Nginx

如何在第一頁載入(SSL + Pagespeed)上解決靜態文件的 ERR_HTTP2_PROTOCOL_ERROR?

  • March 27, 2020

我有一個 nginx HTTP2 + ngx_pagespeed + brotli + Wordpress W3 Total Cache 設置。在第一頁載入一些由 Pagespeed 修改的靜態文件無法載入,給出 ERR_HTTP2_PROTOCOL_ERROR。

最初我認為這是 W3 Total Cache 錯誤,在重新載入記憶體頁面後一切似乎都載入正常。是 Pagespeed 搞砸了還是我的 SSL 設置有誤?

我的網站配置:

server {
   listen 443 ssl http2;
   listen [::]:443 ssl http2;

   server_name mywebsite.com www.mywebsite.com;

   root /srv/mywebsite.com/www/;
   index index.php index.html index.htm;
   error_log /srv/mywebsite.com/log/error.log;

   keepalive_timeout 60;

   ssl_session_cache shared:SSL:10m;
   ssl_session_timeout 10m;
   ssl_certificate /etc/letsencrypt/live/mywebsite.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/mywebsite.com/privkey.pem;
   ssl_dhparam /etc/nginx/ssl/dhparam.pem;
   ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
   ssl_ecdh_curve secp384r1;
   ssl_protocols TLSv1.2 TLSv1.3;
   ssl_stapling on;
   ssl_stapling_verify on;

   ssl_trusted_certificate /etc/letsencrypt/live/mywebsite.com/chain.pem;
   resolver 8.8.8.8 8.8.4.4 valid=300s;
   resolver_timeout 5s;
   ssl_session_tickets off;
   ssl_prefer_server_ciphers on;
   ssl_buffer_size 4k;

   add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
   add_header X-Frame-Options SAMEORIGIN;
   add_header X-Content-Type-Options nosniff;
   add_header X-XSS-Protection "1; mode=block";

   pagespeed on;
   pagespeed Domain http://mywebsite.com;
   pagespeed Domain https://mywebsite.com;
   pagespeed MapOriginDomain localhost https://mywebsite.com;
   pagespeed LoadFromFile https://mywebsite.com /srv/mywebsite.com/www/;
   pagespeed FileCachePath /var/cache/pagespeed;
   pagespeed EnableFilters prioritize_critical_css,extend_cache,rewrite_javascript,rewrite_css,convert_jpeg_to_progressive,convert_jpeg_to_webp,convert_png_to_jpeg,convert_to_webp_lossless,recompress_jpeg,recompress_png,recompress_webp,jpeg_subsampling,resize_images,strip_image_color_profile,strip_image_meta_data,inline_images;
   pagespeed PreserveUrlRelativity on;
   pagespeed XHeaderValue "Powered By ngx_pagespeed";
   pagespeed ImplicitCacheTtlMs 2592000000;
   pagespeed LoadFromFileCacheTtlMs 2592000000;

   # BEGIN W3TC Page Cache core
   set $w3tc_rewrite 1;
   if ($request_method = POST) {
       set $w3tc_rewrite 0;
   }
   if ($query_string != "") {
       set $w3tc_rewrite 0;
   }
   if ($request_uri !~ \/$) {
       set $w3tc_rewrite 0;
   }
   if ($http_cookie ~* "(comment_author|wp\-postpass|w3tc_logged_out|wordpress_logged_in|wptouch_switch_toggle)") {
       set $w3tc_rewrite 0;
   }
   set $w3tc_preview "";
   if ($http_cookie ~* "(w3tc_preview)") {
       set $w3tc_preview _preview;
   }
   set $w3tc_ssl "";
   if ($scheme = https) {
       set $w3tc_ssl _ssl;
   }
   if ($http_x_forwarded_proto = 'https') {
       set $w3tc_ssl _ssl;
   }
   set $w3tc_enc "";
   #if ($http_accept_encoding ~ gzip) {
   #    set $w3tc_enc _gzip;
   #}
   set $w3tc_ext "";
   if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview.html$w3tc_enc") {
     set $w3tc_ext .html;
   }
   if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview.xml$w3tc_enc") {
       set $w3tc_ext .xml;
   }
   if ($w3tc_ext = "") {
       set $w3tc_rewrite 0;
   }
   if ($w3tc_rewrite = 1) {
       rewrite .* "/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview$w3tc_ext$w3tc_enc" last;
   }
   # END W3TC Page Cache core

