Skip to content
  • pidfile not found nginx

    Unsolved Technical Support
    4
    0 Votes
    4 Posts
    336 Views
    julianJ

    Not really, no... It just means that you might have a running NodeBB instance you can't stop (short of running something like kill)

  • 0 Votes
    5 Posts
    270 Views
    Teresa-Hale-DHQT

    @baris strangely enough, the category list loads now! And it doesn't look like there's any circularness in the list.

    1c811ac6-83ea-4dd2-b1d9-3af633f45e90-image.png

    Still, trying to manage the admin group via /admin/manage/groups/administrators or /admin/manage/admins-mods results in a gateway timeout. I've also enabled verbose logging, which displays this upon visiting either of these two urls:

    x.x.x.x - - [01/Nov/2022:17:12:10 +0000] "GET /forum/admin/manage/admins-mods HTTP/1.1" - - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"

    Now there's no response code. Strange.

  • 0 Votes
    2 Posts
    650 Views
    barisB

    In your setup redis will be used for sessions, pubsub and socket.io will use it to pass around messages.

    Each nodejs process has it's own post cache, you can see the caches at /admin/advanced/cache.

    Redis pubsub is also used to clear cache on the other nodejs process when it is cleared on one nodejs process. For example when a post is edited it's cache will be cleared on the other nodes.

  • 0 Votes
    7 Posts
    924 Views
    PitaJP

    @MoJo Ah yeah it looks like you've run into this bug: https://github.com/NodeBB/NodeBB/issues/8515

    You'll need to cherry-pick the referenced commit to fix it in your install.

  • nginx reverse proxy nodebb

    Solved Technical Support
    4
    0 Votes
    4 Posts
    3k Views
    PitaJP

    Yes, the url in config.json should be equal to exactly the URL at which you access your site. It usually shouldn't be localhost or an IP address.

  • 0 Votes
    4 Posts
    3k Views
    julianJ

    The common causes for a session mismatch error are usually one of the following:

    1. Mis-configured URL parameter in your config.json file

    If you have a misconfigured url value in your config.json file, the cookie may be saved incorrectly (or not at all), causing a session mismatch error. Please ensure that the link you are accessing your site with and the url defined match.

    2. Improper/malformed cookieDomain set in ACP

    Sometimes admins set this value without realising that they probably don't need to set it at all. The default is perfectly fine. This is what the config looks like:

    Cookie Domain setting

    If this is set, you'll want to revert the setting by editing your database directly:

    Redis: hdel config cookieDomain
    MongoDB: db.objects.update({ _key: "config" }, { $set: "cookieDomain": "" });

    3. Missing X-Forwarded-Proto header from nginx/apache

    If you are using a reverse proxy, you will need to have nginx pass a header through to NodeBB so it correctly determines the correct cookie secure property.

    In nginx, you will need to add the directive like so:

    location / { ... proxy_set_header X-Forwarded-Proto $scheme; ... }
  • 0 Votes
    1 Posts
    1k Views
    TzA-0x000000001T

    Hello.

    I know this was asked so much times on the forum, but I've actually a problem since I use the NodeJS build from Openshift. I saw everywhere that I had to change the nginx configuration file, but I don't how to achieve that with my current configuration.
    I tried to install nginx, but it failed to resolve the issue.

    So, I was thinking that someone found a fix or a way to edit nginx configuration with Openshift.

    Thank you for your attention,
    Best regards.

  • 0 Votes
    7 Posts
    10k Views
    julianJ

    Thanks @rod and @tqwhite for helping @Cyb3r with this 😄

    Glad we have you on the community!

  • nginx configuration

    Technical Support
    1
    0 Votes
    1 Posts
    2k Views
    agusputraA

    I follow this :
    https://docs.nodebb.org/en/latest/configuring/proxies/nginx.html#configuration

    But I get error each time refresh (F5).

    Browser console output :

    WebSocket connection to 'ws://188.166.229.163/socket.io/?EIO=3&transport=websocket&sid=272_fqLIM0WJupWXAAA1' failed: Error during WebSocket handshake: Unexpected response code: 400

    Please help.

  • 0 Votes
    10 Posts
    4k Views
    H

    @pitaj I did some testing today with /categories 404'd. Seems as though things continued to work fine. I'm not disabling the functionality, just access to the page.

