Tagnginx

nginx server status page and interpretation

Server tuning starts with server monitoring, with server-stats you can learn about the usage of nginx.

First, check if nginx has been compiled with –with-http_stub_status_module.

$ /usr/sbin/nginx -V 2>&1 | grep --color with-http_stub_status_module

Check the output for –with-http_stub_status_module. If it’s not there, you must compile it in manually.

If you have it, start by add this config snippet to your server config:

server {
  listen 127.0.0.1:8200;
  location /server-status {
    stub_status on;
    access_log off;
    allow 127.0.0.1;
    deny all;
  }
}

Then, reload nginx. You can query the status page from localhost only with this config. Try it:

$ wget http://127.0.0.1:8200/server-status -qO -

Active connections: 4
server accepts handled requests
488803 488803 1002230
Reading: 0 Writing: 2 Waiting: 2

This reads like this:

We have 4 active connections, 2 of them are currently being served by nginx (Writing), 0 are requesting something (Reading) and 2 have open connections but there is no activity at the moment (Waiting), this is because of keep-alive connections.

The server has accepted 488803 connections and could answer 488803 of it (100%). Within this connections, 1002230 requests have been served (2.05 requests/connection).

openssl CSR generieren

Ein Post, nur weil ich selber immer vergesse wie das geht.

Also, zuerst einen Private Key für den Server generieren:

openssl genrsa -out domainname.key 2048

Wer gerne noch einen Passpharse dazu haben möchte schreibt:

openssl genrsa -des3 -out domainname.key 2048

Mit dem Key kann dann der CSR erstellt werden:

openssl req -new -sha256 -key domainname.key -out domainname.csr

Danach ist das .csr File fertig. Natürlich muss der Private Key geheim bleiben, sonst kann jeder das selbe Zertifikat ausstellen und das ist – nicht gut.

© 2017 netmess

Theme by Anders NorenUp ↑