Technical Support

When trying to boot NodeBB on new server i get

at Function.MongoError.create (/home/***/nodebb/node_modules/mongodb/node_modules/mongodb-core/lib/error.js:31:11) at /home/***/nodebb/node_modules/mongodb/node_modules/mongodb-core/lib/topologies/server.js:754:66 at Callbacks.emit (/home/***/nodebb/node_modules/mongodb/node_modules/mongodb-core/lib/topologies/server.js:95:3) at null.messageHandler (/home/***/nodebb/node_modules/mongodb/node_modules/mongodb-core/lib/topologies/server.js:243:23) at Socket.<anonymous> (/home/***/nodebb/node_modules/mongodb/node_modules/mongodb-core/lib/connection/connection.js:262:22) at Socket.emit (events.js:107:17) at readableAddChunk (_stream_readable.js:163:16) at Socket.Readable.push (_stream_readable.js:126:10) at TCP.onread (net.js:538:20)

Any tips on best practices for migrating servers?

Quick reply to let others know that v0.8.2 fixed my initial nodeBB woes. Thanks to AOKP and julian for the heads-up and fix.

I'm doing a git commit.

I have a request if else in the helpers.js

if (category.bgColor) { style.push ('background-color:' + category.bgColor); } else { console.log ('no bgColor'); }

that will not do.

but perhaps a negative query

if (! category.bgColor || category.bgColor == NULL) { // Console.log ('no bgColor'); style.push ('background-color: #fff'); } else { style.push ('background-color:' + category.bgColor); }

I tried only the first variant.

Just don't install Naxsi 👍

Dear friends,

I have a problem with my nodebb Installation. After switching to a new Server I can't login anymore. Error: Forbidden

Debian 8.0 x64
nginx 1.9.4
npm 3.3.4
redis 2.8.17
node 0.10.29

My nginx Configuration:

server { listen 80 default_server; server_name sondorsforum.com; return 301 https://sondorsforum.com$request_uri; } server { listen 80; server_name 5.189.143.37; return 503; } server { listen 443; server_name 5.189.143.37; return 503; } server { listen 443 ssl spdy default deferred; server_name sondorsforum.com; location / { include /etc/nginx/naxsi.rules; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass http://0.0.0.0:4567/; proxy_redirect off; # Socket.IO Support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; } ssl_certificate ssl/sondorsforum.com.pem; ssl_certificate_key ssl/sondorsforum.com.key; #ssl_trusted_certificate ssl/trustedbundle.pem; ssl_dhparam ssl/dh.pem; ssl_ecdh_curve secp384r1; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; ssl_session_tickets off; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; #ssl_stapling on; #ssl_stapling_verify on; #resolver 8.8.8.8 8.8.4.4 valid=300s; #resolver_timeout 5s; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; # HSTS - uncomment if you have a valid SSL certificate #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; add_header X-Frame-Options DENY; add_header Alternate-Protocol 443:npn-spdy/2; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; #add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'"; pagespeed on; pagespeed FetchHttps enable,allow_self_signed; pagespeed FileCachePath /var/lib/nginx/nps_cache; pagespeed RewriteLevel PassThrough; pagespeed EnableFilters collapse_whitespace; pagespeed EnableFilters canonicalize_javascript_libraries; pagespeed EnableFilters combine_css; pagespeed EnableFilters combine_javascript; pagespeed EnableFilters elide_attributes; pagespeed EnableFilters extend_cache; pagespeed EnableFilters flatten_css_imports; pagespeed CssFlattenMaxBytes 5120; pagespeed EnableFilters lazyload_images; pagespeed EnableFilters rewrite_javascript; pagespeed EnableFilters rewrite_images; pagespeed EnableFilters insert_dns_prefetch; pagespeed EnableFilters prioritize_critical_css; # This will correctly rewrite your subresources with https:// URLs and thus avoid mixed content warnings. # Note, that you should only enable this option if you are behind a load-balancer that will set this header, # otherwise your users will be able to set the protocol PageSpeed uses to interpret the request. # pagespeed RespectXForwardedProto on; auth_basic_user_file htpasswd/.htpasswd; include /etc/nginx/sites-custom/*.conf; location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include fastcgi.conf; fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; fastcgi_buffers 256 16k; fastcgi_buffer_size 128k; fastcgi_connect_timeout 3s; fastcgi_send_timeout 120s; fastcgi_read_timeout 120s; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } location ~ /\. { deny all; access_log off; log_not_found off; } location = /robots.txt { allow all; log_not_found off; access_log off; } # Uncomment, if you need to remove index.php from the # URL. Usefull if you use Codeigniter, Zendframework, etc. # or just need to remove the index.php # #location / { # try_files $uri $uri/ /index.php?$args; #} location ~* ^.+\.(css|js)$ { rewrite ^(.+)\.(\d+)\.(css|js)$ $1.$3 last; expires 30d; access_log off; log_not_found off; add_header Pragma public; add_header Cache-Control "max-age=2592000, public"; } location ~* \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|otf|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|t?gz|tif|tiff|ttf|wav|webm|wma|woff|wri|xla|xls|xlsx|xlt|xlw|zip)$ { expires 30d; access_log off; log_not_found off; add_header Pragma public; add_header Cache-Control "max-age=2592000, public"; } }