  • 0 Votes
    1 Posts
    2k Views
    A

    Just don't install Naxsi 👍

    Dear friends,

    I have a problem with my nodebb Installation. After switching to a new Server I can't login anymore. Error: Forbidden

    Debian 8.0 x64
    nginx 1.9.4
    npm 3.3.4
    redis 2.8.17
    node 0.10.29

    My nginx Configuration:

    server { listen 80 default_server; server_name sondorsforum.com; return 301 https://sondorsforum.com$request_uri; } server { listen 80; server_name 5.189.143.37; return 503; } server { listen 443; server_name 5.189.143.37; return 503; } server { listen 443 ssl spdy default deferred; server_name sondorsforum.com; location / { include /etc/nginx/naxsi.rules; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass http://0.0.0.0:4567/; proxy_redirect off; # Socket.IO Support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; } ssl_certificate ssl/sondorsforum.com.pem; ssl_certificate_key ssl/sondorsforum.com.key; #ssl_trusted_certificate ssl/trustedbundle.pem; ssl_dhparam ssl/dh.pem; ssl_ecdh_curve secp384r1; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; ssl_session_tickets off; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; #ssl_stapling on; #ssl_stapling_verify on; #resolver 8.8.8.8 8.8.4.4 valid=300s; #resolver_timeout 5s; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; # HSTS - uncomment if you have a valid SSL certificate #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; add_header X-Frame-Options DENY; add_header Alternate-Protocol 443:npn-spdy/2; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; #add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'"; pagespeed on; pagespeed FetchHttps enable,allow_self_signed; pagespeed FileCachePath /var/lib/nginx/nps_cache; pagespeed RewriteLevel PassThrough; pagespeed EnableFilters collapse_whitespace; pagespeed EnableFilters canonicalize_javascript_libraries; pagespeed EnableFilters combine_css; pagespeed EnableFilters combine_javascript; pagespeed EnableFilters elide_attributes; pagespeed EnableFilters extend_cache; pagespeed EnableFilters flatten_css_imports; pagespeed CssFlattenMaxBytes 5120; pagespeed EnableFilters lazyload_images; pagespeed EnableFilters rewrite_javascript; pagespeed EnableFilters rewrite_images; pagespeed EnableFilters insert_dns_prefetch; pagespeed EnableFilters prioritize_critical_css; # This will correctly rewrite your subresources with https:// URLs and thus avoid mixed content warnings. # Note, that you should only enable this option if you are behind a load-balancer that will set this header, # otherwise your users will be able to set the protocol PageSpeed uses to interpret the request. # pagespeed RespectXForwardedProto on; auth_basic_user_file htpasswd/.htpasswd; include /etc/nginx/sites-custom/*.conf; location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include fastcgi.conf; fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; fastcgi_buffers 256 16k; fastcgi_buffer_size 128k; fastcgi_connect_timeout 3s; fastcgi_send_timeout 120s; fastcgi_read_timeout 120s; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } location ~ /\. { deny all; access_log off; log_not_found off; } location = /robots.txt { allow all; log_not_found off; access_log off; } # Uncomment, if you need to remove index.php from the # URL. Usefull if you use Codeigniter, Zendframework, etc. # or just need to remove the index.php # #location / { # try_files $uri $uri/ /index.php?$args; #} location ~* ^.+\.(css|js)$ { rewrite ^(.+)\.(\d+)\.(css|js)$ $1.$3 last; expires 30d; access_log off; log_not_found off; add_header Pragma public; add_header Cache-Control "max-age=2592000, public"; } location ~* \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|otf|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|t?gz|tif|tiff|ttf|wav|webm|wma|woff|wri|xla|xls|xlsx|xlt|xlw|zip)$ { expires 30d; access_log off; log_not_found off; add_header Pragma public; add_header Cache-Control "max-age=2592000, public"; } }

    Naxsi.rules file if necessary:

