502 for post pages, error reading status line from remote server localhost:4567

XCTrails

After an upgrade to 1.13.2 (I think from 1.12.x), I cannot access any forum posts anymore. I reconfigered my apache conf as per the docs - the Websocket passthrough rules definitely weren't required with the old version, but something's not right. I can load the forum main pages, but as soon as I try to load a post page, after some delay, I get a 502 in the browser and this in my apache error log:

[Thu Feb 27 21:11:21.672963 2020] [proxy_http:error] [pid 5133] (20014)Internal error (specific information not available): [client x.x.x.x:62276] AH01102: error reading status line from remote server localhost:4567
[Thu Feb 27 21:11:21.673075 2020] [proxy:error] [pid 5133] [client x.x.x.x:62276] AH00898: Error reading from remote server returned by /topic/19/mapillary-integration-und-trailviews

I'm running Apache/2.4.7 on Ubuntu, there's another (Java based) Websocket server running on another v-host on that box which works ok.

Here's the full conf for the forum v-host:

<VirtualHost xxxxx.xx:443>
    ServerName   xxxxx.xx
    ServerSignature Off
    SSLEngine On
    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLProtocol all -SSLv2 -SSLv3
    SSLHonorCipherOrder On
    SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
#     Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"

    # Basic security headers
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Xss-Protection "1; mode=block"
    
    RequestHeader set X-Forwarded-Proto "https"
    
    ProxyRequests off
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>
    
    # Websocket passthrough
    RewriteEngine On
    RewriteCond %{REQUEST_URI}  ^/socket.io            [NC]
    RewriteCond %{QUERY_STRING} transport=websocket    [NC]
    RewriteRule /(.*)           ws://localhost:4567/$1 [P,L]
    
    ProxyPass / http://localhost:4567/
    ProxyPassReverse / http://localhost:4567/
        
    SSLCertificateFile /etc/letsencrypt/live/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/chain.pem
</VirtualHost>

PitaJ

Are there any nodebb errors? Can you access those pages of you bypass the reverse proxy?

XCTrails

There are no errors in nodebb's log file.

If I change the config.json url to http://<myip>:4567 and try to load that in my browser, I get the main page again, but now 403s and this in the console:

You are accessing the forum from an unknown origin. This will likely result in websockets failing to connect. 
To fix this, set the `"url"` value in `config.json` to the URL at which you access the site. 

That's weird, because for that test, that URL is set to the one I'm accessing it by?!

XCTrails

Meanwhile I've reverted to my previously installed version (1.12.0) and everything is fine again. Completely lost here.

julian

Sounds like it could be a plugin incompatibility. How were you checking the NodeBB logs?

XCTrails

By looking into logs/output.log