Naxsi.rules file if necessary:

LearningMode; SecRulesEnabled; DeniedUrl "/RequestDenied"; # Rules CheckRule "$SQL >= 8" BLOCK; CheckRule "$RFI >= 8" BLOCK; CheckRule "$TRAVERSAL >= 4" BLOCK; CheckRule "$EVADE >= 4" BLOCK; CheckRule "$XSS >= 8" BLOCK;

naxsi_core.rules

################################## ## INTERNAL RULES IDS:1-999 ## ################################## #@MainRule "msg:weird request, unable to parse" id:1; #@MainRule "msg:request too big, stored on disk and not parsed" id:2; #@MainRule "msg:invalid hex encoding, null bytes" id:10; #@MainRule "msg:unknown content-type" id:11; #@MainRule "msg:invalid formatted url" id:12; #@MainRule "msg:invalid POST format" id:13; #@MainRule "msg:invalid POST boundary" id:14; #@MainRule "msg:invalid JSON" id:15; #@MainRule "msg:empty POST" id:16; #@MainRule "msg:libinjection_sql" id:17; #@MainRule "msg:libinjection_xss" id:18; ################################## ## SQL Injections IDs:1000-1099 ## ################################## MainRule "rx:select|union|update|delete|insert|table|from|ascii|hex|unhex|drop" "msg:sql keywords" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1000; MainRule "str:\"" "msg:double quote" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8,$XSS:8" id:1001; MainRule "str:0x" "msg:0x, possible hex encoding" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:2" id:1002; ## Hardcore rules MainRule "str:/*" "msg:mysql comment (/*)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1003; MainRule "str:*/" "msg:mysql comment (*/)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1004; MainRule "str:|" "msg:mysql keyword (|)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1005; MainRule "str:&&" "msg:mysql keyword (&&)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1006; ## end of hardcore rules MainRule "str:--" "msg:mysql comment (--)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1007; MainRule "str:;" "msg:; in stuff" "mz:BODY|URL|ARGS" "s:$SQL:4,$XSS:8" id:1008; MainRule "str:=" "msg:equal in var, probable sql/xss" "mz:ARGS|BODY" "s:$SQL:2" id:1009; MainRule "str:(" "msg:parenthesis, probable sql/xss" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1010; MainRule "str:)" "msg:parenthesis, probable sql/xss" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1011; MainRule "str:'" "msg:simple quote" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1013; MainRule "str:," "msg:, in stuff" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1015; MainRule "str:#" "msg:mysql comment (#)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1016; MainRule "str:@@" "msg:double @@" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1017; ############################### ## OBVIOUS RFI IDs:1100-1199 ## ############################### MainRule "str:http://" "msg:http:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1100; MainRule "str:https://" "msg:https:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1101; MainRule "str:ftp://" "msg:ftp:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1102; MainRule "str:php://" "msg:php:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1103; MainRule "str:sftp://" "msg:sftp:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1104; MainRule "str:zlib://" "msg:zlib:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1105; MainRule "str:data://" "msg:data:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1106; MainRule "str:glob://" "msg:glob:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1107; MainRule "str:phar://" "msg:phar:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1108; MainRule "str:file://" "msg:file:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1109; ####################################### ## Directory traversal IDs:1200-1299 ## ####################################### MainRule "str:.." "msg:double dot" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1200; MainRule "str:/etc/passwd" "msg:obvious probe" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1202; MainRule "str:c:\\" "msg:obvious windows path" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1203; MainRule "str:cmd.exe" "msg:obvious probe" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1204; MainRule "str:\\" "msg:backslash" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1205; #MainRule "str:/" "msg:slash in args" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:2" id:1206; ######################################## ## Cross Site Scripting IDs:1300-1399 ## ######################################## MainRule "str:<" "msg:html open tag" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1302; MainRule "str:>" "msg:html close tag" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1303; MainRule "str:[" "msg:[, possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1310; MainRule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311; MainRule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312; MainRule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314; MainRule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315; #################################### ## Evading tricks IDs: 1400-1500 ## #################################### MainRule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400; MainRule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401; ############################# ## File uploads: 1500-1600 ## ############################# MainRule "rx:\.ph|\.asp|\.ht" "msg:asp/php file upload!" "mz:FILE_EXT" "s:$UPLOAD:8" id:1500;