    LearningMode; SecRulesEnabled; DeniedUrl "/RequestDenied"; # Rules CheckRule "$SQL >= 8" BLOCK; CheckRule "$RFI >= 8" BLOCK; CheckRule "$TRAVERSAL >= 4" BLOCK; CheckRule "$EVADE >= 4" BLOCK; CheckRule "$XSS >= 8" BLOCK;

    naxsi_core.rules

    ################################## ## INTERNAL RULES IDS:1-999 ## ################################## #@MainRule "msg:weird request, unable to parse" id:1; #@MainRule "msg:request too big, stored on disk and not parsed" id:2; #@MainRule "msg:invalid hex encoding, null bytes" id:10; #@MainRule "msg:unknown content-type" id:11; #@MainRule "msg:invalid formatted url" id:12; #@MainRule "msg:invalid POST format" id:13; #@MainRule "msg:invalid POST boundary" id:14; #@MainRule "msg:invalid JSON" id:15; #@MainRule "msg:empty POST" id:16; #@MainRule "msg:libinjection_sql" id:17; #@MainRule "msg:libinjection_xss" id:18; ################################## ## SQL Injections IDs:1000-1099 ## ################################## MainRule "rx:select|union|update|delete|insert|table|from|ascii|hex|unhex|drop" "msg:sql keywords" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1000; MainRule "str:\"" "msg:double quote" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8,$XSS:8" id:1001; MainRule "str:0x" "msg:0x, possible hex encoding" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:2" id:1002; ## Hardcore rules MainRule "str:/*" "msg:mysql comment (/*)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1003; MainRule "str:*/" "msg:mysql comment (*/)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1004; MainRule "str:|" "msg:mysql keyword (|)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1005; MainRule "str:&&" "msg:mysql keyword (&&)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1006; ## end of hardcore rules MainRule "str:--" "msg:mysql comment (--)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1007; MainRule "str:;" "msg:; in stuff" "mz:BODY|URL|ARGS" "s:$SQL:4,$XSS:8" id:1008; MainRule "str:=" "msg:equal in var, probable sql/xss" "mz:ARGS|BODY" "s:$SQL:2" id:1009; MainRule "str:(" "msg:parenthesis, probable sql/xss" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1010; MainRule "str:)" "msg:parenthesis, probable sql/xss" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1011; MainRule "str:'" "msg:simple quote" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1013; MainRule "str:," "msg:, in stuff" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1015; MainRule "str:#" "msg:mysql comment (#)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1016; MainRule "str:@@" "msg:double @@" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1017; ############################### ## OBVIOUS RFI IDs:1100-1199 ## ############################### MainRule "str:http://" "msg:http:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1100; MainRule "str:https://" "msg:https:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1101; MainRule "str:ftp://" "msg:ftp:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1102; MainRule "str:php://" "msg:php:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1103; MainRule "str:sftp://" "msg:sftp:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1104; MainRule "str:zlib://" "msg:zlib:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1105; MainRule "str:data://" "msg:data:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1106; MainRule "str:glob://" "msg:glob:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1107; MainRule "str:phar://" "msg:phar:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1108; MainRule "str:file://" "msg:file:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1109; ####################################### ## Directory traversal IDs:1200-1299 ## ####################################### MainRule "str:.." "msg:double dot" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1200; MainRule "str:/etc/passwd" "msg:obvious probe" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1202; MainRule "str:c:\\" "msg:obvious windows path" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1203; MainRule "str:cmd.exe" "msg:obvious probe" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1204; MainRule "str:\\" "msg:backslash" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1205; #MainRule "str:/" "msg:slash in args" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:2" id:1206; ######################################## ## Cross Site Scripting IDs:1300-1399 ## ######################################## MainRule "str:<" "msg:html open tag" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1302; MainRule "str:>" "msg:html close tag" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1303; MainRule "str:[" "msg:[, possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1310; MainRule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311; MainRule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312; MainRule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314; MainRule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315; #################################### ## Evading tricks IDs: 1400-1500 ## #################################### MainRule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400; MainRule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401; ############################# ## File uploads: 1500-1600 ## ############################# MainRule "rx:\.ph|\.asp|\.ht" "msg:asp/php file upload!" "mz:FILE_EXT" "s:$UPLOAD:8" id:1500;

    In error log I found this:

