Applicable to:
- Plesk for Linux
Symptoms
-
Under some load website configured in Plesk cannot be accessed;
-
Domains > example.com > Hosting Settings > Permanent SEO-safe 301 redirect from HTTP to HTTPS is enabled:
-
Running stress-tests shows that server closes connection before completing the answer:
# ab -c 400 -n 8000 -H "Host: example.com" -f TLS1.2 https://example.com:443/
<...>
SSL handshake failed (5).
SSL handshake failed (5).
SSL handshake failed (5).
<...>
Complete requests: 8000
Failed requests: 4968 -
Failed requests are not written to any log file in
/var/www/vhosts/system/example.com/logs/directory
Cause
nginx cannot handle all connections and abruptly finishes some of them in the middle of TLS handshake
-
There is only one nginx worker:
# grep worker_processes /etc/nginx/nginx.conf
worker_processes 1;
Resolution
-
Connect to the server via SSH;
-
Open
/etc/nginx/nginx.confin any text editor and setworker_processesvalue as below:# grep worker_processes /etc/nginx/nginx.conf
worker_processes auto;Note: When the value is set to
auto, then nginx will automatically increase and decrease worker quantity according to server load. -
Test that configuration in correct:
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful -
Reload the configuration:
# service nginx reload
Note: For further TLS optimization refer to the official nginx documentation.
Comments
1 comment
I tried the following command solved the problem partially but got a "ssl_stapling" error:
Please sign in to leave a comment.