Skip to content

HENGSHI SENSE Common Issues in Third-Party Software Configuration

Is there a file size limit for uploads?

It needs to be restricted through the front-end reverse proxy, such as nginx:



# nginx configuration file setup in HENGSHI server
client_max_body_size 100m;

How to Set HTTP Connection Timeout?

HTTP connection timeout is also configured in the reverse proxy settings of the HENGSHI front-end, such as nginx:



# nginx configuration file setup in HENGSHI server
proxy_connect_timeout  600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout       600;

How to Serve Through Ports 80 and 443?

HENGSHI SENSE cannot be started as root, so it cannot bind to ports lower than 1024. To listen on ports 80 and 443, it is recommended to use nginx as a reverse proxy. Create a configuration file /etc/nginx/conf.d/hengshi.conf with the following content:

# hengshi proxy
upstream hengshi-proxy {
        server <HENGSHI_IP>:<HENGSHI_PORT>;
}
server {
        server_name <SERVNAME>;
        access_log /var/log/nginx/access.log main;
        listen 80;
        location / {
                proxy_pass http://hengshi_proxy;
        }
}
server {
        server_name <SERVNAME>
        listen 443 ssl http2; # Ensure HTTP/2 is configured to improve browser request concurrency
        access_log /var/log/nginx/access.log main;

        gzip on; # Enable gzip compression to optimize page loading speed
        gzip_vary on;
        client_max_body_size 200M;
        proxy_connect_timeout    900;
        proxy_read_timeout       900;
        proxy_send_timeout       900;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS';
        ssl_prefer_server_ciphers on;
        ssl_session_timeout 5m;
        ssl_session_cache shared:SSL:50m;
        ssl_session_tickets off;
        ssl_certificate <PATH_TO_CER>
        ssl_certificate_key <PATH_TO_CER_KEY>
        add_header Strict-Transport-Security "max-age=31536000" always;
        location / {
                # The following X-Forwarded-Host and X-Forwarded-Proto settings are necessary for SSO scenarios. Do not omit them!
                proxy_set_header X-Forwarded-Host $host;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_pass http://hengshi-proxy;
        }
}

Replace the variables with actual values:

  • <HENGSHI_IP>: The IP address of the machine where HENGSHI is deployed.
  • <HENGSHI_PORT>: The port bound to the HENGSHI service.
  • <SERVNAME>: The hostname used by Nginx to provide services.
  • <PATH_TO_CER>, <PATH_TO_CER_KEY>: The absolute paths to the cer/key files for providing SSL services.

Offline Installation of Docker and Docker-Compose

CategoryArchitectureDownload Link
Linuxdocker x86_64https://download.hengshi.com/3rd/docker-linux-x64/docker-28.1.1.tgz
Linuxdocker-compose x86_64https://download.hengshi.com/3rd/docker-linux-x64/docker-compose-linux-x86_64_v2.36.2.tar.gz
Linuxdocker arm64https://download.hengshi.com/3rd/docker-linux-aarch64/docker-23.0.6.tgz
Linuxdocker-compose arm64https://download.hengshi.com/3rd/docker-linux-aarch64/docker-compose

This example is for the x86_64 platform. If you are using arm64, please download the corresponding installation package.

  1. Download the Docker and Docker-Compose installation packages to the server. You should see the following files:
shell
 ls
docker-28.1.1.tgz  docker-compose-linux-x86_64_v2.36.2.tar.gz
  1. Install Docker
shell
tar xf docker-28.1.1.tgz # Extract the files
cp docker/* /usr/bin/  # Copy the executable files to the system path
  1. Prepare the docker.service file
shell
cat <<EOF > /usr/lib/systemd/system/docker.service/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
EOF
  1. Start the Docker service
shell
systemctl daemon-reload
systemctl start docker
systemctl enable docker # Enable startup on boot

systemctl status docker # Check the service status
  1. Copy Docker-Compose to the system directory
shell
tar xf docker-compose-linux-x86_64_v2.36.2.tar.gz
cp docker-compose /usr/local/bin/
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
  1. Check the versions of Docker and Docker-Compose. If the following example information is returned, the installation is successful.
shell
 docker -v
Docker version 28.1.1, build 4eba377

 docker-compose version
Docker Compose version v2.36.2

User Manual for Hengshi Analysis Platform