Xenforo It's about UI.X but seems it's also about Nginx/Centminmod..

So I installed Xenforo on CentminMOD. Cloudflare/Vultr.

---

Then I installed UI.X 2 style from Themehouse.

Everything looks great except the interface cannot remember the expand/collapse status of the Category and Sidebar.

The expand/collapse status of Category and side menu should be remembered but it's not.



I consulted the Themehouse staff. They checked my website and found

https://mydomain.com/uix/toggle-category

https://i.ibb.co/njSjLpr/2021-11-25-13-20-27.png



https://mydomain.com/uix/toggle-category.json

https://i.ibb.co/vJhsMw4/2021-11-25-13-21-25.png



They said both of them should be going through XF but in my case the json is reported by nginx's 404 Not Found instead of XF...

So it could be something special about my server? What could it be?

Thanks...

 

I created the vhost and named it as 01.com (for easier management) so I have the following:
/usr/local/nginx/conf/conf.d/01.com.ssl.conf

while 01.com.conf renamed as 01.com.conf-disabled

The following is content of 01.com.ssl.conf

The domain name for this server is mydomain.com

Code (Text):

# Centmin Mod Getting Started Guide
# must read http://centminmod.com/getstarted.html
# For HTTP/2 SSL Setup
# read http://centminmod.com/nginx_configure_https_ssl_spdy.html

# redirect from www to non-www  forced SSL
# uncomment, save file and restart Nginx to enable
# if unsure use return 302 before using return 301
 server {
       listen   80;
       server_name mydomain.com www.mydomain.com;
       return 302 https://$server_name$request_uri;
 }

server {
  listen 443 ssl http2 reuseport;
  server_name mydomain.com www.mydomain.com;

  ssl_dhparam /usr/local/nginx/conf/ssl/01.com/dhparam.pem;
  ssl_certificate      /usr/local/nginx/conf/ssl/01.com/01.com.crt;
  ssl_certificate_key  /usr/local/nginx/conf/ssl/01.com/01.com.key;
  include /usr/local/nginx/conf/ssl_include.conf;

  # cloudflare authenticated origin pull cert community.centminmod.com/threads/13847/
  ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare/01.com/origin.crt;
  ssl_verify_client on;
 
 
 
  # mozilla recommended
  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
  ssl_prefer_server_ciphers   on;
  #add_header Alternate-Protocol  443:npn-spdy/3;

  # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
  #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
  #add_header X-Frame-Options SAMEORIGIN;
  add_header X-Xss-Protection "1; mode=block" always;
  add_header X-Content-Type-Options "nosniff" always;
  #add_header Referrer-Policy "strict-origin-when-cross-origin";
  #add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()";
  #spdy_headers_comp 5;
  ssl_buffer_size 1369;
  ssl_session_tickets on;
 
  # enable ocsp stapling
  #resolver 8.8.8.8 8.8.4.4 1.1.1.1 1.0.0.1 valid=10m;
  #resolver_timeout 10s;
  #ssl_stapling on;
  #ssl_stapling_verify on;
  #ssl_trusted_certificate /usr/local/nginx/conf/ssl/01.com/01.com-trusted.crt;

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/01.com/log/access.log combined buffer=256k flush=5m;
  error_log /home/nginx/domains/01.com/log/error.log;

  include /usr/local/nginx/conf/autoprotect/01.com/autoprotect-01.com.conf;
  root /home/nginx/domains/01.com/public;
  # uncomment cloudflare.conf include if using cloudflare for
  # server and/or vhost site
  #include /usr/local/nginx/conf/cloudflare.conf;
  include /usr/local/nginx/conf/503include-main.conf;

  location / {
  include /usr/local/nginx/conf/503include-only.conf;

# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;

  # Enables directory listings when index file not found
  #autoindex  on;

  # Shows file listing times as local time
  #autoindex_localtime on;

  # Wordpress Permalinks example
  #try_files $uri $uri/ /index.php?q=$uri&$args;

# for Full Friendly URLs

            index index.php index.html index.htm;
            try_files $uri $uri/ /index.php?$uri&$args;
  }

  include /usr/local/nginx/conf/php.conf;
 
  include /usr/local/nginx/conf/pre-staticfiles-local-01.com.conf;
  include /usr/local/nginx/conf/pre-staticfiles-global.conf;
  include /usr/local/nginx/conf/staticfiles.conf;
  include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/vts_server.conf;

        location /install/data/ {
        internal;
        }

        location /install/templates/ {
        internal;
        }

        location /internal_data/ {
        internal;
        }

        location /library/ {
        internal;
        }

        # xenforo 2 uncomment / remove hash from next 3 lines
        location /src/ {
        internal;
        }

        ## Nginx X-Accel-Redirect Support
        location ^~ /internal_data {
        internal;
        add_header Etag $upstream_http_etag;
        add_header X-Frame-Options SAMEORIGIN;
        add_header X-Content-Type-Options nosniff;
        }

        ## SVG Template by Xon
        location ^~ /data/svg/ {
        access_log off;
        rewrite ^/data/svg/([^/]+)/([^/]+)/([^/]+)/([^\.]+).svg$ /svg.php?svg=$4&s=$1&l=$2&d=$3$args last;
        return 403;
        }
}

 

I still couldn't solve this problem. I even turned off the cloudflare proxy for a while and see if helped but no it didn't.

This seems to be a unique problem for me as I don't see it's been reported by other people. The themehouse developer logged in my admin panel of Xenforo but also chouldn't help.

So I wonder what could the problem is. I just want to see if there's any other centmin mod users with UI.X got such experience. At least I want to know whether it has anything to do with cenmin mod installation of lemp/vhost..

 

YES! It does the job!

Then remove the following block from staticfiles.conf ?

Code (Text):

    location ~* \.(js|json)$ {
  #add_header Pragma public;
  #add_header X-Frame-Options SAMEORIGIN;
  #add_header X-Xss-Protection "1; mode=block" always;
  #add_header X-Content-Type-Options "nosniff" always;
  #add_header Referrer-Policy "strict-origin-when-cross-origin";
  add_header Access-Control-Allow-Origin *;
  add_header Cache-Control "public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800";
        access_log off;
        expires 30d;
        break;
        }

How?

And what about the following commented out line that I did earlier in mydomain.com.ssl.conf? Keep it commented?

Code (Text):

#include /usr/local/nginx/conf/staticfiles.conf;

Thank you eva2000.

 

@eva2000 care to enlighten me for my questions in the above reply? Thanks...