Want more timely Centmin Mod News Updates?
Become a Member

Xenforo Xenforo Site Restore from backup - Now White Pages - PHP Problem

Discussion in 'Forum software usage' started by MickD, Dec 20, 2023.

  1. MickD

    MickD New Member

    14
    1
    3
    Dec 20, 2023
    Ratings:
    +3
    Local Time:
    3:05 AM
    124-00stable
    10.3
    Hi All,

    I have a problem with my configuration. I had a grub issue on Centos 7 with my hosts OVH and after numerous attempts in recovery to fix GRUB I gave up and re-installed Centos and backed up all the files and database. The site automatically does the backups so I have the latest files and did a backup in rescue mode, too.

    I have restored the database, and then my a check on that which had no issues
    I have connected to the database with the config.php file in the src folder

    So I have a fresh install of Centmin. The issue I think I have is that the XENFORO URL structure I use with REGEX returns cannot be found in the logs. I have been trying for days up to 2am, then up again at 6am - I cannot figure this out. Really grateful in advance to pointers. I want to fix this myself but I think I just done have the skills.


    Please fill in any relevant information that applies to you:
    • CentOS Version: CentOS 7 64bit
    • Centmin Mod Version Installed: 124.00stable
    • Nginx Version Installed: 1.24.0
    • PHP Version Installed: 8.1.26
    • MariaDB MySQL Version Installed: 10.3.xx
    • When was last time updated Centmin Mod code base ? :
    • No local changes to save, Already up-to-date, No local changes to save,Already up-to-date. was the output




      • Persistent Config: Do you have any persistent config file options set in /etc/centminmod/custom_config.inc ? You can check via this command:
    Other Notes:
    * We use Cloudflare, but SSL is set to flexible as I have self-signed until I fix this.
    * Xenforo is 2.2 latest
    * I used option 2 in Centmin to create the Vhost for MYDOMAIN
    * I have not installed any chaces like XCACHE OR APC-CHACHE - not sure if thats required yet

    Code (Text):
    [/B]
    [U]cat: /etc/centminmod/custom_config.inc: No such file or directory[/U]
    



    /usr/local/nginx/conf/conf.d/MYDOMAIN.conf
    Code (Text):
    
    
    #server {
    
    #            listen   80;
    
    #            server_name MYDOMAIN;
    
    #            return 301 $scheme://www.MYDOMAIN$request_uri;
    
    #       }
    
    
    
    server {
    
     
    
      server_name MYDOMAIN www.MYDOMAIN;
    
    
    
    # ngx_pagespeed & ngx_pagespeed handler
    
    #include /usr/local/nginx/conf/pagespeed.conf;
    
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    
    
      #add_header X-Frame-Options SAMEORIGIN;
    
      add_header X-Xss-Protection "1; mode=block" always;
    
      add_header X-Content-Type-Options "nosniff" always;
    
      #add_header Referrer-Policy "strict-origin-when-cross-origin";
    
      #add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()";
    
    
    
      # limit_conn limit_per_ip 16;
    
      # ssi  on;
    
    
    
      access_log /home/nginx/domains/MYDOMAIN/log/access.log combined buffer=256k flush=5m;
    
      error_log /home/nginx/domains/MYDOMAIN/log/error.log;
    
    
    
      include /usr/local/nginx/conf/autoprotect/MYDOMAINautoprotect-MYDOMAINconf;
    
      root /home/nginx/domains/MYDOMAIN/public;
    
      # uncomment cloudflare.conf include if using cloudflare for
    
      # server and/or vhost site
    
      include /usr/local/nginx/conf/cloudflare.conf;
    
      include /usr/local/nginx/conf/503include-main.conf;
    
    
    
      location / {
    
      include /usr/local/nginx/conf/503include-only.conf;
    
    
    
    # block common exploits, sql injections etc
    
    #include /usr/local/nginx/conf/block.conf;
    
    
    
      # Enables directory listings when index file not found
    
      #autoindex  on;
    
    
    
      # Shows file listing times as local time
    
      #autoindex_localtime on;
    
    
    
      # Wordpress Permalinks example
    
      #try_files $uri $uri/ /index.php?q=$uri&$args;
    
    
    
      }
    
    
    
      include /usr/local/nginx/conf/php.conf;
    
     
    
     
    
      include /usr/local/nginx/conf/staticfiles.conf;
    
      include /usr/local/nginx/conf/drop.conf;
    
      include /usr/local/nginx/conf/errorpage.conf;
    
      include /usr/local/nginx/conf/vts_server.conf;
    
    }
    
    



    /usr/local/nginx/conf/conf.d/MYDOMAIN.COM.ssl.conf
    Code (Text):
    # redirect from www to non-www  forced SSL
    
