Fresh installation problems with VBC 5.3.2 and SSL

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Devorian
    Member
    • Apr 2013
    • 39
    • 5.1.x

    Fresh installation problems with VBC 5.3.2 and SSL

    I've spend long time trying to fix myself this issue, but luck was not on my side.
    Well. What we do we have? We have a Ubuntu server. Everybody (almost) have it now. It version 17.
    What do we got else?
    We got nginx server with php7.0 fpm attached to it.

    We've got vbulletin 5 connect version 5.3.2 pointed to documents_root/Community path
    We've got nginx vhost, maded by vbulletin manual. That host works with enforced ssl. VBulletin was installed on clean SSL, not migrated from HTTP.
    After the installation it looks disaster. I was tryed to install it on Apache SSL also (just for lulz) - same story

    That how it looks now:


    I can assume that there is also something in nginx config, but probably, admincp doesn't work from default (on apache i got same result on clean host)

    But anyway, here is nginx vhost conf:
    Code:
    # Default server configuration
    #
    server {
            listen 80 default_server;
            listen [::]:80 default_server;
    
            root /var/www/flap-pool.world/http/web;
    
            # Add index.php to the list if you are using PHP
            index index.html index.htm index.nginx-debian.html;
    
            server_name flap-pool.world;
            # enforce https
            return 301 https://$server_name$request_uri;
            }
    
    
    server {
            listen 443 ssl http2;
            listen [::]:443 ssl http2;
            server_name flap-pool.world www.flap-pool.world;
    
            root /var/www/flap-pool.world/html/web;
            index index.php index.html;
    
            access_log /var/log/nginx/fpw.app-access.log;
            error_log  /var/log/nginx/fpw.app-error.log error;
    
            # allow larger file uploads and longer script runtimes
            client_body_buffer_size  1k;
            client_header_buffer_size 1k;
            client_max_body_size 100k;
            large_client_header_buffers 2 1k;
            sendfile off;
    
            # strengthen ssl security
            ssl_certificate /etc/ssl/certs/fpw.crt;
            ssl_certificate_key /etc/ssl/private/fpw.key;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_prefer_server_ciphers on;
            ssl_session_cache shared:SSL:10m;
    
            # configuration rules
            location = /Community/css\.php {
                    rewrite ^ /Community/core/css.php break;
            }
            # make install available from presentation
            location ^~ /Community/install {
                    rewrite ^/Community/install/ /Community/core/install/ break;
            }
            # any request to not existing item gets redirected through routestring
            location /Community/ {
                    if (!-f $request_filename) {
                            rewrite ^/Community/(.*)$ /index.php?routestring=$1 last;
                    }
            }
            # make admincp available from presentation
            location ^~ /Community/admincp {
                    if (!-f $request_filename) {
                            rewrite ^/Community/admincp/(.*)$ /index.php?routestring=admincp/$1 last;
                    }
            }
     # process any php scripts, not found gets redirected through routestring
            location ~ \.php$ {
                    # handles legacy scripts
                    if (!-f $request_filename) {
                            rewrite ^/(.*)$ /index.php?routestring=$1 break;
                    }
    
                    fastcgi_split_path_info ^(.+\.php)(.*)$;
                    fastcgi_index index.php;
                    fastcgi_pass php7;
                    fastcgi_param SCRIPT_FILENAME $document_root/Community/$fastcgi_script_name;
                    include fastcgi_params;
                    fastcgi_param QUERY_STRING $query_string;
                    fastcgi_param REQUEST_METHOD $request_method;
                    fastcgi_param CONTENT_TYPE $content_type;
                    fastcgi_param CONTENT_LENGTH $content_length;
                    fastcgi_intercept_errors on;
                    fastcgi_ignore_client_abort off;
                    fastcgi_connect_timeout 240;
                    fastcgi_send_timeout 360;
                    fastcgi_read_timeout 360;
                    fastcgi_buffers 256 64k;
                    fastcgi_buffer_size 256k;
                    fastcgi_temp_file_write_size 1024k;
            }
            }
    
    upstream php7 {
            server  unix:/var/run/php/php7.0-fpm.sock;
            }
    I was added base_url with https into /core/included/config.php - doesn't gaved any result.



    Admin CP also not avaible.
    Need help!
  • Wayne Luke
    vBulletin Technical Support Lead
    • Aug 2000
    • 73981

    #2
    I cannot see your image. It was blocked by my malware detection software. Can you upload it directly to this server as an attachment?

    If you have no formatting, then either something is being blocked by the browser because it isn't secure or the rewrites in your virtual host file aren't working. Looking at the file above, it is looking to redirect to a /Community/ directory when your vBulletin is installed in a /forum/ directory per your customer account. You would need to update the redirects to actually point to your directory.

    This code is missing the directory altogether.
    Code:
     
                     if (!-f $request_filename) {                         rewrite ^/(.*)$ /index.php?routestring=$1 break;                 }
    Translations provided by Google.

    Wayne Luke
    The Rabid Badger - a vBulletin Cloud demonstration site.
    vBulletin 5 API

    Comment

    • Devorian
      Member
      • Apr 2013
      • 39
      • 5.1.x

      #3
      Well, i was changed link, forum installed in /Community/ directory, i also entered base_url in /core/include/config.php
      here is updated new nginx config:
      Code:
      # Default server configuration
      #
      server {
              listen 80 default_server;
              listen [::]:80 default_server;
      
              root /var/www/flap-pool.world/http/web;
      
              # Add index.php to the list if you are using PHP
              index index.html index.htm index.nginx-debian.html;
      
              server_name flap-pool.world;
              # enforce https
              return 301 https://$server_name$request_uri;
              }
      
      
      server {
              listen 443 ssl http2;
              listen [::]:443 ssl http2;
              server_name flap-pool.world www.flap-pool.world;
      
      
              root /var/www/flap-pool.world/html/web;
              index index.php index.html;
      
              access_log /var/log/nginx/fpw.app-access.log;
              error_log  /var/log/nginx/fpw.app-error.log error;
      
              # allow larger file uploads and longer script runtimes
              client_body_buffer_size  1k;
              client_header_buffer_size 1k;
              client_max_body_size 100k;
              large_client_header_buffers 2 1k;
              sendfile off;
      
              # strengthen ssl security
              ssl_certificate /etc/ssl/certs/fpw.crt;
              ssl_certificate_key /etc/ssl/private/fpw.key;
              ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
              ssl_prefer_server_ciphers on;
              ssl_session_cache shared:SSL:10m;
      
              # configuration rules
      #       location = /Community/css\.php {
      #                rewrite ^ /Community/core/css.php break;
      #        }
              # make install available from presentation
              location ^~ /Community/install {
                      rewrite ^/Community/install/ /Community/core/install/ break;
              }
              # any request to not existing item gets redirected through routestring
              location /Community/ {
                      if (!-f $request_filename) {
                              rewrite ^/Community/(.*)$ /index.php?routestring=$1 last;
                      }
              }
              # make admincp available from presentation
              location ^~ /Community/admincp {
      
                      if (!-f $request_filename) {
                              rewrite ^/Community/admincp/(.*)$ /index.php?routestring=admincp/$1 last;
                      }
              }
       # process any php scripts, not found gets redirected through routestring
              location ~ \.php$ {
                      # handles legacy scripts
                      if (!-f $request_filename) {
                              rewrite ^/Community/(.*)$ /Community/index.php?routestring=$1 break;
                      }
      
                      fastcgi_split_path_info ^(.+\.php)(.*)$;
                      fastcgi_index index.php;
                      fastcgi_pass php7;
                      fastcgi_param SCRIPT_FILENAME $document_root/Community/$fastcgi_script_name;
                      include fastcgi_params;
                      fastcgi_param QUERY_STRING $query_string;
                      fastcgi_param REQUEST_METHOD $request_method;
                      fastcgi_param CONTENT_TYPE $content_type;
                      fastcgi_param CONTENT_LENGTH $content_length;
                      fastcgi_intercept_errors on;
                      fastcgi_ignore_client_abort off;
                      fastcgi_connect_timeout 240;
                      fastcgi_send_timeout 360;
                      fastcgi_read_timeout 360;
                      fastcgi_buffers 256 64k;
                      fastcgi_buffer_size 256k;
                      fastcgi_temp_file_write_size 1024k;
              location ~ /Community/.*\.php$ {
                      if (!-f $request_filename) {
                      rewrite ^/Community/(.*)$ /Community/index.php?routestring=$1 break;
                      }
                      fastcgi_split_path_info ^(.+\.php)(/.+)$;
                      fastcgi_pass php7;
                      fastcgi_index index.php;
                      fastcgi_param  SCRIPT_FILENAME    $request_filename;
      
              }
              }
      #Ethereum Pool API
              location /api {
              proxy_pass https://api;
              }
              }
      
      upstream php7 {
              server  unix:/var/run/php/php7.0-fpm.sock;
              }
      upstream api {
              server 127.0.0.1:8080;
              }
      Here is screenshot attached
      Click image for larger version

Name:	vbssl.png
Views:	374
Size:	582.2 KB
ID:	4377604

      Comment

      • Wayne Luke
        vBulletin Technical Support Lead
        • Aug 2000
        • 73981

        #4
        Your CSS isn't working for some reason... When you click on any of the CSS links in the page source, the result is a blank page. This means either the CSS just isn't there or there is a PHP error.

