O erro indica que o backend do php não responde dentro de um período de tempo razoável. Enquanto você não tem nenhuma restrição em php-fpm diretamente, max_execution_time e max_input_time são meus primeiros palpites.
Recentemente eu configurei um Ubuntu 12.04 VPS com CPU de 512mb / 1ghz, Nginx + php-fpm + Varnish + servidor MySQL Percona + CloudFlare Pro para o blog WordPress do Ubuntu LoCo Team. O blog recebe cerca de 3 a 4k acessos diários, usa cerca de 180MB e 8 a 20% de CPU. Tudo parece estar funcionando incrivelmente rápido ... o carregamento da página é muito bom e é 16x mais rápido do que qualquer um dos nossos concorrentes ... mas há um problema.
Quando nós carregamos uma imagem, o WordPress não a redimensiona, então tudo o que podemos fazer é inserir a imagem completa na postagem. Se a imagem tiver, digamos, 30kb, ela irá redimensionar bem ... mas se a imagem tiver 100kb +, não irá ...
Nos logs de erros nginx eu vejo isso:
upstream timed out (110: Connection timed out) while reading response header from upstream, client: 150.162.216.64, server: www.ubuntubrsc.com, request: "POST /wp-admin/async-upload.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "www.ubuntubrsc.com", referrer: "http://www.ubuntubrsc.com/wp-admin/media-upload.php?post_id=2668&"
Parece estar relacionado com o problema, mas não sei. Quando esse tempo limite acontece, comecei a recebê-lo quando estou tentando ver um post também:
upstream timed out (110: Connection timed out) while reading response header from upstream, client: 150.162.216.64, server: www.ubuntubrsc.com, request: "GET /tutoriais-gimp-6-adicionando-aplicando-novos-pinceis.html HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "www.ubuntubrsc.com", referrer: "http://www.ubuntubrsc.com/"
E apenas um reinício do php5-fpm conserta-o.
Eu tentei aumentar alguns timeouts e coisas, mas isso não funcionou, então eu acho que é algum tipo de limitação que eu não percebi ainda. Alguém poderia me ajudar com isso, por favor?
/etc/nginx/nginx.conf:
user www-data;
worker_processes 1;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay off;
keepalive_timeout 15;
keepalive_requests 2000;
types_hash_max_size 2048;
server_tokens off;
server_name_in_redirect off;
open_file_cache max=1000 inactive=300s;
open_file_cache_valid 360s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
client_body_buffer_size 128K;
client_header_buffer_size 1k;
client_max_body_size 2m;
large_client_header_buffers 4 8k;
client_body_timeout 10m;
client_header_timeout 10m;
send_timeout 10m;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
error_log /var/log/nginx/error.log;
access_log off;
##
# CloudFlare's IPs (uncomment when site goes live)
##
set_real_ip_from 204.93.240.0/24;
set_real_ip_from 204.93.177.0/24;
set_real_ip_from 199.27.128.0/21;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
real_ip_header CF-Connecting-IP;
set_real_ip_from 127.0.0.1/32;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 9;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_buffers 32 8k;
# gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/ etc / nginx / fastcgi_params:
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 4k;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
/ etc / nginx / sites-avail / default:
##
# DEFAULT HANDLER
# ubuntubrsc.com
##
server {
listen 8080;
# Make site available from main domain
server_name www.ubuntubrsc.com;
# Root directory
root /var/www;
index index.php index.html index.htm;
include /var/www/nginx.conf;
access_log off;
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location ~* ^/wp-content/uploads/.*.php$ {
deny all;
access_log off;
log_not_found off;
}
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
error_page 404 = @wordpress;
log_not_found off;
location @wordpress {
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
}
location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (-f $request_filename) {