In error log I found this:

2015/09/27 16:02:22 [error] 20505#0: *1163 NAXSI_FMT: ip=108.xx.221.xx7&server=sondorsforum.com&uri=/socket.io/&learning=1&vers=0.54&total_processed=633&total_blocked=553&block=1&zone0=BODY&id0=11&var_name0=, client: 1x8.1xx.221.xx7, server: sondorsforum.com, request: "POST /socket.io/?EIO=3&transport=polling&t=1443362898342-122709&sid=Z6hgNYilz7n697KEAAAs HTTP/1.1", host: "sondorsforum.com", referrer: "https://sondorsforum.com/topic/55/kt-lcd3-display-connector-type-pins/15" 2015/09/27 16:02:25 [error] 20505#0: *1166 NAXSI_FMT: ip=10x.162.2xx.1x5&server=sondorsforum.com&uri=/socket.io/&learning=1&vers=0.54&total_processed=635&total_blocked=554&block=1&cscore0=$XSS&score0=40&zone0=HEADERS&id0=1315&var_name0=cookie&zone1=BODY&id1=11&var_name1=, client: 10x.162.2xx.1x5, server: sondorsforum.com, request: "POST /socket.io/?EIO=3&transport=polling&t=1443362548069-1547&sid=JdOnEYo8eOjo92KZAAA1 HTTP/1.1", host: "sondorsforum.com", referrer: "https://sondorsforum.com/topic/70/kt-lcd3-settings-for-sondors" 2015/09/27 16:02:25 [error] 20505#0: *1166 NAXSI_FMT: ip=108.12x.2x2.1x5&server=sondorsforum.com&uri=/socket.io/&learning=1&vers=0.54&total_processed=636&total_blocked=555&block=1&cscore0=$XSS&score0=40&zone0=HEADERS&id0=1315&var_name0=cookie, client: 1x8.16x.2x2.1x5, server: sondorsforum.com, request: "GET /socket.io/?EIO=3&transport=polling&t=1443362548905-1548&sid=JdOnEYo8eOjo92KZAAA1 HTTP/1.1", host: "sondorsforum.com", referrer: "https://sondorsforum.com/topic/70/kt-lcd3-settings-for-sondors" 2015/09/27 16:02:29 [error] 20505#0: *1169 NAXSI_FMT: ip=16x.1x8.88.x06&server=sondorsforum.com&uri=/socket.io/&learning=1&vers=0.54&total_processed=637&total_blocked=556&block=1&cscore0=$SQL&score0=40&cscore1=$XSS&score1=200&zone0=HEADERS&id0=1005&var_name0=cookie&zone1=HEADERS&id1=1010&var_name1=cookie&zone2=HEADERS&id2=1011&var_name2=cookie&zone3=HEADERS&id3=1315&var_name3=cookie&zone4=BODY&id4=11&var_name4=, client: x6x.1x8.8x.x06, server: sondorsforum.com, request: "POST /socket.io/?EIO=3&transport=polling&t=1443362548637-13651&sid=uaVLv6IIo-6DDqrCAAA2 HTTP/1.1", host: "sondorsforum.com", referrer: "https://sondorsforum.com/unread"

