incubator-pagespeed-mod
incubator-pagespeed-mod copied to clipboard
apache
4xx status code, preventing rewriting
Mod PageSpeed debug is showing a lot of errors like these:
<!--4xx status code, preventing rewriting of https://www.ni-dieu-ni-maitre.com/image_mini/tshirt-tv-zombie-0016316344.jpg--><!--4xx status code, preventing rewriting of https://www.ni-dieu-ni-maitre.com/image_mini/tshirt-tv-zombie-0016316344.jpg-->
<!--CSS rewrite failed: Cannot improve https://www.ni-dieu-ni-maitre.com/-->
I tried this but it didn't work:
ModPagespeedDomain *.ni-dieu-ni-maitre.com
ModPagespeedDomain www.ni-dieu-ni-maitre.com
ModPagespeedRespectXForwardedProto on
Any help would be appreciated
Hi Have you enabled https fech in pagespeed? I tried to debug with https://www.ni-dieu-ni-maitre.com/?PageSpeedFilters=+debug but get redirected to the main page so can´t view the debug messages.
I thought https fetch was enabled by default?
HTTPS fetching is built in and is enabled by default as of 1.10.33.0.
If I add this to my htaccess:
ModPagespeedFetchHttps enable,allow_self_signed
I get an Internal Server Error.
I have disabled the redirect using this URL: https://www.ni-dieu-ni-maitre.com/?PageSpeedFilters=+debug&noRedirect=1
I just noticed that pagespeed started converting some images to webp (not sure why, as I didnt change anything since I posted here)
However, the webp images are returning 404 errors, i.e. https://www.ni-dieu-ni-maitre.com/image_mini/xcustom-clothing-00109939891.jpg.pagespeed.ic.R_F8XM4mtg.webp
edit: now most of the images from our website are broken due to pagespeed
If I add this to my htaccess:
ModPagespeedFetchHttps enable,allow_self_signedI get an Internal Server Error.
Whats messages do you have when enable FechtHttps?
FechtHttps need this: # Certificate Authorities directory, not your domain SSL keys ModPagespeedSslCertDirectory directory # Web Server's HTTPS client SSL key, not your domain SSL keys ModPagespeedSslCertFile file.
and take care of:
These directive cannot be used in .htaccess files or <Directory> scopes.
I think you get the 404 error cause pagespeed can´t fecht https resources, and I think that cause the internal server error. Can you try the LoadFromFile ?
Whats messages do you have when enable FechtHttps?
Just a white page displaying "Internal Server Error"
These directive cannot be used in .htaccess files or <Directory> scopes. Then where am I supposed to put these directives for Apache? The documentation is so confusing
Anyway, do I really need to do this if FetchHttps is enabled by default?
Can you try the LoadFromFile ? I tried but I failed :(
Some of our images are generated dynamically so we can't load them from disk. example:
RewriteRule ^image_mini/([^.]+)-00([0-9]+)\.jpg$ /image_mini_jpg.php?a=$2 [L,QSA,NC]
By default PageSpeed loads sub-resources via an HTTP fetch. It would be faster to load sub-resources directly from the filesystem, however this may not be safe to do because the sub-resources may be dynamically generated or the sub-resources may not be stored on the same server.
Just a white page displaying "Internal Server Error"
And no messages in the apache log?
These directive cannot be used in .htaccess files or scopes. Then where am I supposed to put these directives for Apache? The documentation is so confusing
Anyway, do I really need to do this if FetchHttps is enabled by default?
Yes, you need it. You can put it in the "httpd.conf" (or "apache2.conf") file in a scope other than Directory , maybe in a vhost scope. In nginx you can put this in the http block or in the server block, but not in a location block.
Can you try the LoadFromFile ? I tried but I failed :(
Some of our images are generated dynamically so we can't load them from disk. example:
RewriteRule ^image_mini/([^.]+)-00([0-9]+)\.jpg$ /image_mini_jpg.php?a=$2 [L,QSA,NC]By default PageSpeed loads sub-resources via an HTTP fetch. It would be faster to load sub-resources directly from the filesystem, however this may not be safe to do because the sub-resources may be dynamically generated or the sub-resources may not be stored on the same server.
But images are loaded from the same server? If yes, you can try some like that:
pagespeed LoadFromFile "https://$host/" "$document_root/";
pagespeed LoadFromFileRuleMatch disallow .; (This diables load any file) pagespeed LoadFromFileRuleMatch allow .(js|css|jpg|jpeg|png|pdf|gif)(?.)?$ps_dollar; (1) (And this enable load files with these extensions, no matter what the name is)
(1).- Because Nginx uses the $-sign to indicate script variables, when you turn on ProcessScriptVariables you need to make a small change to any script-supporting commands that are using $.
P.S: You are talking about puting directives in .httacces and this file is related to Apache server, but i see in the headers the server is nginx. Maybe you are using a nginx as a proxy cache? If not then the .httaccess does nothing in a nginx server, but if yes, then you need to configure a downstream cache
Yes, you need it. You can put it in the "httpd.conf" (or "apache2.conf") file in a scope other than Directory , maybe in a vhost scope. In nginx you can put this in the http block or in the server block, but not in a location block.
This is where it gets complicated. I can't even find where are the files to edit and I don't even understand the difference between directory scope or vhosts scope. I googled some instructions but I can't find "apache2.conf" anywhere According to this: https://www.phusionpassenger.com/library/install/apache/working_with_the_apache_config_file.html The file should be in this path but it's not!! /etc/apache2/apache2.conf
But images are loaded from the same server?
Yes
Maybe you are using a nginx as a proxy cache?
Yes, but I have no idea how it is configured... We used cpnginx for the setup and we didn't have anything to do manually, it's basically plug-and-play
but if yes, then you need to configure a downstream cache
omg I don't think I will be able to successfully do this. Does this means that modpagespeed will be broken without downstream cache? ... maybe I should just give up right now and stop wasting your time ...
This is the 4th time we try to install modpagespeed on this server in the last year and every single time we had lot of bugs, spent a lot of time trying to fix them but failed and end up giving up and uninstalling it :( This time we tried installing modpagespeed on Apache instead of just Nginx because we assumed we would be able to make the changes in htaccess files with FTP, which is way easier and user-friendly, but it looks like we will still have to edit linux config files :(
I still can't find apache2.conf but I found httpd.conf in /etc/apache2/conf/ However, I can't edit this file: http://prntscr.com/o03gpn
Hi @anarchoi As stated in the image you can create/edit the /etc/apache2/conf.d/pre_main_global.conf then rebuild the http2.conf with the cpanel command (or with the cpanel gui if have these option), maybe you edit this file from the cpanel gui.
If you use a nginx proxy-cache in front of the apache server you need to configure the downstream cache in pagespeed config w/o these config mostly the nginx caches the unoptimized resources and serves it.
As a test... can you disable the nginx proxy cache to see how the config work in the apache server? If you can bypss the nginx proxy you can view how the pagespeed module is working in the apache server and then, when the apache is ok, intruce the nginx proxy. Maybe all the issue (or most of it) came from this.