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
}
}
server {
listen 8080;
server_name ubuntubrsc.* www.ubuntubrsc.net www.ubuntubrsc.org www.ubuntubrsc.com.br www.ubuntubrsc.info www.ubuntubrsc.in;
return 301 $scheme://www.ubuntubrsc.com$request_uri;
}
/var/www/nginx.conf:
# BEGIN W3TC Minify cache
location ~ /wp-content/w3tc/min.*\.js$ {
types {}
default_type application/x-javascript;
expires modified 31536000s;
add_header X-Powered-By "W3 Total Cache/0.9.2.5b";
add_header Vary "Accept-Encoding";
add_header Pragma "public";
add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
}
location ~ /wp-content/w3tc/min.*\.css$ {
types {}
default_type text/css;
expires modified 31536000s;
add_header X-Powered-By "W3 Total Cache/0.9.2.5b";
add_header Vary "Accept-Encoding";
add_header Pragma "public";
add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
}
location ~ /wp-content/w3tc/min.*js\.gzip$ {
gzip off;
types {}
default_type application/x-javascript;
expires modified 31536000s;
add_header X-Powered-By "W3 Total Cache/0.9.2.5b";
add_header Vary "Accept-Encoding";
add_header Pragma "public";
add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
add_header Content-Encoding gzip;
}
location ~ /wp-content/w3tc/min.*css\.gzip$ {
gzip off;
types {}
default_type text/css;
expires modified 31536000s;
add_header X-Powered-By "W3 Total Cache/0.9.2.5b";
add_header Vary "Accept-Encoding";
add_header Pragma "public";
add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
add_header Content-Encoding gzip;
}
# END W3TC Minify cache
# BEGIN W3TC Browser Cache
gzip on;
gzip_types text/css application/x-javascript text/x-component text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
location ~ \.(css|js|htc)$ {
expires 31536000s;
add_header Pragma "public";
add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
add_header X-Powered-By "W3 Total Cache/0.9.2.5b";
}
location ~ \.(html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml)$ {
expires 3600s;
add_header Pragma "public";
add_header Cache-Control "max-age=3600, public, must-revalidate, proxy-revalidate";
add_header X-Powered-By "W3 Total Cache/0.9.2.5b";
try_files $uri $uri/ $uri.html /index.php?$args;
}
location ~ \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$ {
expires 31536000s;
add_header Pragma "public";
add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
add_header X-Powered-By "W3 Total Cache/0.9.2.5b";
}
# END W3TC Browser Cache
# BEGIN W3TC Minify core
rewrite ^/wp-content/w3tc/min/w3tc_rewrite_test$ /wp-content/w3tc/min/index.php?w3tc_rewrite_test=1 last;
set $w3tc_enc "";
if ($http_accept_encoding ~ gzip) {
set $w3tc_enc .gzip;
}
if (-f $request_filename$w3tc_enc) {
rewrite (.*) $1$w3tc_enc break;
}
rewrite ^/wp-content/w3tc/min/(.+\.(css|js))$ /wp-content/w3tc/min/index.php?file=$1 last;
# END W3TC Minify core
# BEGIN W3TC Skip 404 error handling by WordPress for static files
if (-f $request_filename) {
break;
}
if (-d $request_filename) {
break;
}
if ($request_uri ~ "(robots\.txt|sitemap(_index)?\.xml(\.gz)?|[a-z0-9_\-]+-sitemap([0-9]+)?\.xml(\.gz)?)") {
break;
}
if ($request_uri ~* \.(css|js|htc|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$) {
return 404;
}
# END W3TC Skip 404 error handling by WordPress for static files
# BEGIN Better WP Security
location ~ /\.ht {
deny all;
}
location ~ wp-config.php {
deny all;
}
location ~ readme.html {
deny all;
}
location ~ readme.txt {
deny all;
}
location ~ /install.php {
deny all;
}
set $susquery 0;
set $rule_2 0;
set $rule_3 0;
rewrite ^wp-includes/(.*).php /not_found last;
rewrite ^/wp-admin/includes(.*)$ /not_found last;
if ($request_method ~* "^(TRACE|DELETE|TRACK)"){
return 403;
}
set $rule_0 0;
if ($request_method ~ "POST"){
set $rule_0 1;
}
if ($uri ~ "^(.*)wp-comments-post.php*"){
set $rule_0 2$rule_0;
}
if ($http_user_agent ~ "^$"){
set $rule_0 4$rule_0;
}
if ($rule_0 = "421"){
return 403;
}
if ($args ~* "\.\./") {
set $susquery 1;
}
if ($args ~* "boot.ini") {
