php-fpm monitoring for single domain

Ran into this one recently and the solution came out of left field, so I thought I'd throw it out to the internet at large. I've got a server which is running php-fpm and nginx. However it has several websites running on it, each of which has its own php-fpm/pool.d/ profile. We were having a problem with one of the websites, which got a lot more traffic than the others, so we needed a way to monitor its php-fpm performance.

Setting up php monitoring is not hard. There are many guides around the internet. You put the line

pm.status_path = /status

in your fpm pool file, then add a block to your nginx config so that it can only be accessed by certain IP addresses.

Read more

Mysql 8 Binary Logs ON by default

I'm not sure how typing this in my quiet corner of the internet will be effective in broadcasting the message, but this is a Big Deal for server administrators. Previously binary logging was disabled by default, but now, with the default settings, if you have a busy database server, pretty soon you'll have a hefty … Read more

Troubleshooting postfix using bcc to local user

After routing mail through postfix to an external relay server (in this case gmail's smtp relay), all the mail from a server was routing correctly. Except after a couple of days I noticed a couple of strange bounces. Authentication at the gmail end was by IP address and domain, so any address [email protected] could be used to send email. But these were coming from [email protected] so were being rejected with a helpful message by gmail.

The IP address you've 550-5.7.1 registered in your G Suite SMTP Relay service doesn't match domain of 550-5.7.1 the account this email is being sent from. If you are trying to relay 550-5.7.1 mail from a domain that isn't registered under your G Suite account 550-5.7.1 or has empty envelope-from, you must configure your mail server 550-5.7.1 either to use SMTP AUTH to identify the sending domain or to present 550-5.7.1 one of your domain names in the HELO or EHLO command. For more 550-5.7.1 information, please visit 550 5.7.1

Pretty helpful as messages go. Less helpful was the fact that there were several websites on the server and a couple of other apps, and I didn't have access to the admin panels of any of them. The mails, once bounced, were removed from postfix's queue, never to be seen again. Time for some detective work.

Read more