I'm having a bit of a problem accessing admin routes via the API over REST. It always gives me a 401 error. Access via a browser works of course.
I'm running NodeBB 1.12.2 and have the write api plugin installed and active.
Specifically I'm trying to GET group privileges for a specific category via, for instance /api/admin/manage/privileges/1.
I've tried gaining authorization via a cookie and via a bearer token provided by the write API. Have any of you succeeded in getting requests to the admin API to work?
Thank you and best regards
Well, maybe you don't get precisely the option you prefer baked in but you may want to explore the alternatives, wh/at the least provide something rather than a blank "No one has replied". I favor the "Last - Show the latest post, including original post, if no replies" variant, wh/displays a leadin teaser snippet from the original post if no replies. Teaser is aptly named as provides a "taste" of what the thread may be about.
Otherwise... I gots nothin' for ya.... Good luck!
Maybe not a lot of interest in this due to complexity of deploying/configuring ModSecurity, combined w/absence of nodebb stack specific rulesets. Security is difficult so not much can be done about the deploy/config aspects but ModSecurity devs are starting to focus some efforts on the latter.
For those interested, and willing to roll up their sleeves, development of node.js targeted attack ruleset is slated for next release of OWASP CRS, scheduled for Sept. 2019. More info here:
P.S.; Obviously ModSecurity can be deployed on Apache setups as well but my sense is that Nginx is the overwhelming favorite w/the nodebb community and I didn't want to start a new thread.
lifeforms created this issue in SpiderLabs/owasp-modsecurity-crs
is it a good idea to use nginx pagespeed module. If possible, then can you please share your experience?
How to install nginx pagespeed module on existing centos 7 server?
Which configuration shall i put in nginx.conf file?
Thanks in adavance
I just spent some time figuring out IF I had written a post earlier today or not... as I was unable to find any record of a post anywhere under my profile. However as I just posted a second time I saw the same "being queued..." message and so I'm pretty certain now that I did in fact post earlier today.
However it would be nice to have some sort of user record (email sent, notification in your profile somewhere) when posts are awaiting approval. This is probably only applicable to new users, but still it would be nice.
You have managed to mess up the file permissions in the NodeBB directory. You should always execute ./nodebb, npm, and git commands under the same unprivileged user, which means no sudo.
You will need to recursively chown the nodebb directory back over to whatever unprivileged user should own it.
What upgrade instructions are you trying to follow?
Not AWS specific but maybe this is what you're looking for? Should be able to get you there.
Hell's bells... No clue why that link a'la old school markdown syntax is broken. Try this:
Ubuntu (Recommended) - NodeBB Documentation
Not an nginx guru so please bear with me here.
For simplicity sake let's assume site lives at forums.example.com rather than a example.com/forums subfolder.
Unless specified otherwise, nginx root dir is /usr/share/nginx/html
Nodebb nginx configuration docs utilize this when describing setting up a custom error page.
Nginx is being used exclusively as reverse proxy and not serving any additional sites. I think I read somewhere that under such configuration an explicit default server docroot should not be specified? But even in such cases I think the hard coded default /usr/share/nginx/html still serves up 50x.html error page.
In absence of a custom error page, nodebb uses nodebb/public/503.html?
Nginx has been configured for scaling.
Nginx Pitfalls and Common Mistakes documentation suggest putting doc root inside a location block is bad practice even though it will work.
Soo... now my question... taking all of above into consideration.. what is proper/correct best practice configuration for a "scaled" nginx nodebb deployment? I know what "could" work. I am curious what "should" be recommended best practice.
(Yeah, I know I already posted this in a different thread but it was a mistake at the time not to have started a new thread because this is pretty specific w.r.t. best practices configuration rather than "why isn't my stuff isn't working" question. Apologies for that.)
We use recent card, but IFAK we succeed to show either all categories or only one category, but not the #1 and #2 (etc.) categories.
We have multiple announcement categories and we would like to display them at the top on the category pages but in unique one "recent card" widget, and not multiple ones.
I searched but I didn't succeed to find how to do this.
It is actually planned:
Two of the permissions that are supposed to be split are Global account info access and
Global user sessions access.
Unfortunately, there seems to be no ETA, and the issue is from 2017, so it might take some time before it's added... But there is hope
pitaj created this issue in NodeBB/NodeBB
Please try to answer all of the questions I ask, or at least address them
Including all of your answers in a single reply improves the flow of the topic
Quote the actual question you're replying to, not the whole post
Include as many details as possible. For instance, what was the output of the git reset command?
I found some information within stackoverflow. That I am going to attempt. StackOverFlow says this: The post is located here:
It looks like a R10 Error Boot Timeout. The error occurs due to the application unable to reach an external resource, like a database.
I would double check your DB connection because this error is likely due to an improperly configured database connection.
Did you provision a database connection using Heroku's Add-on's? If not, you will have to provision a database to fix the error. mLab is a free option but there are many others. I'll try to walk you through an example of how to do this.
Navigate to your Heroku app's dashboard. Click on Resources. In the add-on search box, type in the database service you'd like to provision. If you choose mLab, it will take you to the mLab GUI. Your URI connection string is at the top of the screen. (You want to choose the one labeled "Driver". ) Click on the 'add a user' tab at the center-bottom part of the screen. Add a username and password. Save. After that, copy the URI connection string above, then navigate back to your dashboard. Click on Settings, reveal config vars. Now paste the URI connection string in the text box, then add in your newly created user credentials to replace the <username> and <password> fields. Copy the config variable MONGODB_URI. Next, on your command line, set or export the MONGODB_URI environment variable. Finally, in your application, navigate to where you start your server, then replace the connection to your local host's database with the MONGODB_URI e.g. process.env.MONGODB_URI. Next, Add, commit, push to master then to Heroku. The R10 error should be gone. If it's not, see the links below.
EDIT: This didn't seem to work.