set $susquery 1;
}
if ($args ~* "tag=") {
set $susquery 1;
}
if ($args ~* "ftp:") {
set $susquery 1;
}
if ($args ~* "http:") {
set $susquery 1;
}
if ($args ~* "https:") {
set $susquery 1;
}
if ($args ~* "(<|%3C).*script.*(>|%3E)") {
set $susquery 1;
}
if ($args ~* "mosConfig_[a-zA-Z_]{1,21}(=|%3D)") {
set $susquery 1;
}
if ($args ~* "base64_encode") {
set $susquery 1;
}
if ($args ~* "(%24&x)") {
set $susquery 1;
}
if ($args ~* "(\[|\]|\(|\)|<|>|ê|\"|;|\?|\*|=$)"){
set $susquery 1;
}
if ($args ~* "("|'|<|>|\|{|||%24&x)"){
set $susquery 1;
}
if ($args ~* "(%0|%A|%B|%C|%D|%E|%F|127.0)") {
set $susquery 1;
}
if ($args ~* "(globals|encode|localhost|loopback)") {
set $susquery 1;
}
if ($args ~* "(request|select|insert|concat|union|declare)") {
set $susquery 1;
}
if ($http_cookie !~* "wordpress_logged_in_" ) {
set $susquery "${susquery}2";
set $rule_2 1;
set $rule_3 1;
}
if ($susquery = 12) {
return 403;
}
# END Better WP Security
/etc/php5/fpm/php-fpm.conf:
pid = /var/run/php5-fpm.pid
error_log = /var/log/php5-fpm.log
emergency_restart_threshold = 3
emergency_restart_interval = 1m
process_control_timeout = 10s
events.mechanism = epoll
/etc/php5/fpm/php.ini (apenas as opções que eu alterei):
open_basedir ="/var/www/"
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,dl,system,shell_exec,fsockopen,parse_ini_file,passthru,popen,proc_open,proc_close,shell_exec,show_source,symlink,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec ,highlight_file,escapeshellcmd,define_syslog_variables,posix_uname,posix_getpwuid,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,escapeshellarg,posix_uname,ftp_exec,ftp_connect,ftp_login,ftp_get,ftp_put,ftp_nb_fput,ftp_raw,ftp_rawlist,ini_alter,ini_restore,inject_code,syslog,openlog,define_syslog_variables,apache_setenv,mysql_pconnect,eval,phpAds_XmlRpc,phpA ds_remoteInfo,phpAds_xmlrpcEncode,phpAds_xmlrpcDecode,xmlrpc_entity_decode,fp,fput,virtual,show_source,pclose,readfile,wget
expose_php = off
max_execution_time = 30
max_input_time = 60
memory_limit = 128M
display_errors = Off
post_max_size = 2M
allow_url_fopen = off
default_socket_timeout = 60
Configurações da APC:
[APC]
apc.enabled = 1
apc.shm_segments = 1
apc.shm_size = 64M
apc.optimization = 0
apc.num_files_hint = 4096
apc.ttl = 60
apc.user_ttl = 7200
apc.gc_ttl = 0
apc.cache_by_default = 1
apc.filters = ""
apc.mmap_file_mask = "/tmp/apc.XXXXXX"
apc.slam_defense = 0
apc.file_update_protection = 2
apc.enable_cli = 0
apc.max_file_size = 10M
apc.stat = 1
apc.write_lock = 1
apc.report_autofilter = 0
apc.include_once_override = 0
apc.localcache = 0
apc.localcache.size = 512
apc.coredump_unmap = 0
apc.stat_ctime = 0
/etc/php5/fpm/pool.d/www.conf
user = www-data
group = www-data
listen = /var/run/php5-fpm.sock
listen.owner = www-data
listen.group = www-data
listen.mode = 0666
pm = ondemand
pm.max_children = 5
pm.process_idle_timeout = 3s;
pm.max_requests = 50
Eu também comecei a receber erros 404 na primeira página se eu usar o cache de páginas do W3 Total Cache (Disk Enhanced). Funcionou bem até alguns dias atrás, e então, do nada, começou a acontecer. Hoje à noite eu desabilitarei meu plugin móvel e ativarei somente o W3 Total Cache para ver se é um conflito com eles ...
E para terminar tudo isso, recebi este erro:
PHP Warning: apc_store(): Unable to allocate memory for pool. in /var/www/wp-content/plugins/w3-total-cache/lib/W3/Cache/Apc.php on line 41
Eu já modifiquei minhas configurações de APC, mas não obtive sucesso. Então ... alguém poderia me ajudar com essas questões, por favor?
Ooohh ... se ajudar, eu instalei PHP assim:
sudo apt-get install php5-fpm php5-suhosin php-apc php5-gd php5-imagick php5-curl
E Nginx do PPA oficial. Desculpe pelo meu Inglês ruim e obrigado pelo seu tempo as pessoas! (:
O erro indica que o backend do php não responde dentro de um período de tempo razoável. Enquanto você não tem nenhuma restrição em php-fpm diretamente, max_execution_time e max_input_time são meus primeiros palpites.