P.D. Don´t worry about my time, i have a lot =:-))
I also face the same issue with 4xx status code preventing rewriting. I'm using the following setup
pagespeed RewriteLevel PassThrough;
pagespeed FileCachePath /var/ngx_pagespeed_cache;
pagespeed FileCacheSizeKb 204800;
pagespeed FileCacheCleanIntervalMs 3600000;
pagespeed FileCacheInodeLimit 500000;
pagespeed LRUCacheKbPerProcess 8192;
pagespeed LRUCacheByteLimit 16384;
pagespeed CreateSharedMemoryMetadataCache "/var/ngx_pagespeed_cache/" 51200;
pagespeed EnableFilters recompress_images;
pagespeed EnableFilters recompress_webp;
pagespeed EnableFilters convert_jpeg_to_webp,convert_to_webp_lossless,convert_to_webp_animated;
pagespeed Statistics on;
pagespeed StatisticsLogging on;
pagespeed LogDir /var/log/ngx_pagespeed;
pagespeed AdminPath /pagespeed_admin;
pagespeed GlobalAdminPath /pagespeed_global_admin;
pagespeed StatisticsPath /ngx_pagespeed_statistics;
pagespeed GlobalStatisticsPath /ngx_pagespeed_global_statistics;
pagespeed MessagesPath /ngx_pagespeed_message;
pagespeed ConsolePath /pagespeed_console;
pagespeed UsePerVhostStatistics on;
pagespeed MessageBufferSize 100000;
pagespeed EnableCachePurge on;
pagespeed SslCertDirectory /etc/ssl/certs;
pagespeed FetchHttps enable,allow_self_signed;
And also
pagespeed on;
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
add_header "" "";
}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
location /ngx_pagespeed_statistics { allow 127.0.0.1; deny all; }
location /ngx_pagespeed_global_statistics { allow 127.0.0.1; deny all; }
location /ngx_pagespeed_message { allow 127.0.0.1; deny all; }
location /pagespeed_console { allow 127.0.0.1; deny all; }
location ~ ^/pagespeed_admin { allow 127.0.0.1; deny all; }
location ~ ^/pagespeed_global_admin { allow 127.0.0.1; deny all; }
My nginx server is working as a reverse proxy but serves static files directly, without passing them to apache. When I enable the
pagespeed LoadFromFile ...
directive, things start working but I can't do it because my static resources are using a dynamic versioning system.
Therefore the path will never be the same as the filepath.
On my website I can see the following if I enable debug mode
mod_pagespeed on
Filters:
ah Add Head
cc Combine Css
jc Combine Javascript
gp Convert Gif to Png
jp Convert Jpeg to Progressive
jw Convert Jpeg To Webp
mc Convert Meta Tags
pj Convert Png to Jpeg
ws When converting images to WebP, prefer lossless conversions
db Debug
ec Cache Extend Css
ei Cache Extend Images
es Cache Extend Scripts
fc Fallback Rewrite Css
if Flatten CSS Imports
hw Flushes html
ci Inline Css
ii Inline Images
il Inline @import to Link
ji Inline Javascript
js Jpeg Subsampling
rj Recompress Jpeg
rp Recompress Png
rw Recompress Webp
ri Resize Images
cf Rewrite Css
jm Rewrite External Javascript
jj Rewrite Inline Javascript
cu Rewrite Style Attributes With Url
cp Strip Image Color Profiles
md Strip Image Meta Data
Options:
EnableRewriting (e) 1
FileCacheInodeLimit (afcl) 500000
RunExperiment (fur) False
StatisticsLogging (asle) True
#NumFlushes 0
#EndDocument after 19760us
#Total Parse duration 15459us
#Total Render duration 26380us
#Total Idle duration 4301us
On the html code I see full messages like
4xx status code, preventing rewriting of https://ww.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/w/r/wrt106300_a.jpg
Hi
| pagespeed LoadFromFile ...
|directive, things start working but I can't do it because my static resources are using a dynamic versioning system.
But you have a "fixed" part:
pagespeed LoadFromFile "https://www.example.com/pub/media/" "/path-to-the fixed-one/pub/media/"
Anyway, if load from file works, the fail is in the https fecht.
I can´t see a pagespeed Domain http*://*.domain.com
By default pagespeed authorizes the domain from where resources are served but only htttp no https. Whis the given directive you cover both http and https and all subdomains.
In the log files can you see any request made with UA with "Serf" in it?
In the file cache (/var/ngx_pagespeed_cache) under v3 folder what you see?
But you have a "fixed" part: pagespeed LoadFromFile "https://www.example.com/pub/media/" "/path-to-the fixed-one/pub/media/"
Not always, some paths will be rendered like this
pub/static/version1636311072/frontend/...../image.png
I can´t see a pagespeed Domain http*://*.domain.com
I just added it as
pagespeed Domain http*://*.subdomain.example.com;
and as
pagespeed Domain http*://subdomain.example.com;
and as
pagespeed Domain http*://*.example.com;
but I don't see any change in the errors :(
Here's what shows in pagespeed admin in the first case pagespeed Domain http*://*.subdomain.example.com; for example
Version: 14: on
Filters
gp Convert Gif to Png
jp Convert Jpeg to Progressive
jw Convert Jpeg To Webp
pj Convert Png to Jpeg
wa Convert animated images to WebP
ws When converting images to WebP, prefer lossless conversions
hw Flushes html
js Jpeg Subsampling
rj Recompress Jpeg
rp Recompress Png
rw Recompress Webp
cp Strip Image Color Profiles
md Strip Image Meta Data
Options
AdminPath (nap) /pagespeed_admin
AvoidRenamingIntrospectiveJavascript (aris) True
BeaconUrl (bu) /ngx_pagespeed_beacon
ConsolePath (ncp) /pagespeed_console
EnableCachePurge (euci) True
EnableRewriting (e) 1
FetchHttps (fhs) enable,allow_self_signed
FileCacheCleanIntervalMs (afcci) 3600000
FileCacheInodeLimit (afcl) 500000
FileCachePath (afcp) /var/ngx_pagespeed_cache
FileCacheSizeKb (afc) 204800
GlobalAdminPath (ngap) /pagespeed_global_admin
GlobalStatisticsPath (ngsp) /ngx_pagespeed_global_statistics
LogDir (ald) /var/log/ngx_pagespeed
LRUCacheByteLimit (alcb) 16384
LRUCacheKbPerProcess (alcp) 8192
MessagesPath (nmp) /ngx_pagespeed_message
RewriteLevel (l) Pass Through
SslCertDirectory (assld) /etc/ssl/certs
Statistics (ase) True
StatisticsLogging (asle) True
StatisticsPath (nsp) /ngx_pagespeed_statistics
Domain Lawyer
http*://*.subdomain.example.com/ Auth
In the log files can you see any request made with UA with "Serf" in it?
I grepped 'serf' in the nginx access logs and I can see it if you mean that record
../logs/proxy_error_log:2021/11/08 10:42:10 [error] 1559750#0: [ngx_pagespeed 1.13.35.2-0] http://subdomain.example.com/pub/media/icons/34xNxetennis_rating_banner.png (connecting to:localhost):0:serf_context_run error status=111 (Connection refused)
In the file cache (/var/ngx_pagespeed_cache) under v3 folder what you see?
I can see files for my server IP and my main domain (the site is in a subdomain however I see only the domain part if that's correct) , I marked with an arrow my domain
Not always, some paths will be rendered like this
pub/static/version1636311072/frontend/...../image.png
But you still have a "fixed" part, until the /pub/ folder. I will say if all statics resources hosted in the local nginx disk are under 1 or 2 folders you can do LoadFromFile with 1 or 2 directives,
I can´t see a pagespeed Domain http*://*.domain.com
I just added it as
pagespeed Domain http*://*.subdomain.example.com;and as
pagespeed Domain http*://subdomain.example.com;and as
pagespeed Domain http*://*.example.com;
This last directive cover all others.
but I don't see any change in the errors :(
You need to clear the pagespeed cahe
Here's what shows in pagespeed admin in the first case
pagespeed Domain http*://*.subdomain.example.com;for exampleVersion: 14: on Filters gp Convert Gif to Png jp Convert Jpeg to Progressive jw Convert Jpeg To Webp pj Convert Png to Jpeg wa Convert animated images to WebP ws When converting images to WebP, prefer lossless conversions hw Flushes html js Jpeg Subsampling rj Recompress Jpeg rp Recompress Png rw Recompress Webp cp Strip Image Color Profiles md Strip Image Meta Data Options AdminPath (nap) /pagespeed_admin AvoidRenamingIntrospectiveJavascript (aris) True BeaconUrl (bu) /ngx_pagespeed_beacon ConsolePath (ncp) /pagespeed_console EnableCachePurge (euci) True EnableRewriting (e) 1 FetchHttps (fhs) enable,allow_self_signed FileCacheCleanIntervalMs (afcci) 3600000 FileCacheInodeLimit (afcl) 500000 FileCachePath (afcp) /var/ngx_pagespeed_cache FileCacheSizeKb (afc) 204800 GlobalAdminPath (ngap) /pagespeed_global_admin GlobalStatisticsPath (ngsp) /ngx_pagespeed_global_statistics LogDir (ald) /var/log/ngx_pagespeed LRUCacheByteLimit (alcb) 16384 LRUCacheKbPerProcess (alcp) 8192 MessagesPath (nmp) /ngx_pagespeed_message RewriteLevel (l) Pass Through SslCertDirectory (assld) /etc/ssl/certs Statistics (ase) True StatisticsLogging (asle) True StatisticsPath (nsp) /ngx_pagespeed_statistics Domain Lawyer http*://*.subdomain.example.com/ AuthIn the log files can you see any request made with UA with "Serf" in it?
