XF 1.5 Suddenly can't upload attachments/images

[Nicky Vermeersch]

For some reason yet unknown I can no longer upload images or attachments to my website. When trying to upload something I receive this error in my browser console:

bb_code_edit.js?_v=a17a5c6f:30 POST https://www.mcmiddleearth.com/attachments/do-upload.json?hash=6285c937decb684a51fd657bdfa678ae&content_type=post 404 (Not Found)

Anyone has experience with this kind of behaviour?

 

[Nicky Vermeersch]

Also weird to note, there is no /attachments/ folder in my install, nor can I remember this to be a thing in Xenforo? Maybe malformed url?

 

[Paul B]

If the data or internal_data directories are missing then you may want to contact your host and ask them to investigate.

All of the attachments uploaded to your forum are stored there.

 

[Nicky Vermeersch]

The data and internal data directories are there, with attachments residing both within data/ and internal_data/
Also attachments are working fine and being served on the website. It is just that the 404 to me seems evident when it is trying to get something from a directory that is not there, nor can I locate that do-upload.json file

edit: It looks like when I disable the flash uploader and when I upload a single file through the "Upload a file system prompt" that it works. However dragging and dropping stuff into the message body produces the 404 error.

edit2: Also interesting to know is that other sites that run on the same VPS, with the same webserver and php processor (php-fpm) are not having this issue.

 

[Sunka]

Maybe it is problem in browser. Newest chrome might block flash.
Try with another older browser, so you can isolate that it is browser "bug" with flash.

 

[Nicky Vermeersch]

Maybe it is problem in browser. Newest chrome might block flash.
Try with another older browser, so you can isolate that it is browser "bug" with flash.

Yeah at first I encountered it on Firefox, I tried it on Google Chrome and it had the same problem and error. Also tried removing both my browsers' cache, figuring that it might be some client-side javascript, but the same error appears. I also had a report from another user who has the same issue which makes me believe it might be server related?

edit: found a pretty old thread on Xenforo with the same problem (the do-upload.json thing) in which it was recommended to turn put chmod 777 on all the files and subdirectories. However im not so sure about this practice and especially giving execute permissions on a publicly writeable directory. Because even with the location data or internal_data block set to internal, this could be pretty harmful no?

 

[AndyB]

this could be pretty harmful no?

Nothing to worry about, it's required on some servers to be 0777,

 

[Nicky Vermeersch]

Nothing to worry about, it's required on some servers to be 0777,

So setting chmod -R 0777 on both the data and internal_data should be nothing to worry about? I'm not so versed in nginx, but if there was ever something in there (like a bash script uploaded through the attachments system) that could be remotely executed, wouldn't that pose a problem?

 

[AndyB]

So setting chmod -R 0777 on both the data and internal_data should be nothing to worry about?

Correct nothing to worry about.

 

[Nicky Vermeersch]

Hmm despite setting chmod 777 on both data and internal_data didn't solve the issue of not being able to upload, but it sure removed the error from the browser console.
Now I'm getting "There was a problem uploading your file."
I disabled the "Use Flash Uploader" option at the ACP > Attachments, which did not seem to fix the issue.
Also checked the web server error log and the php-fpm error log in which no errors were saved, the issue seems to love being elusive :O

 

[TPerry]

So setting chmod -R 0777 on both the data and internal_data should be nothing to worry about? I'm not so versed in nginx, but if there was ever something in there (like a bash script uploaded through the attachments system) that could be remotely executed, wouldn't that pose a problem?

I strictly run as 664/775 on mine.

 

[Nicky Vermeersch]

It was caused by

#location ~* \.(?:manifest|appcache|html?|xml|json)$ {
    #  expires -1;
    #}

In the nginx configuration which made json files 404, which broke the drag and drop upload functionality. All working now!