    # uncomment, save file and restart Nginx to enable
    
    # if unsure use return 302 before using return 301
    
    # server {
    
    #       listen   80;
    
    #       server_name MYDOMAIN www.MYDOMAIN;
    
    #       return 302 https://$server_name$request_uri;
    
    # }
    
    
    
    server {
    
      listen 443 ssl http2;
    
      server_name MYDOMAIN www.MYDOMAIN;
    
    
    
      ssl_dhparam /usr/local/nginx/conf/ssl/MYDOMAIN/dhparam.pem;
    
      ssl_certificate      /usr/local/nginx/conf/ssl/MYDOMAIN/MYDOMAIN.crt;
    
      ssl_certificate_key  /usr/local/nginx/conf/ssl/MYDOMAIN/MYDOMAIN.key;
    
      include /usr/local/nginx/conf/ssl_include.conf;
    
    
    
      # cloudflare authenticated origin pull cert community.centminmod.com/threads/13847/
    
      #ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare/MYDOMAIN/origin.crt;
    
      #ssl_verify_client on;
    
     
    
     
    
     
    
      # mozilla recommended
    
      ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
    
      ssl_prefer_server_ciphers   on;
    
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
    
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
    
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    
      #add_header X-Frame-Options SAMEORIGIN;
    
      add_header X-Xss-Protection "1; mode=block" always;
    
      #add_header X-Content-Type-Options "nosniff" always;
    
      #add_header Referrer-Policy "strict-origin-when-cross-origin";
    
      #add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()";
    
      #spdy_headers_comp 5;
    
      ssl_buffer_size 1369;
    
      ssl_session_tickets on;
    
     
    
      # enable ocsp stapling
    
      #resolver 8.8.8.8 8.8.4.4 1.1.1.1 1.0.0.1 valid=10m;
    
      #resolver_timeout 10s;
    
      #ssl_stapling on;
    
      #ssl_stapling_verify on;
    
      #ssl_trusted_certificate /usr/local/nginx/conf/ssl/MYDOMAIN/MYDOMAIN-trusted.crt;
    
    
    
    # ngx_pagespeed & ngx_pagespeed handler
    
    #include /usr/local/nginx/conf/pagespeed.conf;
    
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    
    
      # limit_conn limit_per_ip 16;
    
      # ssi  on;
    
    
    
      access_log /home/nginx/domains/MYDOMAIN/log/access.log combined buffer=256k flush=5m;
    
      error_log /home/nginx/domains/MYDOMAIN/log/error.log;
    
    
    
    #  include /usr/local/nginx/conf/autoprotect/MYDOMAINautoprotect-MYDOMAIN.conf;
    
      root /home/nginx/domains/MYDOMAIN/public;
    
      # uncomment cloudflare.conf include if using cloudflare for
    
      # server and/or vhost site
    
      #include /usr/local/nginx/conf/cloudflare.conf;
    
      include /usr/local/nginx/conf/503include-main.conf;
    
    
    
      location / {
    
      include /usr/local/nginx/conf/503include-only.conf;
    
    
    
    # block common exploits, sql injections etc
    
    #include /usr/local/nginx/conf/block.conf;
    
    
    
      index index.php index.html index.htm;
    
        try_files $uri $uri/ /index.php?$uri&$args;
    
    
    
      }
    
    
    
    #location /admin.php {
    
    #     auth_basic "Private";
    
    #     auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
    
    #        include /usr/local/nginx/conf/php.conf;
    
    #        allow 127.0.0.1;
    
    #        allow YOURISP_IPADDR;
    
    #        deny all;
    
    #}
    
    
    
    location /install/data/ {
    
        internal;
    
    }
    
    
    
    location /install/templates/ {
    
        internal;
    
    }
    
    
    
    location /internal_data/ {
    
        internal;
    
    }
    
    
    
    location /library/ {
    
        internal;
    
    }
    
    
    
    # xenforo 2 uncomment / remove hash from next 3 lines
    
    location /src/ {
    
        internal;
    
    }
    
    
    
    
    
      include /usr/local/nginx/conf/php.conf;
    
     
    
      include /usr/local/nginx/conf/pre-staticfiles-local-MYDOMAIN.conf;
    
      include /usr/local/nginx/conf/pre-staticfiles-global.conf;
    
      include /usr/local/nginx/conf/staticfiles.conf;
    
      include /usr/local/nginx/conf/drop.conf;
    
      #include /usr/local/nginx/conf/errorpage.conf;
    
      include /usr/local/nginx/conf/vts_server.conf;
    
    }
    
    


    /home/nginx/domains/MYDOMAIN.COM/log/error.log

    Code (Text):
    2023/12/20 12:35:57 [error] 27714#27714: *1837 open() "/home/nginx/domains/MYDOMAIN.COM/public/threads/something-something.169931/post-1231633" failed (2: No such file or directory), client: 114.119.157.XXX, server: MYDOMIAN.COM, request: "GET /threads/something-something.169931/post-1231633 HTTP/1.1", host: "MYDOMAIN,COM", referrer: "https://www.MYDOMAIN.COM/threads/something-something.169931/post-1231633/page-4"
    


    I followed the touch commands and the file permission CHmods from a very similar thread.