I grepped 'serf' in the nginx access logs and I can see it if you mean that record
../logs/proxy_error_log:2021/11/08 10:42:10 [error] 1559750#0: [ngx_pagespeed 1.13.35.2-0] http://subdomain.example.com/pub/media/icons/34xNxetennis_rating_banner.png (connecting to:localhost):0:serf_context_run error status=111 (Connection refused)
This can explain the 404, pagespeed is unable to connect because is refused. Take a look, the request is made as http not https
Maybe you need to set:
pagespeed RespectXForwardedProto on;
Because I think you have some like:
client -> https -> nginx+pagespeed -> http -> localhost
In the file cache (/var/ngx_pagespeed_cache) under v3 folder what you see?
I can see files for my server IP and my main domain (the site is in a subdomain however I see only the domain part if that's correct) , I marked with an arrow my domain
Is your domain folder under some folder like http,3A or under https,3A?
If under http,3A, optimized resources are stored herem but you are requesting a optimized resource under https,3A and the resource is not here, so 404....
This last directive cover all others.
OK I'm sticking with just this then
You need to clear the pagespeed cahe
I cleared the cache from purge cache in pagespeed admin.
This can explain the 404, pagespeed is unable to connect because is refused. Take a look, the request is made as http not https Maybe you need to set: pagespeed RespectXForwardedProto on;
I've just enabled this option
Version: 14: on
Filters
gp Convert Gif to Png
jp Convert Jpeg to Progressive
jw Convert Jpeg To Webp
pj Convert Png to Jpeg
wa Convert animated images to WebP
ws When converting images to WebP, prefer lossless conversions
hw Flushes html
js Jpeg Subsampling
rj Recompress Jpeg
rp Recompress Png
rw Recompress Webp
cp Strip Image Color Profiles
md Strip Image Meta Data
Options
AdminPath (nap) /pagespeed_admin
AvoidRenamingIntrospectiveJavascript (aris) True
BeaconUrl (bu) /ngx_pagespeed_beacon
ConsolePath (ncp) /pagespeed_console
EnableCachePurge (euci) True
EnableRewriting (e) 1
FetchHttps (fhs) enable,allow_self_signed
FileCacheCleanIntervalMs (afcci) 3600000
FileCacheInodeLimit (afcl) 500000
FileCachePath (afcp) /var/ngx_pagespeed_cache
FileCacheSizeKb (afc) 204800
GlobalAdminPath (ngap) /pagespeed_global_admin
GlobalStatisticsPath (ngsp) /ngx_pagespeed_global_statistics
LogDir (ald) /var/log/ngx_pagespeed
LRUCacheByteLimit (alcb) 16384
LRUCacheKbPerProcess (alcp) 8192
MessagesPath (nmp) /ngx_pagespeed_message
RespectXForwardedProto (rxfp) True
RewriteLevel (l) Pass Through
SslCertDirectory (assld) /etc/ssl/certs
Statistics (ase) True
StatisticsLogging (asle) True
StatisticsPath (nsp) /ngx_pagespeed_statistics
Domain Lawyer
http*://*.example.com/ Auth
Invalidation Timestamp: Mon, 08 Nov 2021 11:34:39 GMT (1636371279251)
Is your domain folder under some folder like http,3A or under https,3A? If under http,3A, optimized resources are stored herem but you are requesting a optimized resource under https,3A and the resource is not here, so 404....
Yes they are and indeed I can see some webp files there
ll /var/ngx_pagespeed_cache/v3/example.com/https,3A/,2Fsubdomain.example.com/pub/media/
catalog/
favicon/
icons/
porto/
rackets_adults_bg_eng.png,
rackets_kids_bg_eng.png,
revslider/
shoes_bg.png,
shoes_running_bg_eng.png,
shoes_tennis_bg_eng.png,
wysiwyg/
xrackets_adults_bg_eng.png.pagespeed.ic.1hFd9psVc_.webp,
xrackets_adults_bg_eng.png.pagespeed.ic.wrorOf4Pul.jpg,
xrackets_kids_bg_eng.png.pagespeed.ic.45BNnmwr_f.png,
xrackets_kids_bg_eng.png.pagespeed.ic.xabPGK8I2V.webp,
xshoes_bg.png.pagespeed.ic.KR4WNpIxi0.jpg,
xshoes_bg.png.pagespeed.ic.PqTyvlBx84.webp,
xshoes_running_bg_eng.png.pagespeed.ic.eU8V0SXHN9.jpg,
xshoes_running_bg_eng.png.pagespeed.ic.sEHw6g3I87.webp,
xshoes_tennis_bg_eng.png.pagespeed.ic.elCjgJ61XN.webp,
xshoes_tennis_bg_eng.png.pagespeed.ic.oIjD0NVeCW.png,
xxshoes_running_bg_eng.png,2CMic.sEHw6g3I87.webp.pagespeed.ic.lMgFnzIr9n.webp,
But nope they're not getting served as webp. I no longer see the error for http though
But nope they're not getting served as webp. I no longer see the error for http though
And still have the 404?
Not serves as webp, but are rewrited by pagespeed? The url have pagespeed in it? like:
xshoes_tennis_bg_eng.png.pagespeed.ic.oIjD0NVeCW.png
To serve webp images, the browser must be webp capable, in the request made must have a header like:
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
If the request don´t have image/web in the accept header, no webp is served.
Yes the request for each image has the header for webp
And I still see this in the comments
Not serves as webp, but are rewrited by pagespeed? The url have pagespeed in it? like:
xshoes_tennis_bg_eng.png.pagespeed.ic.oIjD0NVeCW.png
No they don't :(
Ummm In the image I see a cache-control header:
cache-control: s-maxage=10
but pagespeed need resources public cacheable
cache-control: max-age=600 or cache-control: max-age=600,public
Then the optimized resource is stored in the cache the amount of time in this header, so in the example, the optimized resource expires in 600 sec. and after that the optimization proccess re-start.
Optimized resources have a cache-control for 1 year.
But the thing is the 404. optimized resources are in the https cache, so why the 404?
Test again the log and see if request whit "Serf" in the UA are here. Some like
"GET /logo_sticky.png HTTP/1.1" 404 577 "http://beautivmazure.cloudapp.net/" "Serf/1.1.0 mod_pagespeed/1.9.32.14-0" *0*
The problem is with the current setup, I don't see anything in the proxy_error_log like before and there's no Serf match in any log, not nginx access or error log, not apache access or error log either.
