Nginx 的错误日志,可以在nginx.conf 中配置:
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})")
{
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log logs/$host/$year-$month-$day-$hour.log main if=$loggable;
error_log logs/error/error$year-$month-$day-$hour.log;
当然错误日志并不多,是否需要每小时一个文件是个问题。我处理的办法是在nginx.conf中不设置,而是在计划任务每隔半天重启nginx 时,在批处理文件的reload后,加上:
move logs\error.log "logs\error\error%date%-%time:~0,2%-%time:~3,2%.log"
这样可以避免错误日志文件太大,也不用太多。当然也是可以在nginx.conf 自定义时间的。
在Nginx 中,比较常见的错误有:
1. [warn] low address bits of 192.168.1.123/24 are meaningless in \nginx-1.16.0/conf/ip.conf
这个是警告级,不影响配置实施。也就是说,IP地址最后一个123是无意义的,应当是0。
2.[crit] SSL_write() failed (10053: An established connection was aborted by the software in your host machine) while sending to client, client:....
这个是严重级,在向客户端发送数据时,一个建立的连接被你主机中的软件中止,导致SSL写错误 。这个应当是浏览器在网页未加载完成时关闭了,可能是服务器响应比较慢。
3.[error] WSARecv() failed (10054: An existing connection was forcibly closed by the remote host) while reading response header from upstream, client: ...
这个是Nginx 作为反向代理时,从上游读取响应头的时候,一个存在的连接被远程主机强行关闭。初步分析 是响应连接数过多超时。解决的办法:
http{}中添加:.net
keepalive_requests 8192;
keepalive_timeout 180s 180s;
proxy_set_header Connection keep-alive
关于这个keepalive,下面是官方文档。
http://nginx.org/en/docs/http/ngx_http_core_module.html#keepalive_requests
同类问题 :
错误日志[error] upstream sent too big header while reading response header from upstream
是上游提供的响应头太大,比如Cookie超长。见《NGINX:网站个别用户502 Bad Gateway》
4.[error] access forbidden by rule, client: ...
这个很简单,是在nginx.conf 中,封了某IP。错误1 里的那个IP写法警告,就是
deny 8.140.38.225/24 规范写法是 deny 8.140.38.0/24
在nginx.conf 中有了这个,8.140.38.0这个网段访问时,浏览器报403错误,日志里就有这一条。