IPB uses what they call a Block Manager to add blocks / widgets "drag & drop" into the site. When I try to select something from the Block Manager it just selects the text and doesn't actually drag the widget. I looked at the error logs and it seems that the .js file is getting blocked by a rule. I can't figure out what rule is blocking it. Anyone have any idea which conf file I should modify? Here is the error: Code: 2015/11/10 04:13:02 [error] 7689#7689: *139 access forbidden by rule, client: 10.0.0.245, server: 10.0.0.121, request: "GET /applications/core/interface/js/js.php?src=core%2Ffront%2Fcontrollers%2Fwidgets%2Fips.widgets.block.js&csrfKey=c78ec30d2554f6a481f511020d0f2b03&antiCache=861193e2a8 HTTP/1.1", host: "10.0.0.121", referrer: "http://10.0.0.121/"
I posted the wrong one... here it is. Code: # IPB4 Working NGINX site conf file # redirect from non-www to www # uncomment, save file and restart Nginx to enable # if unsure use return 302 before using return 301 # Redirect to HTTPS from port 80 #server { # listen 80; # server_name 10.0.0.121; # return 301 $scheme://10.0.0.121$request_uri; # # # Access and Error Logs # access_log /home/nginx/domains/10.0.0.121/log/access_via80.log combined buffer=256k flush=60m; # error_log /home/nginx/domains/10.0.0.121/log/error_via80.log; #} server { #listen 443 ssl spdy; listen 80; server_name 10.0.0.121; #ngx_pagespeed & ngx_pagespeed handler #include /usr/local/nginx/conf/pagespeed.conf; #include /usr/local/nginx/conf/pagespeedhandler.conf; #include /usr/local/nginx/conf/pagespeedstatslog.conf; # Limit Connections Per IP Address #limit_conn limit_per_ip 16; # ssi on; # Access and Error Logs access_log /home/nginx/domains/10.0.0.121/log/access.log combined buffer=256k flush=60m; error_log /home/nginx/domains/10.0.0.121/log/error.log; root /home/nginx/domains/10.0.0.121/public; # Prevent access to ./directories and files location ~ (?:^|/)\. { deny all; } location / { # block common exploits, sql injections etc include /usr/local/nginx/conf/block.conf; # Enables directory listings when index file not found # autoindex on; # Shows file listing times as local time autoindex_localtime on; try_files $uri $uri/ /index.php; } location ~^(/page/).*(\.php)$ { try_files $uri $uri/ /index.php; } # Mask fake admin directory location ~^/admin/(.*)$ { deny all; } # Secure real admin directory location ~^(/spanky/).*(\.php) { allow 127.0.0.1; allow 10.0.0.245; deny all; #auth_basic "Restricted Area"; #auth_basic_user_file $document_root/mynewadmin/.htpasswd; include /usr/local/nginx/conf/php.conf; } # IP.Board PHP/CGI Protection location ~^(/uploads/).*(\.php)$ { deny all; } location ~^(/system/).*(\.php)$ { deny all; } location ~^(/datastore/).*(\.php)$ { deny all; } location ~^(/plugins/).*(\.php)$ { deny all; } location ~^(/applications/blog/).*(\.php)$ { deny all; } location ~^(/applications/calendar/).*(\.php)$ { deny all; } location ~^(/applications/chat/).*(\.php)$ { deny all; } location ~^(/applications/cms/).*(\.php)$ { deny all; } location ~^(/applications/core/).*(\.php)$ { deny all; } location ~^(/applications/downloads/).*(\.php)$ { deny all; } location ~^(/applications/forums/).*(\.php)$ { deny all; } location ~^(/applications/gallery/).*(\.php)$ { deny all; } location ~^(/applications/nexus/).*(\.php)$ { deny all; } include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/drop.conf; #include /usr/local/nginx/conf/errorpage.conf; include /usr/local/nginx/conf/vts_server.conf; }
I also went through all the include files and commented out everything. I was still having the issue.
you don't need this part as alot of the protections like that included in the include file at include /usr/local/nginx/conf/drop.conf if could be matching and being blocked via Code: location ~^(/applications/core/).*(\.php)$ { deny all; } Note, Centmin Mod is provide as is, so short of scripted related bugs or issues, any further optimisation to the web stack components - nginx, php-fpm, mariadb mysql, csf firewall etc or web app specific configurations are left to the Centmin Mod user to deal with. So I do not provide any free support for such. However, Centmin Mod users are free to help each other out and ask questions or give answers on this community forum. My hopes are that this community forum evolves so that more veteran long time Centmin Mod users help new Centmin Mod users out I believe @pamamolf and @Tracy Perry have experience with IP.Board 4.1 on Centmin Mod ?
That worked. I appreciate your help! Hopefully, I won't have anymore issues. I've been testing everything out and haven't run into anything that didn't work except for what was above. I also spoke with on of the users on the IPB forum who developed a guide over there for 3.4.8 and told him about the other thread I created. Hopefully, he can add or modify what I posted. Thanks again! Any help is much appreciated, and not expected.
you could also change Code: location ~^(/applications/core/).*(\.php)$ { deny all; } to Code: location ~^/(applications/core/interface/js/js.php) { include /usr/local/nginx/conf/php.conf; allow all; } location ~^(/applications/core/).*(\.php)$ { deny all; } so as to allow just that specific php file
Thank you! Hopefully, in the end, I can get a solid working vhost file for all the users of IPB who choose to use Nginx and CENTMIN. The IPB developers aren't too interested in Nginx as it's, according to them, a niche OS with not that many users.
FYI, centmin mod does use SPDY any more it switched to HTTP/2 centminmod.com/http2-nginx.html so see centminmod.com/nginx_domain_dns_setup.html#vhost. So if you answered yes to self-signed SSL vhost you should of auto generated a proper HTTP/2 vhost at /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf you can use centminmod.com/nginx_domain_dns_setup.html#httpsredirect