Version: 14: on
Filters gp Convert Gif to Png jp Convert Jpeg to Progressive jw Convert Jpeg To Webp pj Convert Png to Jpeg wa Convert animated images to WebP ws When converting images to WebP, prefer lossless conversions hw Flushes html js Jpeg Subsampling rj Recompress Jpeg rp Recompress Png rw Recompress Webp cp Strip Image Color Profiles md Strip Image Meta Data
Options AdminPath (nap) /pagespeed_admin AvoidRenamingIntrospectiveJavascript (aris) True BeaconUrl (bu) /ngx_pagespeed_beacon ConsolePath (ncp) /pagespeed_console EnableCachePurge (euci) True EnableRewriting (e) 1 FetchHttps (fhs) enable,allow_self_signed FileCacheCleanIntervalMs (afcci) 3600000 FileCacheInodeLimit (afcl) 500000 FileCachePath (afcp) /var/ngx_pagespeed_cache FileCacheSizeKb (afc) 204800 GlobalAdminPath (ngap) /pagespeed_global_admin GlobalStatisticsPath (ngsp) /ngx_pagespeed_global_statistics LogDir (ald) /var/log/ngx_pagespeed LRUCacheByteLimit (alcb) 16384 LRUCacheKbPerProcess (alcp) 8192 MessagesPath (nmp) /ngx_pagespeed_message RespectXForwardedProto (rxfp) True RewriteLevel (l) Pass Through SslCertDirectory (assld) /etc/ssl/certs Statistics (ase) True StatisticsLogging (asle) True StatisticsPath (nsp) /ngx_pagespeed_statistics
Domain Lawyer http*://*.example.com/ Auth
And what you can see in the pagespeed "Message History"?
https://example.com/pagespeed_global_admin/message_history is the url you can view log messages from pagespeed.
For example for some jpg files
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] Trying to serve rewritten resource in-place: https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/w/i/wilson-roland-garros-starter-green-junior-tennis-balls-x-4.jpg
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] HTTPCache key=https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/w/i/wilson-roland-garros-starter-green-junior-tennis-balls-x-4.jpg fragment=example.com: remembering recent failure for 134 seconds.
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] Trying to serve rewritten resource in-place: https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/w/r/wrx2096.jpg
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] HTTPCache key=https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/w/r/wrx2096.jpg fragment=example.com: remembering recent failure for 134 seconds.
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] Trying to serve rewritten resource in-place: https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/4/7/474182-tretorn-jumbo-tennis-ball-yellow-m.jpg
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] HTTPCache key=https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/4/7/474182-tretorn-jumbo-tennis-ball-yellow-m.jpg fragment=example.com: remembering recent failure for 134 seconds.
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] Trying to serve rewritten resource in-place: https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/b/a/babolat-team-tennis-balls-x-4.jpg
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] HTTPCache key=https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/b/a/babolat-team-tennis-balls-x-4.jpg fragment=example.com: remembering recent failure for 134 seconds.
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] Trying to serve rewritten resource in-place: https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/c/o/code-red-tennis_balls.jpg
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] HTTPCache key=https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/c/o/code-red-tennis_balls.jpg fragment=example.com: remembering recent failure for 134 seconds.
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] Trying to serve rewritten resource in-place: https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/c/o/code-black-tennis_balls.jpg
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] HTTPCache key=https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/c/o/code-black-tennis_balls.jpg fragment=example.com: remembering recent failure for 134 seconds.
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] Trying to serve rewritten resource in-place: https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/4/7/474410-75-tretorn-academy-red-36-balls-red.jpg
[Mon, 08 Nov 2021 12:36:15 GMT] [Info] [1698645] HTTPCache key=https://subdomain.example.com/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/4/7/474410-75-tretorn-academy-red-36-balls-red.jpg fragment=example.com: remembering recent failure for 134 seconds.
These messages are stored in files, don´t remember where are stored, but are non human readable. Nothing to do whit server logs. But they says that pagespeed fail requesting the files and "remember" the fail XXX secons. If I´m not wrong you have some leke this:
client -> https -> nginx+pagespeed -> http (maybe now https) -> localhost as showed in the fecht error.
In localhost,there is an apache server? Have rewrite rules? Some like this:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ /404 [L,R=301]
Is this server runing pagespeed?
Well since PLESK autoconfigures most of them I'm not exactly sure about every detail but let me post the nginx conf and the vhost conf and maybe we can shed some light to what the issue is.
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
#IF YOU REQUIRE TO APPLY CUSTOM MODIFICATIONS, PERFORM THEM IN THE FOLLOWING FILES:
#/var/www/vhosts/system/subdomain.example.com/conf/vhost.conf
#/var/www/vhosts/system/subdomain.example.com/conf/vhost_ssl.conf
<IfModule mod_ssl.c>
<VirtualHost <ip>:7081 >
ServerName "subdomain.example.com"
ServerAlias "www.subdomain.example.com"
ServerAlias "ipv4.subdomain.example.com"
UseCanonicalName Off
# mailconfig
<IfModule mod_proxy_http.c>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/autodiscover/autodiscover\.xml$ [NC,OR]
RewriteCond %{REQUEST_URI} ^(/\.well-known/autoconfig)?/mail/config\-v1\.1\.xml$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/email\.mobileconfig$ [NC]
RewriteRule ^(.*)$ http://127.0.0.1:8880/mailconfig/ [P,QSA,L,E=REQUEST_URI:%{REQUEST_URI},E=HOST:%{HTTP_HOST}]
</IfModule>
<Proxy "http://127.0.0.1:8880/mailconfig/">
RequestHeader set X-Host "%{HOST}e"
RequestHeader set X-Request-URI "%{REQUEST_URI}e"
</Proxy>
</IfModule>
# mailconfig
DocumentRoot "/var/www/vhosts/subdomain.example.com/httpdocs"
CustomLog /var/www/vhosts/system/subdomain.example.com/logs/access_ssl_log plesklog
ErrorLog "/var/www/vhosts/system/subdomain.example.com/logs/error_log"
<IfModule mod_suexec.c>
SuexecUserGroup "sys_subdomain" "psacln"
</IfModule>
<IfModule mod_userdir.c>
UserDir "/var/www/vhosts/subdomain.example.com/web_users/*"
</IfModule>
<IfModule mod_sysenv.c>
SetSysEnv PP_VHOST_ID "27f55b23-084b-4c81-9aef-889d453c5c7c"
</IfModule>
Alias "/plesk-stat" "/var/www/vhosts/system/subdomain.example.com/statistics"
<Location /plesk-stat/>
Options +Indexes
</Location>
<Location /plesk-stat/logs/>
Require valid-user
</Location>
Alias /webstat /var/www/vhosts/system/subdomain.example.com/statistics/webstat
Alias /webstat-ssl /var/www/vhosts/system/subdomain.example.com/statistics/webstat-ssl
Alias /ftpstat /var/www/vhosts/system/subdomain.example.com/statistics/ftpstat
Alias /anon_ftpstat /var/www/vhosts/system/subdomain.example.com/statistics/anon_ftpstat
Alias /awstats-icon /usr/share/awstats/icon
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /opt/psa/var/certificates/scfzuSka7
SSLCACertificateFile /opt/psa/var/certificates/scfKX2i16
TimeOut 3600
<Directory /var/www/vhosts/subdomain.example.com/httpdocs>
<IfModule mod_fcgid.c>
<Files ~ (\.fcgi$)>
SetHandler fcgid-script
Options +ExecCGI
</Files>
</IfModule>
<IfModule mod_proxy_fcgi.c>
<Files ~ (\.php$)>
