Hello,
I'm running NodeBB v1.4.0 behind an Apache server and a nginx server (I would rather use only nginx, but all incoming trafic must go to the Apache server because of another app I host on the same server).
My Apache server has SSL configured:
<VirtualHost *:80>
ServerName myforum.com
Redirect / https://myforum.com
RequestHeader set X-Forwarded-Proto "http"
</VirtualHost>
<VirtualHost *:443>
ServerName myforum.com
ProxyPass / http://0.0.0.0:8080/
ProxyPassReverse / http://0.0.0.0:8080/
ProxyPreserveHost On
ProxyRequests Off
RequestHeader set X-Forwarded-Proto "https"
########## SSL
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl/myforum.com/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl/myforum.com/server.key
SSLCertificateChainFile /etc/httpd/conf/ssl/myforum.com/server.ca-bundle
########## FIN SSL
</VirtualHost>
It actually redirect port myforum.com trafic towards a nginx server on port 8080 which redirects to the NodeBB server running on port 4567:
server {
listen 8080;
server_name myforum.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:4567/;
proxy_redirect off;
# Socket.IO Support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-Proto $scheme;
proxy_headers_hash_bucket_size 128;
}
}
This gives me the "It looks like your login session is no longer active, or no longer matches with the server. Please refresh this page." Session mismatch error. (invalid csrf token in logs)
Replacing "https://myforum.com" in my config.json by "http://myforum.com" does solve the login issue but smileys are served over http so are not displayed.
I've read many things regarding this issue about adding the X-Forwarded-Proto $scheme. I've added it to both server.
Any suggestion ?