Nginx 代理缓存无法与 php 会话配合使用

Nginx 代理缓存无法与 php 会话配合使用

服务器管理绝对不是我的领域 —— 不幸的是我只能设置一个以 Nginx 作为静态资产服务器的服务器,并以 php-fpm 为后盾的 apache 来提供 PHP 页面服务。

我正在尝试建立代理缓存,但只有当我不使用 PHP 会话时它才有效。我可能忽略了一点,但据我所知,我不明白为什么缓存不可能提供不用于身份验证的标准 PHP 会话 cookie?

我猜想这是配置问题,但我为此绞尽了脑汁。我在这里发布了我的设置 - 希望有人能给我指明正确的方向。我有一个 php 文件,里面除了以下内容外什么都没有:

session_cache_limiter('public');
ini_set('session.cache_expire', 1000);
session_start();
echo "OK";
die();

nginx.conf:

user www-data;
worker_processes 6;
worker_rlimit_nofile 50000;
pid /run/nginx.pid;

events {
        worker_connections  8096;
        multi_accept        on;
    use                 epoll;
}

http {
    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 15;
    types_hash_max_size 2048;
    server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    log_format cache '***$time_local '
                   'req_time=$request_time '
                   '$upstream_cache_status '
                   'Cache-Control: $upstream_http_cache_control '
                   'Expires: $upstream_http_expires '
                   '"$request" ($status) '
                   '"$http_user_agent" ';

    access_log /var/log/nginx/cache.log cache;

    ##
    # Gzip Settings
    ##
        gzip on;
    gzip_disable "msie6";
    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_min_length 256;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;


    ##
    # Proxy Settings
    ##
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    proxy_temp_path /var/data/nginx/tmp;
    proxy_cache_path /var/data/nginx/cache/proxy levels=1:2 keys_zone=proxy_cache:10m max_size=1024m inactive=60m use_temp_path=off;
    fastcgi_cache_path /var/data/nginx/cache/fcgi levels=1:2 keys_zone=fcgi_cache:10m max_size=1024m inactive=60m; add_header X-Cache $upstream_cache_status;

    ## cookie mapping
    map $http_cookie $session_cookie {
        default ""; 
        ~PHPSESSID=(?<sessionkey>[a-zA-Z0-9]+) $sessionkey;
    }

    ## mapping cache to request method
    map $request_method $no_cache {
        default 1; # by default do not cache
        HEAD 0; # cache HEAD requests
        GET 0; # cache GET requests
    }

    ## map purge request
    map $request_method $purge_method {
            PURGE   1;
            default 0;
    }

    # Allow underscores in header
       underscores_in_headers on;

        # Set Max Client Body size to 10 MB        
        client_max_body_size 10M;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

虚拟主机配置:

# http
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    return 302 https://$server_name$request_uri;
}

# https
server {
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;

    include snippets/self-signed.conf;
    include snippets/ssl-params.conf;

    root /var/www/;
    index index.php;

    sendfile           on;
    tcp_nopush         on;
    tcp_nodelay        on;
    keepalive_timeout  15;

    location / {
        access_log off;
        log_not_found off;
        try_files $uri $uri/ @apache;
        index index.html index.htm index.php;
    }
    location ~* \.(jpg|jpeg|gif|png|svg|css|js|ico|xml|woff|woff2|eot|ttf)$ {
        access_log          off;
        log_not_found       off;
        expires             30d;
        autoindex           off;
        add_header          Pragma "public";
        add_header          Cache-Control public; 
        add_header          Cache-Control "max-age=43200, public, must-revalidate, proxy-revalidate"; 
        gzip_static         on;
        gzip_min_length     1000;
        gzip_comp_level     2;
    }
    location = /favicon.ico {
        access_log off;
        log_not_found off;
    }
    location = /robots.txt {
        access_log off;
        log_not_found off;
    }
    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }
    location ~*|\.php*$ {
        access_log off;
        log_not_found off;

        # Apache reverse proxy and caching turn proxy buffering to "on" to enable
        proxy_buffering on;
        include /etc/nginx/proxy_params;

        proxy_pass https://127.0.0.1:8088;
        proxy_cache proxy_cache;
        proxy_cache_revalidate on;
        proxy_cache_lock on;
        proxy_cache_valid 200 302 5m;
        proxy_cache_valid 404 1m;
        proxy_cache_valid any 3m;
        proxy_cache_min_uses 3;
        proxy_cache_key $proxy_host$request_uri$session_cookie;
    }
    location @apache {
        access_log off;
        log_not_found off;

        # Apache reverse proxy and caching turn proxy buffering to "on" to enable
        proxy_buffering on;
        include /etc/nginx/proxy_params;
        proxy_pass https://127.0.0.1:8088;
    }
}

代理参数:

client_max_body_size 100M;
client_body_buffer_size 1m;
proxy_intercept_errors on;
proxy_buffer_size 128k;
proxy_buffers 256 16k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_max_temp_file_size 10m;
proxy_read_timeout 300;
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;

add_header X-Cache-Status $upstream_cache_status;
add_header X-Handled-By $proxy_host;

我不断收到缓存未命中的消息:

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Nov 2017 12:27:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=c183rru5i3fgj5map7jqgbf2do; path=/
Expires: Thu, 23 Nov 2017 05:07:25 GMT
Cache-Control: public, max-age=60000
Last-Modified: Wed, 22 Nov 2017 12:20:41 GMT
Vary: Accept-Encoding
X-Cache-Status: MISS
X-Handled-By: 127.0.0.1:8088

重要提示:主机在 SSL 下运行

这里有谁可以给​​我提示吗?

答案1

据我所知,您想缓存 @apache 位置但失败了,对吗?如果这是您的问题,那么是因为您没有在 @apache 位置激活 nginx 缓存。您需要添加到proxy_cache proxy_cache;/etc/nginx/proxy_params如果这不是您想要做的,请更清楚地描述您的问题或您想要做的事情。

答案2

事实证明我太愚蠢了,没有意识到通过执行 curl 请求不会允许会话存储(自然),因此每个请求都会缓存命中,因为无法通过这种方式设置 cookie。并且由于我在缓存键中包含了会话 ID,所以它不起作用 ;)

相关内容