Xenforo 1.5.2 Bug

P

PlayStage

Active member
Hello,

Firstly I'm using nginx 1.9.6 and PHP 5.6.
The problem is that I cannot use the friendly urls feature without breaking the basic functionalities: posting, reading topics.

The nginx vhost was configured to include [try_files $uri $uri/ /index.php?$uri&$args;]


Kind regards,
George.
 
Code: 
        location / {
                try_files $uri $uri/ /index.php?$uri&$args;
                location /internal_data {
                        location ~ \.(data|html|php)$ {
                                internal;
                        }
                        internal;
                }
                location /library {
                        location ~ \.(default|html|php|txt|xml)$ {
                                internal;
                        }
                        internal;
                }
        }
Works fine.
 
Hello,

I did and the urls are properly rewritten but some software functions stopped working.
Disabling the url rewrite from ACP makes the post, moderate, read certain topics functions return to normal.

Kind regards,
George.
 
Set3sh said:
I did and the urls are properly rewritten but some software functions stopped working.
Click to expand...
Which functions?

If you mean any page other than the forum index fails to load, then that means the config isn't working.

Did you change the path to reflect where XenForo is installed, as it explains in the instructions?
 
Hello,

Here it is the full vhost content.

Code: 
server {
    listen        ***censored***:80;
    server_name    domain.tld www.domain.tld forum.domain.tld;
    return        301 https://www.domain.tld$request_uri;
}

server {
    listen ***censored***:443 ssl http2;
    server_name    forum.domain.tld;
    add_header    Strict-Transport-Security max-age=31536000;
    ssl on;
    ssl_certificate ***censored***;
    ssl_certificate_key ***censored***;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
    ssl_prefer_server_ciphers on;
    return        301 https://www.domain.tld$request_uri;
}

server {
    listen ***censored***:443 ssl http2;
    server_name    domain.tld;
    add_header    Strict-Transport-Security max-age=31536000;
    ssl on;
    ssl_certificate ***censored***;
    ssl_certificate_key ***censored***;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
    ssl_prefer_server_ciphers on;
    return        301 https://www.$server_name$request_uri;
}

server {
    listen ***censored***:443 ssl http2;
   
    root ***censored***;
    index index.php index.html index.htm;
    server_name    www.domain.tld;
   
    add_header    Strict-Transport-Security max-age=31536000;
    ssl on;
    ssl_certificate ***censored***;
    ssl_certificate_key ***censored***;
   
    #enables all versions of TLS, but not SSLv2 or 3 which are weak and now deprecated.
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   
    #Disables all weak ciphers
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
    ssl_prefer_server_ciphers on;
   
    location / {
        try_files $uri $uri/ /index.php?$uri&$args;
        default_type text/html;
       
        if ($http_origin ~ "^(https://cdn.domain.tld|https://www.domain.tld)$") {
            add_header "Access-Control-Allow-Origin" $http_origin;
        }
       
        if ($query_string ~ "base64_encode.*\(.*\)") {
            return 403;
        }
       
        if ($query_string ~* "(\<|%3C).*script.*(\>|%3E)") {
            return 403;
        }
       
        if ($query_string ~ "GLOBALS(=|\[|\%[0-9A-Z]{0,2})") {
            return 403;
        }
       
        if ($query_string ~ "_REQUEST(=|\[|\%[0-9A-Z]{0,2})") {
            return 403;
        }
       
        location /internal_data {
            location ~ \.(data|html|php)$ {
                internal;
        }
            internal;
        }
       
        location /library {
            location ~ \.(default|html|php|txt|xml)$ {
                internal;
        }
            internal;
        }
    }
   
    location ~ /\. {
        deny all;
    }
   
    location ~* \.(?:manifest|appcache)$ {
        expires -1;
        open_file_cache off;
        access_log off;
    }
   
    location ~* ^.+\.(?:css|cur|js|jpeg|gif|htc|ico|png|otf|ttf|eot|woff|svg)$ {
        expires 15d;
        access_log off;
        add_header Pragma public;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";

        open_file_cache max=3000 inactive=120s;
        open_file_cache_valid 45s;
        open_file_cache_min_uses 3;
        open_file_cache_errors off;
    }
   
    location ~ \.php$ {
        try_files $uri =404;
       
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        include fastcgi_params;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_max_temp_file_size 0;
        fastcgi_buffer_size 4K;
        fastcgi_buffers 64 4k;
        fastcgi_pass unix:/***censored***/php-fpm.sock;
    }
}


Kind regards,
George.
 
You must log in or register to reply here.

Similar threads

X
  • Question Question
XF 1.5 Upgrading from XenForo 1 to 2 and XenMedio 1 to 2
Replies
2
Views
90
XnForFanKN
X
JackieChun
Fixed Upgrading from XenForo 1.5.5a to 2.3 doesn't work
Replies
16
Views
370
XF Bug Bot
XF Bug Bot
BikeGremlin
Not a bug Dark Mode bug (edit: cloudflare-related probably - not a xenforo bug)
Replies
1
Views
56
Digital Doctor
Digital Doctor
Andro
Duplicate Connected accounts: XenForo - bug
Replies
1
Views
53
Jeremy P
Jeremy P
jman
Duplicate [Bug Fix] Fixing Undefined Array Key Error in AbstractCollection in XenForo 2.3.0
Replies
1
Views
122
Jeremy P
Jeremy P
Back
Top Bottom