Thank you hek.
Problem here is to serve Wordpress and NodeBB using proxy and not a problem with firewall.
You have ports and stuff set up weirdly, what are you trying to do there?
"port": 80in config.json
still getting expired session every time when logging in, and still unable to use https:// because of Error 523 on cloudflare. added the "port": 80, to the config, removed the :80 from the url and did ./nodebb restart
What is your cloudflare setup? Is it set up to add SSL/TLS to your site?
currently the ssl mode is set to Full, Minimum TLS Version is TLS 1.2, Automatic HTTPS Rewrites is set to On, Onion Routing is On, Opportunistic Encryption is On, and Authenticated Origin Pulls is On. also TLS 1.3 is set to Enable+0RTT
tried disabling the proxy seting under dns on cloudflare and I'm able to login, but I'd rather not have things unproxied.
I also still can't use https:// even when set to unproxied.
I recommend you set up nginx as a reverse proxy with Let'sEncrypt for your TLS certificate, which is safer than using CF SSL protection.
Once you get that working you can experiment with different cloudflare options, since that seems to be your problem.
is there a way to use letsencrypt without nginx?
@VaasKahnGrim you can use a different reverse proxy but I don't believe NodeBB supports https.
is there a way to do it without needing a reverse proxy or any additional software besides NPM? Was hoping I could keep things as minimal as possible
There's no way to expose HTTPS without a reverse proxy. This was a conscious decision to keep a separation of concerns, reduce development overhead, because reverse proxies have better support, and because anyone running multiple instances will need one for load balancing anyways.
Nginx is quite easy to set up, and LetsEncrypt has very good support for it.