SetHandler proxy:unix:/var/www/vhosts/system/subdomain.example.com/php-fpm.sock|fcgi://127.0.0.1:9000
</Files>
</IfModule>
SSLRequireSSL
Options -Includes -ExecCGI
</Directory>
<Directory "/var/www/vhosts/system/subdomain.example.com/statistics">
AuthType Basic
AuthName "Domain statistics"
AuthUserFile "/var/www/vhosts/system/subdomain.example.com/pd/d..httpdocs@plesk-stat"
require valid-user
</Directory>
Alias /error_docs /var/www/vhosts/subdomain.example.com/error_docs
ErrorDocument 400 /error_docs/bad_request.html
ErrorDocument 401 /error_docs/unauthorized.html
ErrorDocument 403 /error_docs/forbidden.html
ErrorDocument 404 /error_docs/not_found.html
ErrorDocument 500 /error_docs/internal_server_error.html
ErrorDocument 405 /error_docs/method_not_allowed.html
ErrorDocument 406 /error_docs/not_acceptable.html
ErrorDocument 407 /error_docs/proxy_authentication_required.html
ErrorDocument 412 /error_docs/precondition_failed.html
ErrorDocument 414 /error_docs/request_uri_too_long.html
ErrorDocument 415 /error_docs/unsupported_media_type.html
ErrorDocument 501 /error_docs/not_implemented.html
ErrorDocument 502 /error_docs/bad_gateway.html
ErrorDocument 503 /error_docs/maintenance.html
DirectoryIndex "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml"
Include "/var/www/vhosts/system/subdomain.example.com/conf/vhost_ssl.conf"
<Directory /var/www/vhosts/subdomain.example.com>
AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,SymLinksIfOwnerMatch,MultiViews,FollowSymLinks,ExecCGI,Includes,IncludesNOEXEC
</Directory>
#extension letsencrypt begin
Alias /.well-known/acme-challenge "/var/www/vhosts/default/htdocs/.well-known/acme-challenge"
<Location /.well-known/acme-challenge/>
# Require all granted
Order Deny,Allow
Allow from all
Satisfy any
</Location>
<LocationMatch "^/.well-known/acme-challenge/(.*/|)\.">
# Require all denied
Order Allow,Deny
Deny from all
</LocationMatch>
#extension letsencrypt end
#extension sslit begin
#extension sslit end
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost [2a01:4f9:3a:1041::2]:7081 127.0.0.1:7081>
ServerName "subdomain.example.com"
ServerAlias "www.subdomain.example.com"
ServerAlias "ipv6.subdomain.example.com"
UseCanonicalName Off
# mailconfig
<IfModule mod_proxy_http.c>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/autodiscover/autodiscover\.xml$ [NC,OR]
RewriteCond %{REQUEST_URI} ^(/\.well-known/autoconfig)?/mail/config\-v1\.1\.xml$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/email\.mobileconfig$ [NC]
RewriteRule ^(.*)$ http://127.0.0.1:8880/mailconfig/ [P,QSA,L,E=REQUEST_URI:%{REQUEST_URI},E=HOST:%{HTTP_HOST}]
</IfModule>
<Proxy "http://127.0.0.1:8880/mailconfig/">
RequestHeader set X-Host "%{HOST}e"
RequestHeader set X-Request-URI "%{REQUEST_URI}e"
</Proxy>
</IfModule>
# mailconfig
DocumentRoot "/var/www/vhosts/subdomain.example.com/httpdocs"
CustomLog /var/www/vhosts/system/subdomain.example.com/logs/access_ssl_log plesklog
ErrorLog "/var/www/vhosts/system/subdomain.example.com/logs/error_log"
<IfModule mod_suexec.c>
SuexecUserGroup "sys_subdomain" "psacln"
</IfModule>
<IfModule mod_userdir.c>
UserDir "/var/www/vhosts/subdomain.example.com/web_users/*"
</IfModule>
<IfModule mod_sysenv.c>
SetSysEnv PP_VHOST_ID "27f55b23-084b-4c81-9aef-889d453c5c7c"
</IfModule>
Alias "/plesk-stat" "/var/www/vhosts/system/subdomain.example.com/statistics"
<Location /plesk-stat/>
Options +Indexes
</Location>
<Location /plesk-stat/logs/>
Require valid-user
</Location>
Alias /webstat /var/www/vhosts/system/subdomain.example.com/statistics/webstat
Alias /webstat-ssl /var/www/vhosts/system/subdomain.example.com/statistics/webstat-ssl
Alias /ftpstat /var/www/vhosts/system/subdomain.example.com/statistics/ftpstat
Alias /anon_ftpstat /var/www/vhosts/system/subdomain.example.com/statistics/anon_ftpstat
Alias /awstats-icon /usr/share/awstats/icon
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /opt/psa/var/certificates/scfzuSka7
SSLCACertificateFile /opt/psa/var/certificates/scfKX2i16
TimeOut 3600
<Directory /var/www/vhosts/subdomain.example.com/httpdocs>
<IfModule mod_fcgid.c>
<Files ~ (\.fcgi$)>
SetHandler fcgid-script
Options +ExecCGI
</Files>
</IfModule>
<IfModule mod_proxy_fcgi.c>
<Files ~ (\.php$)>
SetHandler proxy:unix:/var/www/vhosts/system/subdomain.example.com/php-fpm.sock|fcgi://127.0.0.1:9000
</Files>
</IfModule>
SSLRequireSSL
Options -Includes -ExecCGI
</Directory>
<Directory "/var/www/vhosts/system/subdomain.example.com/statistics">
AuthType Basic
AuthName "Domain statistics"
AuthUserFile "/var/www/vhosts/system/subdomain.example.com/pd/d..httpdocs@plesk-stat"
require valid-user
</Directory>
Alias /error_docs /var/www/vhosts/subdomain.example.com/error_docs
ErrorDocument 400 /error_docs/bad_request.html
ErrorDocument 401 /error_docs/unauthorized.html
ErrorDocument 403 /error_docs/forbidden.html
ErrorDocument 404 /error_docs/not_found.html
ErrorDocument 500 /error_docs/internal_server_error.html
ErrorDocument 405 /error_docs/method_not_allowed.html
ErrorDocument 406 /error_docs/not_acceptable.html
ErrorDocument 407 /error_docs/proxy_authentication_required.html
ErrorDocument 412 /error_docs/precondition_failed.html
ErrorDocument 414 /error_docs/request_uri_too_long.html
ErrorDocument 415 /error_docs/unsupported_media_type.html
ErrorDocument 501 /error_docs/not_implemented.html
ErrorDocument 502 /error_docs/bad_gateway.html
ErrorDocument 503 /error_docs/maintenance.html
DirectoryIndex "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml"
Include "/var/www/vhosts/system/subdomain.example.com/conf/vhost_ssl.conf"
<Directory /var/www/vhosts/subdomain.example.com>
AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,SymLinksIfOwnerMatch,MultiViews,FollowSymLinks,ExecCGI,Includes,IncludesNOEXEC
</Directory>
#extension letsencrypt begin
Alias /.well-known/acme-challenge "/var/www/vhosts/default/htdocs/.well-known/acme-challenge"
<Location /.well-known/acme-challenge/>
# Require all granted
Order Deny,Allow
Allow from all
Satisfy any
</Location>
<LocationMatch "^/.well-known/acme-challenge/(.*/|)\.">
# Require all denied
Order Allow,Deny
Deny from all
</LocationMatch>
#extension letsencrypt end
#extension sslit begin
#extension sslit end
</VirtualHost>
</IfModule>
<VirtualHost <ip>:7080 >
ServerName "subdomain.example.com"
ServerAlias "www.subdomain.example.com"
ServerAlias "ipv4.subdomain.example.com"
UseCanonicalName Off
# mailconfig
<IfModule mod_proxy_http.c>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/autodiscover/autodiscover\.xml$ [NC,OR]
RewriteCond %{REQUEST_URI} ^(/\.well-known/autoconfig)?/mail/config\-v1\.1\.xml$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/email\.mobileconfig$ [NC]
RewriteRule ^(.*)$ http://127.0.0.1:8880/mailconfig/ [P,QSA,L,E=REQUEST_URI:%{REQUEST_URI},E=HOST:%{HTTP_HOST}]
</IfModule>
<Proxy "http://127.0.0.1:8880/mailconfig/">
RequestHeader set X-Host "%{HOST}e"
RequestHeader set X-Request-URI "%{REQUEST_URI}e"
</Proxy>
</IfModule>
# mailconfig
Include "/var/www/vhosts/system/subdomain.example.com/conf/vhost.conf"
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
</IfModule>
</VirtualHost>
<VirtualHost [2a01:4f9:3a:1041::2]:7080 127.0.0.1:7080>
ServerName "subdomain.example.com"
ServerAlias "www.subdomain.example.com"
ServerAlias "ipv6.subdomain.example.com"
UseCanonicalName Off
# mailconfig
<IfModule mod_proxy_http.c>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/autodiscover/autodiscover\.xml$ [NC,OR]
RewriteCond %{REQUEST_URI} ^(/\.well-known/autoconfig)?/mail/config\-v1\.1\.xml$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/email\.mobileconfig$ [NC]
RewriteRule ^(.*)$ http://127.0.0.1:8880/mailconfig/ [P,QSA,L,E=REQUEST_URI:%{REQUEST_URI},E=HOST:%{HTTP_HOST}]
