502 for post pages, error reading status line from remote server localhost:4567

Technical Support
  • After an upgrade to 1.13.2 (I think from 1.12.x), I cannot access any forum posts anymore. I reconfigered my apache conf as per the docs - the Websocket passthrough rules definitely weren't required with the old version, but something's not right. I can load the forum main pages, but as soon as I try to load a post page, after some delay, I get a 502 in the browser and this in my apache error log:

    [Thu Feb 27 21:11:21.672963 2020] [proxy_http:error] [pid 5133] (20014)Internal error (specific information not available): [client x.x.x.x:62276] AH01102: error reading status line from remote server localhost:4567
    [Thu Feb 27 21:11:21.673075 2020] [proxy:error] [pid 5133] [client x.x.x.x:62276] AH00898: Error reading from remote server returned by /topic/19/mapillary-integration-und-trailviews
    

    I'm running Apache/2.4.7 on Ubuntu, there's another (Java based) Websocket server running on another v-host on that box which works ok.

    Here's the full conf for the forum v-host:

    <VirtualHost xxxxx.xx:443>
        ServerName   xxxxx.xx
        ServerSignature Off
        SSLEngine On
        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLProtocol all -SSLv2 -SSLv3
        SSLHonorCipherOrder On
        SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
    #     Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
    
        # Basic security headers
        Header always set X-Content-Type-Options "nosniff"
        Header always set X-Xss-Protection "1; mode=block"
        
        RequestHeader set X-Forwarded-Proto "https"
        
        ProxyRequests off
        <Proxy *>
            Order deny,allow
            Allow from all
        </Proxy>
        
        # Websocket passthrough
        RewriteEngine On
        RewriteCond %{REQUEST_URI}  ^/socket.io            [NC]
        RewriteCond %{QUERY_STRING} transport=websocket    [NC]
        RewriteRule /(.*)           ws://localhost:4567/$1 [P,L]
        
        ProxyPass / http://localhost:4567/
        ProxyPassReverse / http://localhost:4567/
            
        SSLCertificateFile /etc/letsencrypt/live/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/chain.pem
    </VirtualHost>
    
    
  • Are there any nodebb errors? Can you access those pages of you bypass the reverse proxy?

  • There are no errors in nodebb's log file.

    If I change the config.json url to http://<myip>:4567 and try to load that in my browser, I get the main page again, but now 403s and this in the console:

    You are accessing the forum from an unknown origin. This will likely result in websockets failing to connect. 
    To fix this, set the `"url"` value in `config.json` to the URL at which you access the site. 
    

    That's weird, because for that test, that URL is set to the one I'm accessing it by?!

  • Meanwhile I've reverted to my previously installed version (1.12.0) and everything is fine again. Completely lost here.

  • Sounds like it could be a plugin incompatibility. How were you checking the NodeBB logs?

  • By looking into logs/output.log


Suggested Topics