Xenforo Attachment upload error after server migration

I'm having trouble with attachments uploading to my new server after completing a migration yesterday. A handful of users have been able to upload attachments, but most are not. I can't seem to determine the issue. I have double checked permissions, upgraded to 7.4.33 PHP. The attachments that have made it are a mix of images and pdfs.

A vanilla installation is able to receive attachments, but what is custom about my setup is that I am using [BD] Attachment Store to store attachments in an External Data Directory (an attachments subdomain which is just pointing to /data/). All attachments are stored in /public/data/attachment-files/.

The only change made since migration is upgrading from 1.5.21 to 1.5.24.

Here's an output from Chrome's console. I do not have a /public/attachments folder, so I'm not sure if this is a virtualized folder or if this is where my problem lies. I've never had one.

Code:

POST https://mysite.com/attachments/do-upload.json?hash=b409ce9ec650ba73226fb3b2cabf5f57&content_type=post 404 (Not Found)
send @ flow-rollup.min.js?_v=2cd69cb4:2
readFinished @ flow-rollup.min.js?_v=2cd69cb4:2
readFileFn @ attachment_editor_new.js?_v=2cd69cb4:1
send @ flow-rollup.min.js?_v=2cd69cb4:2
(anonymous) @ flow-rollup.min.js?_v=2cd69cb4:2
l @ flow-rollup.min.js?_v=2cd69cb4:2
(anonymous) @ flow-rollup.min.js?_v=2cd69cb4:2
l @ flow-rollup.min.js?_v=2cd69cb4:2
uploadNextChunk @ flow-rollup.min.js?_v=2cd69cb4:2
upload @ flow-rollup.min.js?_v=2cd69cb4:2
(anonymous) @ attachment_editor_new.js?_v=2cd69cb4:1
(anonymous) @ flow-rollup.min.js?_v=2cd69cb4:2
l @ flow-rollup.min.js?_v=2cd69cb4:2
fire @ flow-rollup.min.js?_v=2cd69cb4:2
addFiles @ flow-rollup.min.js?_v=2cd69cb4:2
(anonymous) @ flow-rollup.min.js?_v=2cd69cb4:2
functions.min.js?_v=2cd69cb4_1.5.10.0_1:4 XenForo.activate(e.fn.init [div.xenOverlay.__XenForoActivator, prevObject: e.fn.init(1), context: undefined])
attachment_editor_new.js?_v=2cd69cb4:1 AttachmentUploadError: n.Event {type: 'AttachmentUploadError', file: e, errorCode: 0, message: '<html>\n<head><title>404 Not Found</title></head>\n<…<hr><center>nginx</center>\n</body>\n</html>\n\n\n\n\n\n\n', ajaxData: {…}, …}ajaxData: {error: Array(1)}currentTarget: span#AttachmentUploader.buttonProxy.AttachmentUploaderdata: nulldelegateTarget: span#AttachmentUploader.buttonProxy.AttachmentUploadererrorCode: 0file: e {flowObj: d, bytes: null, file: File, name: '242221_upload_2023-8-31_18-7-6.png', size: 84889, …}flow: ddefaults: {chunkSize: 1048576, forceChunkSize: false, simultaneousUploads: 3, singleFile: false, fileParameterName: 'file', …}events: {fileadded: Array(1), filessubmitted: Array(1), fileprogress: Array(1), filesuccess: Array(1), fileerror: Array(1)}files: [e]onDrop: ƒ (a)opts: {chunkSize: 4294967296, forceChunkSize: false, simultaneousUploads: 1, singleFile: false, fileParameterName: 'upload', …}preventEvent: ƒ (a)support: truesupportDirectory: true[[Prototype]]: ObjecthandleObj: {type: 'AttachmentUploadError', origType: 'AttachmentUploadError', data: null, guid: 992, handler: ƒ, …}isTrigger: 3jQuery1110023645667879038546: truemessage: "<html>\n<head><title>404 Not Found</title></head>\n<body>\n<center><h1>404 Not Found</h1></center>\n<hr><center>nginx</center>\n</body>\n</html>\n\n\n\n\n\n\n"namespace: ""namespace_re: nullresult: undefinedtarget: span#AttachmentUploader.buttonProxy.AttachmentUploadertimeStamp: 1701460342721type: "AttachmentUploadError"[[Prototype]]: Object
AttachmentUploadError @ attachment_editor_new.js?_v=2cd69cb4

---

 

Thank you for helping out so far. I had already done the chown earlier in an attempt to make sure the permissions were correct. I did it again, and then did the two getfacl commands. Here are the results:

Code (Text):

getfacl -L --absolute-names /home/nginx/domains/yourdomain.com/public/data/attachment-files

# file: /home/nginx/domains/yourdomain.com/public/data/attachment-files

# owner: nginx

# group: nginx

# flags: -s-

user::rwx

group::rwx

other::rwx

and

Code (Text):

getfacl -L --absolute-names /home/nginx/domains/yourdomain.com/public/data

# file: /home/nginx/domains/yourdomain.com/public/data

# owner: nginx

# group: nginx

user::rwx

group::rwx

other::rwx

 

Only thing I didn't have setup on the new server like I did on the old one was

Code (Text):

$config['externalDataUrl'] = 'https://data.mysite.com';

in the config.php file. I just added that vhost to the server, set it up to point to my /data folder, and uncommented the line in my config.php file. No change.

