I have some specific questions not addressed by the general dox on log files at:
First let's assume only http:// no https:// (no SSL). We see 2 log files in ~/logs/frontend:
QUESTION 1: The dox say that nginx is acting as a "front end." What exactly does "front end" mean? Does it mean nginx is acting as a caching server, and so may sometimes respond to the client directly without requesting anything of the "back end" shared Apache server, and creating no entry in the "back end" log? This is very relevant for the log files. Suppose the client fetches /foo and /foo is an URL that resides on a Static/CGI/PHP app. If nginx is acting as a caching "front-end," then that request for /foo may appear in the non-"_php" log but fail to appear in the "_php" log. Is that possible? QUESTION 2: If the answer to question 1 is "yes it's possible," it means that the "_php" log is pretty much useless for any traffic analytics purpose, correct? QUESTION 3: If the answer to question 1 is "no it's not possible," then can you describe any scenario in which the "_php" and non-"_php" log will differ, for a request that maps to a shared Apache server? QUESTION 4: When would the back-end "_php" log ever be useful? Now, let's add SSL into the mix. To support both SSL and non-SSL for our site, we have to create two separate WebFaction "websites". Call them:
This appears to create 4 log files:
I am not surprised to see two different flavors of the non-"_php" log files (the front-end nginx log files). But I am surprised to see two flavors of the "_php" back-end log files. I thought that the SSL connections were terminated at the front-end server and that the back-end shared Apache servers always saw http:// requests. That is why, when writing mod_rewrite rules, we had to test SSL using the X-Forwarded-SSL header like:
rather than testing %{HTTPS} as most people seem to do with other ISPs. QUESTION 5: Can you explain this confusion? How are the front and back end servers actually set up? Are separate (virtual) back-end servers fielding the SSL and non-SSL traffic? asked 22 Nov '17, 09:10 cpirazzi |
Q1: What exactly does "front end" mean? A: It is a forwarding proxy. There is no caching whatsoever. The file names are based on the website configurations in the control panel, because those are actually nginx proxy configurations. Both logs exist because both servers exist, it is extra verbosity. You should see every entry in both logs. Sometimes CGI or back-end errors occur, which you can see by comparing the 2 logs. We provide both for troubleshooting. Q2: It is useless? A: No, it is used for comparison when you believe there is an issue with the back-end CGI process. For traffic it is typically redundant if there is no error to troubleshoot. Q3 &4: Why is it useful? A: See 1 and 2. Q5: How is the stack setup? A: It is nginx in front of apache CGI answered 22 Nov '17, 16:59 johns Thanks! For question 5, would that picture be replicated twice, with two nginx (one for ssl, one for non-ssl) and two System Apache servers (one for ssl, one for non-ssl) ?
(22 Nov '17, 17:08)
cpirazzi
|