        gzip on;

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json
application/javascript text/xml application/xml application/xml+rss
text/javascript;

    # Load modular configuration files from the /etc/nginx/conf.d
directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

# frontnend

    server {
                if ($request_method !~ ^(GET|POST)$ )
                {
                        return 405;
                }

        server_name  www.fcs.navitrack.com.ua fcs.navitrack.com.ua;

        listen       443 ssl;
        listen       [::]:443 ssl;
        root         /home/centos/navitrack/navitrack-fcs/frontend;
        index index.html;

        ssl_certificate
"/etc/letsencrypt/live/www.fcs.navitrack.com.ua/fullchain.pem";
        ssl_certificate_key
"/etc/letsencrypt/live/www.fcs.navitrack.com.ua/privkey.pem";
        ssl_trusted_certificate
"/etc/letsencrypt/live/www.fcs.navitrack.com.ua/fullchain.pem";

        client_max_body_size 1m;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
            add_header 'X-XSS-Protection' '1; mode=block' always;
            add_header 'X-Content-Type-Option' 'nosniff' always;
            add_header 'X-Frame-Options' 'SAMEORIGIN' always;
            add_header 'Content-Security-Policy' "default-src 'self';
script-src 'self' https://maps.googleapis.com; style-src 'self'
'unsafe-inline' https://fonts.googleapis.com; img-src 'self'
https://maps.googleapis.com https://maps.gstatic.com data:; font-src 'self'
https://fonts.gstatic.com; connect-src 'self'
https://api.fcs.navitrack.com.ua https://maps.googleapis.com";
        }

        location /login {
            alias         /home/centos/navitrack/navitrack-fcs/frontend;

            add_header 'X-XSS-Protection' '1; mode=block' always;
            add_header 'X-Content-Type-Option' 'nosniff' always;
            add_header 'X-Frame-Options' 'SAMEORIGIN' always;
            add_header 'Content-Security-Policy' "default-src 'self';
script-src 'self' https://maps.googleapis.com; style-src 'self'
'unsafe-inline' https://fonts.googleapis.com; img-src 'self'
https://maps.googleapis.com https://maps.gstatic.com data:; font-src 'self'
https://fonts.gstatic.com; connect-src 'self'
https://api.fcs.navitrack.com.ua https://maps.googleapis.com";
        }


        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

# backend

server {
                if ($request_method !~ ^(GET|POST|OPTIONS)$ )
                        {
                                return 405;
                        }

                server_name api.fcs.navitrack.com.ua;

                listen       443 ssl;
                listen       [::]:443 ssl;

        ssl_certificate
"/etc/letsencrypt/live/api.fcs.navitrack.com.ua/fullchain.pem";
        ssl_certificate_key
"/etc/letsencrypt/live/api.fcs.navitrack.com.ua/privkey.pem";
        ssl_trusted_certificate
"/etc/letsencrypt/live/api.fcs.navitrack.com.ua/fullchain.pem";

        client_max_body_size 1m;

        location / {

        #add CORS
        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin'
'https://fcs.navitrack.com.ua' always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'
always;
            add_header 'Access-Control-Allow-Headers'
'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'
always;
            add_header 'Access-Control-Max-Age' 86400 always;
            add_header 'Content-Type' 'text/plain; charset=utf-8' always;
            add_header 'Content-Length' 0 always;

            return 204;
        }

        if ($request_method = 'GET') {
            add_header 'Access-Control-Allow-Origin'
'https://fcs.navitrack.com.ua' always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'
always;
            add_header 'Access-Control-Allow-Headers'
'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'
always;
        }

         if ($request_method = 'POST') {
            add_header 'Access-Control-Allow-Origin'
'https://fcs.navitrack.com.ua' always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'
always;
            add_header 'Access-Control-Allow-Headers'
'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'
always;
        }

        proxy_pass         <a href="http://localhost:18745;">http://localhost:18745;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_buffer_size 20k;
        proxy_buffers 16 256k;
        proxy_busy_buffers_size 512k;
    }
    }
}

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,288137,288137#msg-288137

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx