Skip to content
  • Home
  • Categories
  • Recent
  • Popular
  • World
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo
v3.10.3 Latest
Buy Hosting
W

windkomo

@windkomo
About
Posts
5
Topics
1
Groups
0
Followers
0
Following
0

Posts

Recent Best Controversial
  • Apache + nginx SSL config for csrf token
    W windkomo

    @Steven-Rafferty I followed this : https://docs.nodebb.org/en/latest/installing/os/centos.html () CentOS 6.5.
    Sadly starting fresh is not an option for me 😞

  • Apache + nginx SSL config for csrf token
    W windkomo

    @Steven-Rafferty I'm using mongodb. I set my cookieDomain to "" but this did not solve the issue 😞

  • Apache + nginx SSL config for csrf token
    W windkomo

    @PitaJ @Steven-Rafferty Oh sorry, I installed it with the ./nodebb setup command.

  • Apache + nginx SSL config for csrf token
    W windkomo

    @Steven-Rafferty Hey,

    No, I installed it through git !

  • Apache + nginx SSL config for csrf token
    W windkomo

    Hello,

    I'm running NodeBB v1.4.0 behind an Apache server and a nginx server (I would rather use only nginx, but all incoming trafic must go to the Apache server because of another app I host on the same server).

    My Apache server has SSL configured:

      <VirtualHost *:80>
   ServerName myforum.com
   Redirect / https://myforum.com
    RequestHeader set X-Forwarded-Proto "http"
 </VirtualHost>

<VirtualHost *:443>
   ServerName myforum.com
   ProxyPass / http://0.0.0.0:8080/
   ProxyPassReverse / http://0.0.0.0:8080/
   ProxyPreserveHost On
   ProxyRequests Off
   RequestHeader set X-Forwarded-Proto "https"
########## SSL
         SSLEngine on
         SSLCertificateFile /etc/httpd/conf/ssl/myforum.com/server.crt
         SSLCertificateKeyFile /etc/httpd/conf/ssl/myforum.com/server.key
         SSLCertificateChainFile /etc/httpd/conf/ssl/myforum.com/server.ca-bundle
########## FIN SSL
</VirtualHost>

    It actually redirect port myforum.com trafic towards a nginx server on port 8080 which redirects to the NodeBB server running on port 4567:

    server {
    listen       8080;
    server_name  myforum.com;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;

        proxy_pass http://127.0.0.1:4567/;
        proxy_redirect off;

        # Socket.IO Support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_headers_hash_bucket_size 128;
     }
}

    This gives me the "It looks like your login session is no longer active, or no longer matches with the server. Please refresh this page." Session mismatch error. (invalid csrf token in logs)
    Replacing "https://myforum.com" in my config.json by "http://myforum.com" does solve the login issue but smileys are served over http so are not displayed.

    I've read many things regarding this issue about adding the X-Forwarded-Proto $scheme. I've added it to both server.
    Any suggestion ?

  • Login
  • Don't have an account? Register
  • Login or register to search.
Powered by NodeBB Contributors
  • First post
    Last post
0
  • Home
  • Categories
  • Recent
  • Popular
  • World
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development