Still getting a 404 error showing in Console for the following URL:

Code (Text):

https://mysite.com/attachments/do-upload.json?hash=b06676bad18d852aca647f282a7fc5bf&content_type=post

I noticed that CMM provides output for this page when it is reached, while mine just comes up with a 404 page.

Code (Text):

https://community.centminmod.com/attachments/do-upload.json

 

An update: if JavaScript is turned off, the attachment uploads work.

Still not sure what's causing it to have issues with the JavaScript.

 

No Rocket Loader. Turned off Minify for JS just in case.

Tested with a fresh browser and an Incognito session, no difference.

 

Sorry for just now responding to this, @eva2000 . As an update, I'm still having problems. I've also tried migrating away from BD [Attachment Store], but the base XF urls for attachments are now not working (404 errors). I think it must be a rewrite issue that I'm facing. Basically anything at testdomain/attachments/* is coming back 404.

Here is my testdomain.ssl.conf file contents. I do not have a testdomain.conf file.

Code (Text):

#x# HTTPS-DEFAULT
 server {
   listen   80;
#x#
   server_name testdomain.com www.testdomain.com;
   return 302 https://testdomain.com$request_uri;
   root /home/nginx/domains/testdomain.com/public;
   include /usr/local/nginx/conf/staticfiles.conf;
 }


server {
  listen 443 ssl http2;

  server_name testdomain.com www.testdomain.com;

  include /usr/local/nginx/conf/ssl/testdomain.com/testdomain.com.crt.key.conf;
  include /usr/local/nginx/conf/ssl_include.conf;

  # cloudflare authenticated origin pull cert community.centminmod.com/threads/13847/
  #ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare/testdomain.com/origin.crt;
  #ssl_verify_client on;



  # mozilla recommended
  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
  ssl_prefer_server_ciphers   on;
  #add_header Alternate-Protocol  443:npn-spdy/3;

  # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
  #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
  #add_header X-Frame-Options SAMEORIGIN;
  add_header X-Xss-Protection "1; mode=block" always;
  add_header X-Content-Type-Options "nosniff" always;
  #add_header Referrer-Policy "strict-origin-when-cross-origin";
  #add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()";
  #spdy_headers_comp 5;
  ssl_buffer_size 1369;
  ssl_session_tickets on;

  # enable ocsp stapling
  #resolver 8.8.8.8 8.8.4.4 1.1.1.1 1.0.0.1 valid=10m;
  #resolver_timeout 10s;
  #ssl_stapling on;
  #ssl_stapling_verify on;

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/testdomain.com/log/access.log combined buffer=256k flush=5m;
  #access_log /home/nginx/domains/testdomain.com/log/access.json main_json buffer=256k flush=5m;
  error_log /home/nginx/domains/testdomain.com/log/error.log;

  include /usr/local/nginx/conf/autoprotect/testdomain.com/autoprotect-testdomain.com.conf;
  root /home/nginx/domains/testdomain.com/public;
  # uncomment cloudflare.conf include if using cloudflare for
  # server and/or vhost site
  include /usr/local/nginx/conf/cloudflare.conf;
  include /usr/local/nginx/conf/503include-main.conf;

#  location / {

location / {
            index index.php index.html index.htm;
            try_files $uri $uri/ /index.php?$uri&$args;

  include /usr/local/nginx/conf/503include-only.conf;

# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;

  # Enables directory listings when index file not found
  #autoindex  on;

  # Shows file listing times as local time
  #autoindex_localtime on;

  # Wordpress Permalinks example
  #try_files $uri $uri/ /index.php?q=$uri&$args;


      }

        location /install/data/ {
        internal;
        }

        location /install/templates/ {
        internal;
        }

        location /internal_data/ {
        internal;
        }

        location /library/ {
        internal;
        }

        location /data/ {
        internal;
        }

        # xenforo 2 uncomment / remove hash from next 3 lines
        location /src/ {
        internal;
        }

#

#  include /usr/local/nginx/conf/503include-only.conf;

# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;

  # Enables directory listings when index file not found
  #autoindex  on;

  # Shows file listing times as local time
  #autoindex_localtime on;

  # Wordpress Permalinks example
  #try_files $uri $uri/ /index.php?q=$uri&$args;

 # }

  include /usr/local/nginx/conf/php.conf;

  include /usr/local/nginx/conf/pre-staticfiles-local-testdomain.com.conf;
  include /usr/local/nginx/conf/pre-staticfiles-global.conf;
  include /usr/local/nginx/conf/staticfiles.conf;
  include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/vts_server.conf;
}

 

It it set to Default.

Not sure if it's JS related because now the attachments won't show at all at the

Code (Text):

 https://testdomain.com/attachments/img_20231220_100159-jpg.250776/

Urls. Data appears to be all there. The json script at /attachments/ for uploading attachments is what was my original problem.

I'm just trying to get my board to 2.x now and want to make sure everything is intact when I do.

 

OK, I feel very stupid for not checking this before, but there is definitely something going on with the re-writes on the Nginx side. If I turn off "Use Full Friendly URLs", attachments upload and all of my attachments show up in my test site.

I also just tried a basic XF 2.x install on a test subdomain and can't use Friendly URLs at all without every page coming up 404, so I'm missing something in my .conf file, I guess. I have uncommented out the XF 2 lines in the .conf file on the test subdomain.

Any further assistance would be greatly appreciated, @eva2000 and others.

 

Yep, that fixed it! What's the long term fix here, do you believe? Or can I just leave those files commented out?

 

This is what it was. Thank you for helping me through the troubleshooting steps.