Thanks for your help

the uprade worked flawlessly
NPM install I've done
but in "node app" I get this error ..
I've loaded a new persona plugin. but the error remains. I get NodeBB simply not start?

Bildschirmfoto vom 2015-09-27 10:50:10.png

interesting, jquery install is demanding node 0.10.40 while the existing node is 0.10.37. Updating going to cause any incompatibilities with nodebb?

Loading always stops -

@truetuna
thanks for the information.
after issued the sudo apt-get --purge autoremove redis-server I would suggest reinstall the builded one in case of common files presence to be sure the uninstall didn't remove one or several builded one. I think it can be simple as going to build folder and do a

sudo make install

my 2 cents 😉

Not impossible, just not worth the effort. The values are contained in the config hash, so if you want to clear it, you can go in and remove them manually...

Working. Thank you!

But when i Paste an url nothing happens, i just see the link to the movie!

Do I need additional plugins to make it work?

This: https://github.com/psychobunny/nodebb-plugin-youtube

works as it should

I paste the url Then it simply works, as it should be

What is the benefit of having youtube setup with api keys?

EDIT: Found the error, my postlink plugin fuckup your plugin 😛 I will try to patch it 🙂
EDIT2: My plugin is now fixed 😛

Not sure what depended on redisearch besides dbsearch, but I also just ran npm unl redisearch and ./nodebb upgrade then worked.

@julian said:

bind_address

thanks @julien works 🙂

@rnovino If this happens, then your NodeBB is crashing repeatedly.

On a $5 DigitalOcean droplet, we've seen the forum handle loads up to 300-400 concurrent users just fine, and this is on a single CPU!!

Any more and you should probably get more cores, move your db to its own server, or scale horizontally

The main point here is that every time we modify the url to add the post index, it is a new resource, even though in reality, the end result is really the same.

We can't fault the browser for adhering to the spec, though I honestly don't know if we can resolve this one.

Here we change the url as you are scrolling, as opposed to recalculating the url when scrolling is finished, but besides that...

One of your community members tried to open an old thread with the following title: "Relay actuator sketch - auto off function"

But NodeBB refuses to serve this to the client.

I suspect the url-rewrite gets mocked up but nothing is reported in error/output log.

We're still running v0.7.0-dev something

commit 9165da3b26a044c288d5db73c4933ca2b29e6a78

EDIT: Upgrading to 0.8.2 seems to fix this.

@rnovino said:

@julian documentation is not even clear on how to use the plugin is there any tutorial on how to import the wordpress post to nodebb

The question would be what your actual question is. I do not want to offend you, but the doc is quite clear for me.

is there any script to automate all this installation procedure similar with the RTCAMP when installing an NGINX base WORDPRESS server

I followed the instruction in the installation documentation but as a non-developer user I find it hard to follow.

it's not in detailed format and it's just on the NODEBB installation, can anyone help me create a documentation with the following

Installing NODEBB NGINX procedure to make my own domain as the primary url securing the server

although this tutorials is helpful but still lacks the nginx part procedure and the security http://burnaftercompiling.com/nodebb/setting-up-a-nodebb-forum-for-dummies/#comments

hoping for a reference to finish installing my nodebb site

thanks

@julian @zombie for some reason my server decided to be evil and completly ignore the repository, thats why I included the manual compiling. Anyways good luck.