I am setting up a nginx webserver with php-fpm and (d)dos deflate to ban attacks.
Now currently there is no traffic to my server at all, as i'm testing things.
With this command i can see who is connected to my server, and how many connections they have open:
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
During testing I noticed that when I would load a test script which is basicly <?php phpinfo(); ?>
it would start 3 connections. I guess 1 for the HTML an 2 for the 2 images on that page. All is fine so far...
But I noticed it took well over a minute before those 3 connections where closed. I kept running the above netstat command to see if those 3 external connections would close.
My nginx.conf has a keep alive timeout of 4.
keepalive_timeout 4;
The connection was made via a default setup Chrome browser.
How come those connections stayed open so long, and is this normal? Also, is there a way I can close them sooner?
You can increase or decrease timeouts on TCP sockets using the file tcp_keepalive_time found on the directory /proc/sys/net/ipv4/ .
The default timeout value is 7200 (2 hours).
For example, to change into 1200 seconds issue the command as below: