IP.Board Block Manager Getting Blocked

IPB uses what they call a Block Manager to add blocks / widgets "drag & drop" into the site. When I try to select something from the Block Manager it just selects the text and doesn't actually drag the widget. I looked at the error logs and it seems that the .js file is getting blocked by a rule. I can't figure out what rule is blocking it. Anyone have any idea which conf file I should modify?

Here is the error:

Code:

2015/11/10 04:13:02 [error] 7689#7689: *139 access forbidden by rule, client: 10.0.0.245, server: 10.0.0.121, request: "GET /applications/core/interface/js/js.php?src=core%2Ffront%2Fcontrollers%2Fwidgets%2Fips.widgets.block.js&csrfKey=c78ec30d2554f6a481f511020d0f2b03&antiCache=861193e2a8 HTTP/1.1", host: "10.0.0.121", referrer: "http://10.0.0.121/"

---

 

I posted the wrong one... here it is.

Code:

# IPB4 Working NGINX site conf file

# redirect from non-www to www 
# uncomment, save file and restart Nginx to enable
# if unsure use return 302 before using return 301

# Redirect to HTTPS from port 80

#server {
#    listen  80;
#    server_name 10.0.0.121;
#    return 301 $scheme://10.0.0.121$request_uri;
#    
#    # Access and Error Logs
#    access_log /home/nginx/domains/10.0.0.121/log/access_via80.log combined buffer=256k flush=60m;
#    error_log /home/nginx/domains/10.0.0.121/log/error_via80.log;
#}

server {
    #listen       443 ssl spdy;
    listen  80;
    server_name  10.0.0.121;

    #ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;

    # Limit Connections Per IP Address
    #limit_conn limit_per_ip 16;
   
    # ssi  on;

    # Access and Error Logs
    access_log /home/nginx/domains/10.0.0.121/log/access.log combined buffer=256k flush=60m;
    error_log /home/nginx/domains/10.0.0.121/log/error.log;

    root /home/nginx/domains/10.0.0.121/public;

    # Prevent access to ./directories and files
    location ~ (?:^|/)\. {
        deny all;
    }

    location / {

        # block common exploits, sql injections etc
        include /usr/local/nginx/conf/block.conf;

        # Enables directory listings when index file not found
        # autoindex  on;

        # Shows file listing times as local time
        autoindex_localtime on;

        try_files    $uri $uri/ /index.php;

    }
   
    location ~^(/page/).*(\.php)$ {
        try_files  $uri $uri/ /index.php;
    }
   
    # Mask fake admin directory
    location ~^/admin/(.*)$ {
        deny all;
    }
   
    # Secure real admin directory
    location ~^(/spanky/).*(\.php) {
        allow           127.0.0.1;
        allow           10.0.0.245;
        deny            all;
        #auth_basic     "Restricted Area";
        #auth_basic_user_file $document_root/mynewadmin/.htpasswd;
        include /usr/local/nginx/conf/php.conf;
    }
   
    # IP.Board PHP/CGI Protection
   
    location ~^(/uploads/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/system/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/datastore/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/plugins/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/applications/blog/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/applications/calendar/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/applications/chat/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/applications/cms/).*(\.php)$ {
        deny     all;
    }  
   
    location ~^(/applications/core/).*(\.php)$ {
        deny     all;
    } 
   
    location ~^(/applications/downloads/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/applications/forums/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/applications/gallery/).*(\.php)$ {
        deny     all;
    }
   
    location ~^(/applications/nexus/).*(\.php)$ {
        deny     all;
    }  

    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/php.conf;
    include /usr/local/nginx/conf/drop.conf;
    #include /usr/local/nginx/conf/errorpage.conf;
    include /usr/local/nginx/conf/vts_server.conf;
}

 

I also went through all the include files and commented out everything. I was still having the issue.

 

That worked. I appreciate your help! Hopefully, I won't have anymore issues. I've been testing everything out and haven't run into anything that didn't work except for what was above. I also spoke with on of the users on the IPB forum who developed a guide over there for 3.4.8 and told him about the other thread I created. Hopefully, he can add or modify what I posted.

Thanks again! Any help is much appreciated, and not expected.

 

Thank you! Hopefully, in the end, I can get a solid working vhost file for all the users of IPB who choose to use Nginx and CENTMIN. The IPB developers aren't too interested in Nginx as it's, according to them, a niche OS with not that many users.