</IfModule>
<Proxy "http://127.0.0.1:8880/mailconfig/">
RequestHeader set X-Host "%{HOST}e"
RequestHeader set X-Request-URI "%{REQUEST_URI}e"
</Proxy>
</IfModule>
# mailconfig
Include "/var/www/vhosts/system/subdomain.example.com/conf/vhost.conf"
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
</IfModule>
</VirtualHost>
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
server {
listen <ip>:443 ssl http2;
server_name subdomain.example.com;
server_name www.subdomain.example.com;
server_name ipv4.subdomain.example.com;
ssl_certificate /opt/psa/var/certificates/scfzuSka7;
ssl_certificate_key /opt/psa/var/certificates/scfzuSka7;
client_max_body_size 128m;
proxy_read_timeout 3600;
# mailconfig
location ~* ^/autodiscover/autodiscover\.xml$ {
try_files $uri @mad;
}
location ~* ^(/\.well-known/autoconfig)?/mail/config\-v1\.1\.xml$ {
try_files $uri @mad;
}
location ~* ^/email\.mobileconfig$ {
try_files $uri @mad;
}
location @mad {
rewrite ^(.*)$ /mailconfig/ break;
proxy_pass http://127.0.0.1:8880;
proxy_set_header X-Host $host;
proxy_set_header X-Request-URI $request_uri;
}
# mailconfig
root "/var/www/vhosts/subdomain.example.com/httpdocs";
access_log "/var/www/vhosts/system/subdomain.example.com/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/subdomain.example.com/logs/proxy_error_log";
#extension letsencrypt begin
location ^~ /.well-known/acme-challenge/ {
root /var/www/vhosts/default/htdocs;
types { }
default_type text/plain;
satisfy any;
auth_basic off;
allow all;
location ~ ^/\.well-known/acme-challenge.*/\. {
deny all;
}
}
#extension letsencrypt end
#extension sslit begin
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
#OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
#extension sslit end
error_page 400 "/error_docs/bad_request.html";
error_page 401 "/error_docs/unauthorized.html";
error_page 403 "/error_docs/forbidden.html";
error_page 404 "/error_docs/not_found.html";
error_page 500 "/error_docs/internal_server_error.html";
error_page 405 "/error_docs/method_not_allowed.html";
error_page 406 "/error_docs/not_acceptable.html";
error_page 407 "/error_docs/proxy_authentication_required.html";
error_page 412 "/error_docs/precondition_failed.html";
error_page 414 "/error_docs/request_uri_too_long.html";
error_page 415 "/error_docs/unsupported_media_type.html";
error_page 501 "/error_docs/not_implemented.html";
error_page 502 "/error_docs/bad_gateway.html";
error_page 503 "/error_docs/maintenance.html";
location ^~ /error_docs {
root "/var/www/vhosts/subdomain.example.com";
}
location / {
proxy_pass https://<ip>:7081;
proxy_hide_header upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
proxy_pass https://<ip>:7081;
proxy_hide_header upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location @fallback {
proxy_pass https://<ip>:7081;
proxy_hide_header upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/(.*\.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip|webp))$ {
try_files $uri @fallback;
}
location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
fastcgi_read_timeout 3600;
alias /var/www/vhosts/subdomain.example.com/web_users/$1/$2;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
try_files $uri $fastcgi_script_name =404;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/subdomain.example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
location ~ ^/~(.+?)(/.*)?$ {
proxy_pass https://<ip>:7081;
proxy_hide_header upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ \.php(/.*)?$ {
fastcgi_read_timeout 3600;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
try_files $uri $fastcgi_script_name =404;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/subdomain.example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
add_header X-Powered-By PleskLin;
include "/var/www/vhosts/system/subdomain.example.com/conf/vhost_nginx.conf";
}
server {
listen [2a01:4f9:3a:1041::2]:443 ssl http2;
server_name subdomain.example.com;
server_name www.subdomain.example.com;
server_name ipv6.subdomain.example.com;
ssl_certificate /opt/psa/var/certificates/scfzuSka7;
ssl_certificate_key /opt/psa/var/certificates/scfzuSka7;
client_max_body_size 128m;
proxy_read_timeout 3600;
# mailconfig
location ~* ^/autodiscover/autodiscover\.xml$ {
try_files $uri @mad;
}
location ~* ^(/\.well-known/autoconfig)?/mail/config\-v1\.1\.xml$ {
try_files $uri @mad;
}
location ~* ^/email\.mobileconfig$ {
try_files $uri @mad;
}
location @mad {
rewrite ^(.*)$ /mailconfig/ break;
proxy_pass http://127.0.0.1:8880;
proxy_set_header X-Host $host;
proxy_set_header X-Request-URI $request_uri;
}
# mailconfig
root "/var/www/vhosts/subdomain.example.com/httpdocs";
access_log "/var/www/vhosts/system/subdomain.example.com/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/subdomain.example.com/logs/proxy_error_log";
#extension letsencrypt begin
location ^~ /.well-known/acme-challenge/ {
root /var/www/vhosts/default/htdocs;
types { }
default_type text/plain;
satisfy any;
auth_basic off;
allow all;
location ~ ^/\.well-known/acme-challenge.*/\. {
deny all;
}
}
#extension letsencrypt end
#extension sslit begin
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
#OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
#extension sslit end
error_page 400 "/error_docs/bad_request.html";
error_page 401 "/error_docs/unauthorized.html";
error_page 403 "/error_docs/forbidden.html";
error_page 404 "/error_docs/not_found.html";
error_page 500 "/error_docs/internal_server_error.html";
error_page 405 "/error_docs/method_not_allowed.html";
error_page 406 "/error_docs/not_acceptable.html";
error_page 407 "/error_docs/proxy_authentication_required.html";
error_page 412 "/error_docs/precondition_failed.html";
error_page 414 "/error_docs/request_uri_too_long.html";
error_page 415 "/error_docs/unsupported_media_type.html";
error_page 501 "/error_docs/not_implemented.html";
error_page 502 "/error_docs/bad_gateway.html";
error_page 503 "/error_docs/maintenance.html";
location ^~ /error_docs {
root "/var/www/vhosts/subdomain.example.com";
}
location / {
proxy_pass https://[2a01:4f9:3a:1041::2]:7081;
proxy_hide_header upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
proxy_pass https://[2a01:4f9:3a:1041::2]:7081;
proxy_hide_header upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location @fallback {
proxy_pass https://[2a01:4f9:3a:1041::2]:7081;
proxy_hide_header upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/(.*\.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip|webp))$ {
try_files $uri @fallback;
}
location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
fastcgi_read_timeout 3600;
alias /var/www/vhosts/subdomain.example.com/web_users/$1/$2;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
try_files $uri $fastcgi_script_name =404;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/subdomain.example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
location ~ ^/~(.+?)(/.*)?$ {
proxy_pass https://[2a01:4f9:3a:1041::2]:7081;
proxy_hide_header upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ \.php(/.*)?$ {
fastcgi_read_timeout 3600;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
try_files $uri $fastcgi_script_name =404;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/subdomain.example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
add_header X-Powered-By PleskLin;
include "/var/www/vhosts/system/subdomain.example.com/conf/vhost_nginx.conf";
}
server {
listen <ip>:80;
server_name subdomain.example.com;
server_name www.subdomain.example.com;
server_name ipv4.subdomain.example.com;
client_max_body_size 128m;
proxy_read_timeout 3600;
# mailconfig
location ~* ^/autodiscover/autodiscover\.xml$ {
try_files $uri @mad;
}