    Code (Text):
    touch /home/nginx/domains/MYDOMAIN/public/library/.autoprotect-bypass
    touch /home/nginx/domains/MYDOMAIN/public/internal_data/.autoprotect-bypass
    touch /home/nginx/domains/MYDOMAIN/public/install/data/.autoprotect-bypass
    touch /home/nginx/domains/MYDOMAIN/public/install/templates/.autoprotect-bypass
    touch /home/nginx/domains/MYDOMAIN/public/src/.autoprotect-bypass
    
    find /home/nginx/domains/MYDOMAIN/public/ -type f -print0 | xargs -0 chmod 0644
    find /home/nginx/domains/MYDOMAIN/public/ -type d -print0 | xargs -0 chmod 0755
    find /home/nginx/domains/MYDOMAIN/public/internal_data/ -type f -print0 | xargs -0 chmod 0777
    find /home/nginx/domains/MYDOMAIN/public/data/ -type f -print0 | xargs -0 chmod 0777
    find /home/nginx/domains/MYDOMAIN/public/internal_data/ -type d -print0 | xargs -0 chmod 0777
    find /home/nginx/domains/MYDOMAIN/public/data/ -type d -print0 | xargs -0 chmod 0777
    chmod 0755 /home/nginx/domains/MYDOMAIN/public
    
    


    I did get an ERROR from 2 of the commands above.

    Code (Text):
    touch: cannot touch ‘/home/nginx/domains/MYDOMAIN/public/install/data/.autoprotect-bypass’: No such file or directory
    
    touch: cannot touch ‘/home/nginx/domains/MYDOMAIN/public/install/templates/.autoprotect-bypass’: No such file or directory
    
    


    Thank you for any assistance

    Best,
    Mick


     
    Last edited: Dec 20, 2023
  2. eva2000

    eva2000 Administrator Staff Member

    53,223
    12,116
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,654
    Local Time:
    12:05 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Centmin Mod doesn't do automatic site backups, so you have your own scripts? Double check those scripts properly backed up all data and MySQL data as well?

    Any Xenforo URLs work i.e. /admin.php ? or all blank?

    I'd check config.php to see if you're using any caching or 3rd party Xenforo addons which have additional settings set that require other installations on the server.
     
  3. MickD

    MickD New Member

    14
    1
    3
    Dec 20, 2023
    Ratings:
    +3
    Local Time:
    3:05 AM
    124-00stable
    10.3
    Thanks Eva2000,

    All backups were from a custom script that uploaded the file system to the free OVH ftp server you get with dedicated servers, and gunzipped the database to the same server.

    I have only ever used caching that comes with Centmin. is there a way to tell with log files?

    And no PHP files, which are part of Xenforo work (including admin).
    I added a test.php file with the phpinfo code in that, and that file works fine.

    Weird one.
     
  4. MickD

    MickD New Member

    14
    1
    3
    Dec 20, 2023
    Ratings:
    +3
    Local Time:
    3:05 AM
    124-00stable
    10.3
    You was on the money with the Cache mate, thanks allot for the pointer...

    So I purged the cache on Cloudfare, and all of a sudden, I could access the main forum page, but all of the rewrites are still 404, not found, so I think this still needs some re-write work.

    I also put Cloudfare into development mode, and I can now access the admin cp and even log in, so I have access to the backend. Great!

