Resolution of cache configuration points when the Nginx server is acting as a reverse proxy

An example is given here and explained in detail.

http {
[...]
[...]
 
proxy_cache_path /data/nginx/cache/one levels=1:2  keys_zone=one:10m max_size=10g;
proxy_cache_key "$host$request_uri";
 
server {
  server_name www.ofstack.com ofstack.com;
  root /home/www.ofstack.com/web;
  index index.php index.html index.htm;
  location / {
    proxy_pass http://127.0.0.1:8080;
    proxy_set_header Host "www.ofstack.com";
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    # Turn on the reverse proxy cache and use it zone name for one The cache. 
    proxy_cache one;
    # Set the status code to 200 302 The expiration time is 10 minutes 
    proxy_cache_valid 200 302 10m;
    # Setting status code 404 The expiration time is 1 minutes 
    proxy_cache_valid 404   1m;
  }
  # Clear the cache 
  location ~ /purge(/.*) {
    # Allow the IP
    allow 127.0.0.1;
    deny all;
    proxy_cache_purge one $host$1$is_args$args;
  }
}
 
}

The cache of the reverse proxy mainly involves the following commands:

proxy_cache_path proxy_cache_key proxy_cache proxy_cache_valid
1.proxy_cache_path

This is the directory for setting cache. The syntax is as follows:

proxy_cache_path path [ levels = levels ] keys_zone = name : size [ inactive = time ] [ max_size = size ] [ loader_files = number ] [ loader_sleep = time ] [ loader_threshold = time ]

Placement context:
http
Parameter explanation:
[levels = levels] :
Set the number of cache directory layers, such as levels=1:2, to create two layers of directory cache and up to three. The directory name of layer 1 takes the last character of proxy_cache_key md5, and the directory name of layer 2 takes the reciprocal character of 2-3, such as:
proxy_cache_key md5 b7f54b2df7773722d382f4809d65029c, are:
levels = 1:2 as/cache / / data nginx c / / b7f54b2df7773722d382f4809d65029c 29
levels = syntactic sugar for 1:2:3 as/cache / / data nginx c / 29/650 / b7f54b2df7773722d382f4809d65029c
2.keys_zone = name: size:
Define the name and size of the cache area. The cache name is used by the proxy_cache directive to set where the cache is placed. For example, proxy_cache one, the cache is placed in the zone cache area named one, which is the specific location specified by proxy_cache_path.
3.proxy_cache_key
This directive is to set the parameter md5 to get the cached file name, and the default is $scheme$proxy_host$request_uri, that is, the protocol, hostname, request uri(including the parameters) to be the cached file name of md5.
proxy_cache_key has a lot to do with the following cache clearing feature (purge cache).
Can be placed in context,http server location
4.proxy_cache
Reverse proxy cache setup instruction, syntax proxy_cache zone | off, default to off. Context: http server location.
You can place it on location so that url that matches this location is cached.
5.proxy_cache_valid
Sets the cache time for the specified status code, proxy_cache_valid [code...] time.
In addition, to clear the cache, the plug-in ngx_cache_purge needs to be installed. The installation method is as follows:

cd /tmp
wget http://labs.frickle.com/files/ngx_cache_purge-2.1.tar.gz
tar xzf ngx_cache_purge-2.1.tar.gz
cd /tmp
wget http://nginx.org/download/nginx-1.4.2.tar.gz
tar xzf nginx-1.4.2.tar.gz
cd nginx-1.4.2
./configure --prefix=/usr/local/nginx --add-module=/tmp/ngx_cache_purge-2.1
make && make install

Cache expiration time
When configuring, there are three places to set the cache expiration time:

1.inactive=1d
2.proxy_cache_valid 200 304 1h
3.expires 10m
The explanation is simple:

inactive=1d means how long it has not been accessed before the cache is cleared
proxy_cache_valid 200 304 1h means how long before the cache is generated
expires 10m this does not control the server side, but the expiration time specified in Http Response header, which is for the client.
The problem of temp
When Nginx is running backwards, when proxy_buffer_size is running out of file size, it loads all the files into the Temp directory once, and then sends them to the user.

If proxy_buffering off is set, it will not be loaded into the Temp directory, but will be loaded synchronously from upstream.

You can set the maximum cacheable file size by setting the proxy_max_temp_file_size parameter.

206 and Byte Range
Byte Range allows clients to request part 1 of a file from the server instead of the entire file. Most applications that support multithreaded downloads and breakpoint downloads use this feature. At this point the server returns Http Code is 206 Partial Requests.

However, if Nginx is not properly set up in reverse, this feature may attract an Dos attack.

Because the default for the generation, Nginx backend server requests when will not add Range parameters, but will go to request the entire file, for example one 1 G file, each request 1 M, Nginx will at the time of each request to the backend request 1 complete 1 G file, then remove the 1 M sent to the client, at this time in the middle of the flow, will be lead to the entire server goes down. Today I have been checking for a long time because of this problem.

The solution is simple: add Range to Header.

proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_no_cache $http_range $http_if_range;