location ~* ^(/\.well-known/autoconfig)?/mail/config\-v1\.1\.xml$ {
try_files $uri @mad;
}
location ~* ^/email\.mobileconfig$ {
try_files $uri @mad;
}
location @mad {
rewrite ^(.*)$ /mailconfig/ break;
proxy_pass http://127.0.0.1:8880;
proxy_set_header X-Host $host;
proxy_set_header X-Request-URI $request_uri;
}
# mailconfig
location / {
return 301 https://$host$request_uri;
}
}
server {
listen [2a01:4f9:3a:1041::2]:80;
server_name subdomain.example.com;
server_name www.subdomain.example.com;
server_name ipv6.subdomain.example.com;
client_max_body_size 128m;
proxy_read_timeout 3600;
# mailconfig
location ~* ^/autodiscover/autodiscover\.xml$ {
try_files $uri @mad;
}
location ~* ^(/\.well-known/autoconfig)?/mail/config\-v1\.1\.xml$ {
try_files $uri @mad;
}
location ~* ^/email\.mobileconfig$ {
try_files $uri @mad;
}
location @mad {
rewrite ^(.*)$ /mailconfig/ break;
proxy_pass http://127.0.0.1:8880;
proxy_set_header X-Host $host;
proxy_set_header X-Request-URI $request_uri;
}
# mailconfig
location / {
return 301 https://$host$request_uri;
}
}
So for static files it would be
Client -> Https -> Nginx -> Fetch the file and serve by nginx
But for dynamic requests it would be
Client -> Https -> Nginx -> Forward to Apatche -> Fetch the result and serve by nginx
Then the application has some .htaccess rules for main dir and pub dir
############################################
## overrides deployment configuration mode value
## use command bin/magento deploy:mode:set to switch modes
# SetEnv MAGE_MODE developer
############################################
## uncomment these lines for CGI mode
## make sure to specify the correct cgi php binary file name
## it might be /cgi-bin/php-cgi
# Action php5-cgi /cgi-bin/php5-cgi
# AddHandler php5-cgi .php
############################################
## GoDaddy specific options
# Options -MultiViews
## you might also need to add this line to php.ini
## cgi.fix_pathinfo = 1
## if it still doesn't work, rename php.ini to php5.ini
############################################
## this line is specific for 1and1 hosting
#AddType x-mapp-php5 .php
#AddHandler x-mapp-php5 .php
############################################
## enable usage of methods arguments in backtrace
SetEnv MAGE_DEBUG_SHOW_ARGS 1
############################################
## default index file
DirectoryIndex index.php
<IfModule mod_php7.c>
############################################
## adjust memory limit
php_value memory_limit 756M
php_value max_execution_time 18000
############################################
## disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
## enable resulting html compression
#php_flag zlib.output_compression on
###########################################
## disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_security.c>
###########################################
## disable POST processing to not break multiple image upload
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
<IfModule mod_deflate.c>
############################################
## enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip
# Insert filter on all content
###SetOutputFilter DEFLATE
# Insert filter on selected content types only
#AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript application/json image/svg+xml
# Netscape 4.x has some problems...
#BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
#BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
#BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Don't compress images
#SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
#Header append Vary User-Agent env=!dont-vary
</IfModule>
<IfModule mod_ssl.c>
############################################
## make HTTPS env vars available for CGI mode
SSLOptions StdEnvVars
</IfModule>
############################################
## workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
## Please, set it on virtual host configuration level
## SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
############################################
<IfModule mod_rewrite.c>
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
############################################
## you can put here your magento root folder
## path relative to web root
#RewriteBase /magento/
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* - [L,R=405]
############################################
## redirect for mobile user agents
#RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
#RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
#RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteRule .* index.php [L]
</IfModule>
############################################
## Prevent character encoding issues from server overrides
## If you still have problems, use the second line instead
AddDefaultCharset Off
#AddDefaultCharset UTF-8
AddType 'text/html; charset=UTF-8' html
<IfModule mod_expires.c>
############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires
ExpiresDefault "access plus 1 year"
ExpiresByType text/html A0
ExpiresByType text/plain A0
</IfModule>
###########################################
## Deny access to root files to hide sensitive application information
RedirectMatch 403 /\.git
<Files composer.json>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files composer.lock>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files .gitignore>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files .htaccess>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files .htaccess.sample>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files .php_cs.dist>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files CHANGELOG.md>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files COPYING.txt>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files Gruntfile.js>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files LICENSE.txt>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files LICENSE_AFL.txt>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files nginx.conf.sample>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files package.json>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files php.ini.sample>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files README.md>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files magento_umask>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files auth.json>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<Files .user.ini>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
# For 404s and 403s that aren't handled by the application, show plain 404 response
ErrorDocument 404 /pub/errors/404.php
ErrorDocument 403 /pub/errors/404.php
################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags
#FileETag none
# ######################################################################
# # INTERNET EXPLORER #
# ######################################################################
# ----------------------------------------------------------------------
# | Document modes |
# ----------------------------------------------------------------------
# Force Internet Explorer 8/9/10 to render pages in the highest mode
# available in the various cases when it may not.
#
# https://hsivonen.fi/doctype/#ie8
#
# (!) Starting with Internet Explorer 11, document modes are deprecated.
# If your business still relies on older web apps and services that were
# designed for older versions of Internet Explorer, you might want to
# consider enabling `Enterprise Mode` throughout your company.
#
# https://msdn.microsoft.com/en-us/library/ie/bg182625.aspx#docmode
# http://blogs.msdn.com/b/ie/archive/2014/04/02/stay-up-to-date-with-enterprise-mode-for-internet-explorer-11.aspx
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=edge"