    I looked into my old .conf file and I had rewrites in that (forgive me this could be around 10 years old), and I slightly remember writing the rewrites for the VBULLETIN to XENFORO move I did way back.

    old .conf

    Code (Text):
    ## REWRITE SECTIONS
    
    
        # Showthread link back to resources/downloads
        rewrite ^/showthread.php\?t=(.*) /threads/ permanent;
    
    
    
        # Downloads to resources
        rewrite ^/downloads.php\?do=file&id=(\d+)$ /index.php?resources/$1/ permanent;
    
    
    
        #Tags rewrite to tag home
        rewrite ^/tags/(.*)/(.*)\.html$ /tags/$1/ permanent;
    
    
    
        # Forums
        rewrite ^/([a-z-]+)-(\d+)/$ /forums/$1.$2/ permanent;
    
    
    
            # Pages
        rewrite ^/[a-z-]+-\d+\/(\d+)-([a-z-]+)-(\d+)\.html$ /threads/$2.$1/page-$3/ permanent;
    
          # Thread
            rewrite ^/(.*)-\d+\/(\d+)-(.*)\.html$ /threads/$1.$2/ permanent;
    
         #Tags
            rewrite ^/members/(.*)\.html$ /members/$1/ permanent;
    
    
        #Paid Subscription Redirect
    
    #    rewrite    ^/payments.php /account/upgrades permanent;
    
    
    
    
        #Simple new reply php to forum home
    
        rewrite ^/newreply.php /index.php permanent;
    
        rewrite ^/usertag.php /index.php permanent;
    
    ## END REWRITES
    
     
  5. MickD

    MickD New Member

    14
    1
    3
    Dec 20, 2023
    Ratings:
    +3
    Local Time:
    3:05 AM
    124-00stable
    10.3
    To update this thread.

    If I turn off the SEO setting Friendly URLS everything works perfectly

    However, once this is switched back on I get the NGINX 404 pages,

    I think this is a try_files issue and something I have done in the .conf files :(
     
  6. eva2000

    eva2000 Administrator Staff Member

    53,223
    12,116
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,654
    Local Time:
    12:05 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    You're using Cloudflare Flexible SSL so it talks to your Centmin Mod Nginx non-HTTPS vhost at /usr/local/nginx/conf/conf.d/MYDOMAIN.conf and that has try_files commented out/disabled. If you had Cloudflare Full non-strict SSL, then it would talk to your Centmin Mod Nginx HTTPS vhost at /usr/local/nginx/conf/conf.d/MYDOMAIN.ssl.conf which has try_files uncommented/enabled and you can then re-enable SEO friendly urls.
     
  7. MickD

    MickD New Member

    14
    1
    3
    Dec 20, 2023
    Ratings:
    +3
    Local Time:
    3:05 AM
    124-00stable
    10.3
    yes your right again!

    So I installed the correct SSL keys (uploaded from old backup) then I put it on strict and it works great!

    I got the system working, but addons caused me a nightmare, all files have to be perfectly in place.

    Safari was the worst part - the safari browser has its own cache and I thought the site was dead but it would seem that safari chached the white pages - why!!!!

    anyway, onwards and upwards.

    So this is the strange thing, I get it all working with friendly urls, and it seems great.

    Then I do a server reboot to test it will come up after an outage etc.

    and nothing, no site server unreachable?

    Screenshot 2023-12-21 at 12.19.42.png

    * turned of csf -x to check that but still nothing.
    *nprestart - seems good
    *service mysql restart - seems good

    Why would a reboot break it?

    EDIT
    I found that disabling CSF -X blocks ports 80:443 so this is not the way.

    Thanks EVA
     
    Last edited: Dec 21, 2023
  8. eva2000

    eva2000 Administrator Staff Member

    53,223
    12,116
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,654
    Local Time:
    12:05 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    how are you rebooting server? via web host web GUI or via command line i.e. reboot or shutdown -r now commands?

    After your next reboot, run this command to see the service status of key services and post the output of the command in CODE/BBCODE tags
    Code (Text):
    systemctl status nginx php-fpm mariadb csf lfd --no-pager -l | sed -e "s|$HOSTNAME|hostname|g"

    For folks reading this message and yourself for posting code or output from commands to keep the formatting, you might want to use CODE tags for code How to use forum BBCODE code tags :)
     
  9. MickD

    MickD New Member

    14
    1
    3
    Dec 20, 2023
    Ratings:
    +3
    Local Time:
    3:05 AM
    124-00stable
    10.3
    Thanks Eva,

    It was actually that I disabled CSF (csf -x) firewall. as that automatically blocks 80:443 ports (I found that on another page on this site) once enabled (csf -e) its working on reboot.

    I did this because I use ncftp to transfer the static files from the ftp server, and CSF breaks the passive transfer and stops the connection.

    Would you know what command to use to allow me to talk to the FTP server?
    it uses ftp url like this for access

    ftpback-rbx132-496.ovh.net

    OVH give you a free 500GB FTP server; this can only be accessed locally, so you cannot get onto this from outside of your server. I like that as it's pretty secure, but I don't know much about CSF to allow access locally
     
    Last edited: Dec 21, 2023
  10. eva2000

    eva2000 Administrator Staff Member

    53,223
    12,116
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,654
    Local Time:
    12:05 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+