   # BEGIN W3TC Page Cache cache
   location ~ /wp-content/cache/page_enhanced.*html$ {
       expires modified 3600s;
       add_header Vary "Accept-Encoding, Cookie";
       add_header Pragma "public";
       add_header Cache-Control "public";
   }
   location ~ /wp-content/cache/page_enhanced.*gzip$ {
       brotli off;
       gzip off;
       types {
           text/xml xml_gzip;
       }
       default_type text/html;
       expires modified 3600s;
       add_header Vary "Accept-Encoding, Cookie";
       add_header Pragma "public";
       add_header Cache-Control "public";
       add_header Content-Encoding gzip;
   }
   # END W3TC Page Cache cache

   location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
     add_header "" "";
   }
   location ~ "^/pagespeed_static/" { }
   location ~ "^/ngx_pagespeed_beacon$" { }

   # BEGIN W3TC Browser Cache
   pagespeed HttpCacheCompressionLevel 0;
   gzip on;
   gzip_vary on;
   gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext text/plain text/xsd text/xsl text/xml image/bmp application/java application/msword application/vnd.ms-fontobject application/x-msdownload image/x-icon image/webp application/json application/vnd.ms-access video/webm application/vnd.ms-project application/x-font-otf application/vnd.ms-opentype application/vnd.oasis.opendocument.database application/vnd.oasis.opendocument.chart application/vnd.oasis.opendocument.formula application/vnd.oasis.opendocument.graphics application/vnd.oasis.opendocument.spreadsheet application/vnd.oasis.opendocument.text audio/ogg application/pdf application/vnd.ms-powerpoint image/svg+xml application/x-shockwave-flash image/tiff application/x-font-ttf audio/wav application/vnd.ms-write application/font-woff application/font-woff2 application/vnd.ms-excel;
   location ~ \.(css|htc|less|js|js2|js3|js4)$ {
       expires 31536000s;
       etag off;
       if_modified_since exact;
       add_header Pragma "public";
       add_header Cache-Control "public";
       try_files $uri $uri/ $uri.html /index.php?$args;
   }
   location ~ \.(html|htm|rtf|rtx|txt|xsd|xsl|xml)$ {
       expires 3600s;
       etag off;
       if_modified_since exact;
       add_header Pragma "public";
       add_header Cache-Control "public";
       try_files $uri $uri/ $uri.html /index.php?$args;
   }
   location ~ \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|rss|atom|gif|tgz|gz|rar|gzip|bz2|ico|jpg|jpeg|jpe|webp|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|webm|mpp|otf|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|_ttf|wav|wma|wri|woff|woff2|xla|xls|xlsx|xlt|xlw|zip)$ {
       expires 31536000s;
       etag off;
       if_modified_since exact;
       add_header Pragma "public";
       add_header Cache-Control "public";
       try_files $uri $uri/ $uri.html /index.php?$args;
   }
   add_header Referrer-Policy "";
   # END W3TC Browser Cache

   location / {
       try_files $uri $uri/ /index.php?$args;
   }
   location ~ \.php$ {
       try_files $uri =404;
       fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
       fastcgi_index index.php;
       fastcgi_param DOCUMENT_ROOT /srv/mywebsite.com/www/;
       fastcgi_param SCRIPT_FILENAME /srv/mywebsite.com/www$fastcgi_script_name;
       fastcgi_param PATH_TRANSLATED /srv/mywebsite.com/www$fastcgi_script_name;
       include fastcgi_params;
       fastcgi_param QUERY_STRING $query_string;
       fastcgi_param REQUEST_METHOD $request_method;
       fastcgi_param CONTENT_TYPE $content_type;
       fastcgi_param CONTENT_LENGTH $content_length;
       fastcgi_param HTTPS on;
       fastcgi_intercept_errors on;
       fastcgi_ignore_client_abort off;
       fastcgi_connect_timeout 60;
       fastcgi_send_timeout 180;
       fastcgi_read_timeout 180;
       fastcgi_buffer_size 128k;
       fastcgi_buffers 8 256k;
       fastcgi_busy_buffers_size 256k;
       fastcgi_temp_file_write_size 256k;
   }
}

看來這就是send_timeout 2問題的根源。

引用自:https://serverfault.com/questions/1007947

相關問答

Apache-2.2

設置 HTTP/2、apache 和 Nginx 作為反向代理時的長 TTFB / SSL 協商

  • February 12, 2020
檢視問答
Nginx

Firefox 定期不會通過帶有 SSL 的 HTTP2 從 nginx 伺服器下載 CSS 文件

  • April 12, 2019
檢視問答
Nginx

使用 http2 加速 https 上的 nginx 請求

  • November 9, 2017
檢視問答
Nginx

為什麼我的伺服器不支持 ALPN?

  • April 29, 2017
檢視問答
Nginx

帶有 SSL 連接錯誤的 Nginx

  • March 1, 2017
檢視問答
Nginx

複製使用 Cloudflare for SSL 的網路伺服器後如何解決“400 Bad Request”?

  • November 9, 2022
檢視問答