# `mod_headers` cannot match based on the content-type, however,
# the `X-UA-Compatible` response header should be send only for
# HTML documents and not for the other resources.
<FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
</IfModule>
############################################
## Optional override of deployment mode. We recommend you use the
## command bin/magento deploy:mode:set to switch modes instead
# Options are default, production, or developer
# SetEnv MAGE_MODE default
############################################
## Uncomment these lines for CGI mode.
## Make sure to specify the correct cgi php binary file name
## it might be /cgi-bin/php-cgi
# Action php5-cgi /cgi-bin/php5-cgi
# AddHandler php5-cgi .php
############################################
## GoDaddy specific options
# Options -MultiViews
## You might also need to add this line to php.ini
## cgi.fix_pathinfo = 1
## If it still doesn't work, rename php.ini to php5.ini
############################################
## This line is specific for 1and1 hosting
#AddType x-mapp-php5 .php
#AddHandler x-mapp-php5 .php
############################################
## Default index file
DirectoryIndex index.php
<IfModule mod_php5.c>
############################################
## Adjust memory limit
php_value memory_limit 756M
php_value max_execution_time 18000
############################################
## Disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
# Disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_php7.c>
############################################
## Adjust memory limit
php_value memory_limit 756M
php_value max_execution_time 18000
############################################
## Disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
## Enable resulting html compression
#php_flag zlib.output_compression on
###########################################
# Disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_security.c>
###########################################
# Disable POST processing to not break multiple image upload
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
<IfModule mod_deflate.c>
############################################
## Enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip
# Insert filter on all content
###SetOutputFilter DEFLATE
# Insert filter on selected content types only
#AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
# Netscape 4.x has some problems...
#BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
#BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
#BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Don't compress images
#SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
#Header append Vary User-Agent env=!dont-vary
</IfModule>
<IfModule mod_ssl.c>
############################################
## Make HTTPS env vars available for CGI mode
SSLOptions StdEnvVars
</IfModule>
<IfModule mod_rewrite.c>
############################################
## Enable rewrites
Options +SymLinksIfOwnerMatch
RewriteEngine on
############################################
## You can put here your magento root folder
## path relative to web root
#RewriteBase /magento/
############################################
## Workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* - [L,R=405]
############################################
## Never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## Rewrite everything else to index.php
RewriteRule .* index.php [L]
</IfModule>
############################################
## Prevent character encoding issues from server overrides
## If you still have problems, use the second line instead
AddDefaultCharset Off
#AddDefaultCharset UTF-8
<IfModule mod_expires.c>
############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires
ExpiresDefault "access plus 1 year"
ExpiresByType text/html A0
ExpiresByType text/plain A0
</IfModule>
###########################################
## Deny access to release notes to prevent disclosure of the installed Magento version
<Files RELEASE_NOTES.txt>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
# For 404s and 403s that aren't handled by the application, show plain 404 response
ErrorDocument 404 /errors/404.php
ErrorDocument 403 /errors/404.php
############################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags
#FileETag none
###########################################
## Deny access to cron.php
<Files cron.php>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
## Deny access to .user.ini
<Files .user.ini>
<IfVersion < 2.4>
order allow,deny
deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Files>
<IfModule mod_headers.c>
############################################
## Prevent clickjacking
Header set X-Frame-Options SAMEORIGIN
</IfModule>
404 errors are handled by the application otherwise show the default apache 404 documents.
I haven't enabled pagespeed configuration on apache.
Let me note that most nginx directives for pagespeed which are common for all vhosts, are directly inserted in the nginx conf files and then I modify on a per vhost basis that's why there's a vhost_conf file for nginx and apache. So I can just tweak one vhost for what I need.
This config is a lot confusing for me. You have a server block for each IP/port, and is supossed that ipv4:443 must have the exact same config that ipv6:443, both are serving the same content whit the same config, no? Why you no do this:
server {
name bla.bla.com;
name www.bla.bla.com;
listen ipv4:443
listen ipv6:443
}
Whit the config you have, I think all request that go to the :80 port are served by the ipv4:443 because is the 1st server blok that matches :443 and the same name
But the relevan pat for the issue is here:
location @fallback {
proxy_pass https://[2a01:4f9:3a:1041::2]:7081;
proxy_hide_header upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~^/(.*\.ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip|webp))$ {
try_files $uri @fallback;
}
If the file is not found then go to the apache. Can you see if in the apache logs are request for url with pagespeed in it? Apache don´t run pagespeed, rigth? so when a url with pagespeed in it arrives then return a 404.
I I understand you, the pagespeed directives are included in. `include "/var/www/vhosts/system/subdomain.example.com/conf/vhost_nginx.conf";
put this line at the top of the server block or allmost before the location for statics files. Why?
Because uri URI like
/pub/media/catalog/product/cache/9cb80aaa700fbabda1d30deb1d8f7ff5/w/r/xwrt106300_a.jpg.pagespeed.ic.SOMEHASH.webp
is captured by the location, so never reaches the locations you have in the vhos_nginx.conf, this one
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
add_header "" "";
}
`Is how nginx works, parse the config file up to down, and when some matches stop the search.
Indeed I could find some apache 404s
grep -ri '\.pagespeed' ../logs/access_ssl_log* |
grep -i ' 404 '
../logs/access_ssl_log.processed:37.6.136.255 - - [08/Nov/2021:16:25:26 +0100] "GET /pub/static/version1636311072/frontend/Vendor/module/el_GR/Anowave_Ec,_js,_ec.js+js,_stores.js+Vendor_Customizer,_js,_bodyclass.js+Vendor_Customizer,_js,_stickyheader.js+Vendor_Customizer,_js,_popupcontent.js+Vendor_Wcag,_js,_wcag.js.pagespeed.jc.joHtLkNy1p.js HTTP/2.0" 404 370 "https://subdomain.example.com/tennis-balls.html?PageSpeedFilters=+debug" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0"
../logs/access_ssl_log.processed:37.6.136.255 - - [08/Nov/2021:16:25:28 +0100] "GET /pub/static/version1636311072/frontend/Vendor/module/el_GR/Anowave_Ec,_js,_ec.js+js,_stores.js+Vendor_Customizer,_js,_bodyclass.js+Vendor_Customizer,_js,_stickyheader.js+Vendor_Customizer,_js,_popupcontent.js+Vendor_Wcag,_js,_wcag.js.pagespeed.jc.joHtLkNy1p.js HTTP/2.0" 404 370 "https://subdomain.example.com/tennis-balls.html?PageSpeedFilters=+debug" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0"
../logs/access_ssl_log.processed:37.6.136.255 - - [08/Nov/2021:16:25:49 +0100] "GET /pub/static/version1636311072/frontend/Vendor/module/el_GR/mage,_requirejs,_mixins.js+requirejs-config.js.pagespeed.jc.I3Me962xHP.js HTTP/2.0" 404 370 "https://subdomain.example.com/tennis-balls.html?PageSpeedFilters=+debug" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0"
../logs/access_ssl_log.processed:37.6.136.255 - - [08/Nov/2021:16:25:49 +0100] "GET /pub/static/version1636311072/frontend/Vendor/module/el_GR/Anowave_Ec,_js,_ec.js+js,_stores.js+Vendor_Customizer,_js,_bodyclass.js+Vendor_Customizer,_js,_stickyheader.js+Vendor_Customizer,_js,_popupcontent.js+Vendor_Wcag,_js,_wcag.js.pagespeed.jc.joHtLkNy1p.js HTTP/2.0" 404 370 "https://subdomain.example.com/tennis-balls.html?PageSpeedFilters=+debug" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0"
../logs/access_ssl_log.processed:37.6.136.255 - - [08/Nov/2021:16:25:50 +0100] "GET /pub/static/version1636311072/frontend/Vendor/module/el_GR/mage,_requirejs,_mixins.js+requirejs-config.js.pagespeed.jc.I3Me962xHP.js HTTP/2.0" 404 370 "https://subdomain.example.com/tennis-balls.html?PageSpeedFilters=+debug" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0"
../logs/access_ssl_log.processed:37.6.136.255 - - [08/Nov/2021:16:25:50 +0100] "GET /pub/static/version1636311072/frontend/Vendor/module/el_GR/Anowave_Ec,_js,_ec.js+js,_stores.js+Vendor_Customizer,_js,_bodyclass.js+Vendor_Customizer,_js,_stickyheader.js+Vendor_Customizer,_js,_popupcontent.js+Vendor_Wcag,_js,_wcag.js.pagespeed.jc.joHtLkNy1p.js HTTP/2.0" 404 370 "https://subdomain.example.com/tennis-balls.html?PageSpeedFilters=+debug" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0"
So that means apache is indeed trying to handle pagespeed requests under certain cases
Yes, not "under certain cases" but in all cases file extension match the nginx location. URL rewrited by pagespeed have the same file extension that the original file or in a image case maybe is changed by webp that matches too. If you have: location regex expresion for file extension {.... } location for pagespeed in url {...} pagespeed uri are captured allways by the location for file extension, don´t found it as a file and then go to apache, that know nothing about pagespeed uris, so return 404. Nginx parse the config file from up to down and the location that 1s match the regex expresion captures the uri. If you have all the pagespeed config (location block included) in the vhos_nginx.conf file, you must put it before the location for file extensions. Ths makes pagespeed uris to be captured by the
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
add_header "" "";
}
and not by the location for file extensions.