After an upgrade to 1.13.2 (I think from 1.12.x), I cannot access any forum posts anymore. I reconfigered my apache conf as per the docs - the Websocket passthrough rules definitely weren't required with the old version, but something's not right. I can load the forum main pages, but as soon as I try to load a post page, after some delay, I get a 502 in the browser and this in my apache error log:
[Thu Feb 27 21:11:21.672963 2020] [proxy_http:error] [pid 5133] (20014)Internal error (specific information not available): [client x.x.x.x:62276] AH01102: error reading status line from remote server localhost:4567
[Thu Feb 27 21:11:21.673075 2020] [proxy:error] [pid 5133] [client x.x.x.x:62276] AH00898: Error reading from remote server returned by /topic/19/mapillary-integration-und-trailviews
I'm running Apache/2.4.7 on Ubuntu, there's another (Java based) Websocket server running on another v-host on that box which works ok.
Here's the full conf for the forum v-host:
<VirtualHost xxxxx.xx:443>
ServerName xxxxx.xx
ServerSignature Off
SSLEngine On
Include /etc/letsencrypt/options-ssl-apache.conf
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
# Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
# Basic security headers
Header always set X-Content-Type-Options "nosniff"
Header always set X-Xss-Protection "1; mode=block"
RequestHeader set X-Forwarded-Proto "https"
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
# Websocket passthrough
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://localhost:4567/$1 [P,L]
ProxyPass / http://localhost:4567/
ProxyPassReverse / http://localhost:4567/
SSLCertificateFile /etc/letsencrypt/live/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/chain.pem
</VirtualHost>
Are there any nodebb errors? Can you access those pages of you bypass the reverse proxy?
There are no errors in nodebb's log file.
If I change the config.json url to http://<myip>:4567 and try to load that in my browser, I get the main page again, but now 403s and this in the console:
You are accessing the forum from an unknown origin. This will likely result in websockets failing to connect.
To fix this, set the `"url"` value in `config.json` to the URL at which you access the site.
That's weird, because for that test, that URL is set to the one I'm accessing it by?!
Meanwhile I've reverted to my previously installed version (1.12.0) and everything is fine again. Completely lost here.
Sounds like it could be a plugin incompatibility. How were you checking the NodeBB logs?
By looking into logs/output.log