        For the first scenario, in the AdminCP go to Settings -> Options -> Style & Language Options and set the system to store CSS in the file system. Does the page work now?

        For the second scenario, you need to put vBulletin into Debug mode so we can see the error. https://www.vbulletin.com/forum/blog...vb5-debug-mode

        You shouldn't need to set the base URL in /core/includes/config.php.
        Translations provided by Google.

        Wayne Luke
        The Rabid Badger - a vBulletin Cloud demonstration site.
        vBulletin 5 API

        Comment

        • Devorian
          Member
          • Apr 2013
          • 39
          • 5.1.x

          #5
          I removed base_url from config.php and uncommented css section in host config.

          The problem is that admincp also didn't working.
          I get same situation last time when i made clean apache install - exactly same situation

          Comment

          • Wayne Luke
            vBulletin Technical Support Lead
            • Aug 2000
            • 73981

            #6
            Originally posted by Devorian
            The problem is that admincp also didn't working.
            This statement doesn't help us solve your problem. It provides absolutely no information on what the problem is. When I visit your AdminCP directly, it loads properly.

            Still not seeing CSS on the main site and it is not in Debug mode so there is no helpful information there.

            Translations provided by Google.

            Wayne Luke
            The Rabid Badger - a vBulletin Cloud demonstration site.
            vBulletin 5 API

            Comment

            • Devorian
              Member
              • Apr 2013
              • 39
              • 5.1.x

              #7
              At admin panel only front open's ok, after enter login data it starts:
              Code:
              https://flap-pool.world/Community/login.php?do=login
              in adress bar and nothing going on.
              I also tryed to login on forum and then login into admincp - same problem

              Comment

              • Devorian
                Member
                • Apr 2013
                • 39
                • 5.1.x

                #8
                I was checking access log for nginx, look like it trying to GET css and GET HTTP 200 (as i remember, it mean's that everything is good):

                Code:
                31.129.202.1 - - [19/Sep/2017:21:15:44 +0000] "GET /Community/css.php?styleid=1&td=ltr&sheet=css_additional.css&ts=1505757995 HTTP/2.0" 200 110 "https://flap-pool.world/Community/auth/login" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
                31.129.202.1 - - [19/Sep/2017:21:15:45 +0000] "GET /Community/ HTTP/2.0" 200 12698 "https://flap-pool.world/Community/auth/login" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
                31.129.202.1 - - [19/Sep/2017:21:15:45 +0000] "GET /Community/css.php?styleid=1&td=ltr&sheet=css_reset.css,css_unreset.css,css_utilities.css&ts=1505757995 HTTP/2.0" 200 110 "https://flap-pool.world/Community/" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
                31.129.202.1 - - [19/Sep/2017:21:15:45 +0000] "GET /Community/css.php?styleid=1&td=ltr&sheet=css_imgareaselect-animated.css,css_jquery-ui-1_11_4_custom.css,css_jquery_qtip_min.css,css_jquery_selectBox.css,css_global.css,css_fonts.css,css_b_link.css,css_b_layout.css,css_b_button.css,css_b_button_group.css,css_b_icon.css,css_b_tabbed_pane.css,css_b_form_control.$
                31.129.202.1 - - [19/Sep/2017:21:15:45 +0000] "GET /Community/css.php?styleid=1&td=ltr&sheet=css_additional.css&ts=1505757995 HTTP/2.0" 200 110 "https://flap-pool.world/Community/" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
                31.129.202.1 - - [19/Sep/2017:21:15:45 +0000] "GET /Community/css.php?styleid=1&td=ltr&sheet=css_sitebuilder.css,css_b_config_site.css,color_style.css&ts=1505757995 HTTP/2.0" 200 110 "https://flap-pool.world/Community/" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"

                Comment

                • Wayne Luke
                  vBulletin Technical Support Lead
                  • Aug 2000
                  • 73981

                  #9
                  Everything isn't good. This URL should return a lot of CSS code to format your page:
                  https://flap-pool.world/Community/cs...&ts=1505757995

                  It returns a blank screen. This means there is an error somewhere. You need to move it to the file system and/or enable debug mode like I asked several posts ago, you will never get this issue solved.

                  A 200 in the access log doesn't tell me what the problem is.
                  Translations provided by Google.

                  Wayne Luke
                  The Rabid Badger - a vBulletin Cloud demonstration site.
                  vBulletin 5 API

                  Comment

                  Related Topics

                  Collapse

                  Working...