    2015/09/27 16:02:22 [error] 20505#0: *1163 NAXSI_FMT: ip=108.xx.221.xx7&server=sondorsforum.com&uri=/socket.io/&learning=1&vers=0.54&total_processed=633&total_blocked=553&block=1&zone0=BODY&id0=11&var_name0=, client: 1x8.1xx.221.xx7, server: sondorsforum.com, request: "POST /socket.io/?EIO=3&transport=polling&t=1443362898342-122709&sid=Z6hgNYilz7n697KEAAAs HTTP/1.1", host: "sondorsforum.com", referrer: "https://sondorsforum.com/topic/55/kt-lcd3-display-connector-type-pins/15" 2015/09/27 16:02:25 [error] 20505#0: *1166 NAXSI_FMT: ip=10x.162.2xx.1x5&server=sondorsforum.com&uri=/socket.io/&learning=1&vers=0.54&total_processed=635&total_blocked=554&block=1&cscore0=$XSS&score0=40&zone0=HEADERS&id0=1315&var_name0=cookie&zone1=BODY&id1=11&var_name1=, client: 10x.162.2xx.1x5, server: sondorsforum.com, request: "POST /socket.io/?EIO=3&transport=polling&t=1443362548069-1547&sid=JdOnEYo8eOjo92KZAAA1 HTTP/1.1", host: "sondorsforum.com", referrer: "https://sondorsforum.com/topic/70/kt-lcd3-settings-for-sondors" 2015/09/27 16:02:25 [error] 20505#0: *1166 NAXSI_FMT: ip=108.12x.2x2.1x5&server=sondorsforum.com&uri=/socket.io/&learning=1&vers=0.54&total_processed=636&total_blocked=555&block=1&cscore0=$XSS&score0=40&zone0=HEADERS&id0=1315&var_name0=cookie, client: 1x8.16x.2x2.1x5, server: sondorsforum.com, request: "GET /socket.io/?EIO=3&transport=polling&t=1443362548905-1548&sid=JdOnEYo8eOjo92KZAAA1 HTTP/1.1", host: "sondorsforum.com", referrer: "https://sondorsforum.com/topic/70/kt-lcd3-settings-for-sondors" 2015/09/27 16:02:29 [error] 20505#0: *1169 NAXSI_FMT: ip=16x.1x8.88.x06&server=sondorsforum.com&uri=/socket.io/&learning=1&vers=0.54&total_processed=637&total_blocked=556&block=1&cscore0=$SQL&score0=40&cscore1=$XSS&score1=200&zone0=HEADERS&id0=1005&var_name0=cookie&zone1=HEADERS&id1=1010&var_name1=cookie&zone2=HEADERS&id2=1011&var_name2=cookie&zone3=HEADERS&id3=1315&var_name3=cookie&zone4=BODY&id4=11&var_name4=, client: x6x.1x8.8x.x06, server: sondorsforum.com, request: "POST /socket.io/?EIO=3&transport=polling&t=1443362548637-13651&sid=uaVLv6IIo-6DDqrCAAA2 HTTP/1.1", host: "sondorsforum.com", referrer: "https://sondorsforum.com/unread"

    Thanks for your help

  • 0 Votes
    6 Posts
    3k Views
    H

    @Kowlin some of their tutorials are confusing but some I've found to be excellent. I think it depends on the tutor perhaps?

  • 0 Votes
    7 Posts
    4k Views
    S

    Try removing the SPDY support and see if it works. I had to disable SPDY with SSL to get it to towork.

  • 0 Votes
    4 Posts
    3k Views
    julianJ

    Thanks for answering this with such speed @Kowlin @pichalite 😄

  • 3 Votes
    1 Posts
    2k Views
    eva2000E

    @psychobunny @julian been a while since I played with NodeBB. But now that my Centmin Mod LEMP .08 stable release is out, I decided to play with NodeBB v0.7.2 + Centmin Mod Nginx server setup 🙂

    Posted a full how to install guide at https://community.centminmod.com/threads/centmin-mod-nginx-nodebb-forum-install.4009/

    Only issue I have right now is forever restart or ./nodebb restart commands don't seem to work ? Stop and start work fine.

    Comments and suggestions are welcome 🙂

  • 0 Votes
    1 Posts
    2k Views
    Aphex124 -Mike-A

    I have a problem, yet again...

    So recently, I have discovered that when I start NodeBB, the page only loads the top bar. http://prntscr.com/7jts5k If anybody knows how to fix this, your input would be appreciated.

    FIX: Stop the following services: redis-server & redis_6379. Run redis-server in the terminal to restart it. Restart nodebb.

    -Aphex

  • 0 Votes
    8 Posts
    4k Views
    A

    You can add it in your DNS settings of your domain.