Ich habe dies in ein neues Thema verschoben @Monikas. Zur Klärung, ist Ihnen dieses Problem nach einem kürzlichen Wiederaufbau der Website aufgefallen?
Können Sie auch unter justnainai.com/logs nachsehen? Diese Art von Fehlermeldung für Endbenutzer hat normalerweise einen begleitenden Protokolleintrag.
Ich weiß nicht, was dieser Fehler bedeutet.
Ich habe meine Foren in der letzten Woche mit Backups und app.yml-Überschreibungen migriert und habe dann den SMTP-Server von Microsoft Mail 360 auf Google Mail umgestellt. Außerdem habe ich das Panel verwendet, um es mit 1Panel zu erstellen, wobei dort die „OpenResty Web-Plattform basierend auf NGINX und LuaJIT“ genutzt wurde, zusammen mit Reverse-Proxys. Hier ist der Quellcode für den Reverse-Proxy und seine Konfigurationsdatei.
error.txt (614,2 KB)
Ich habe außerdem Cloudflare verwendet und die Konfiguration in den Foren befolgt, um das einzurichten:
Suchergebnisse für ‘cloudflare’ - Discourse Meta
Das Zertifikat verwendet den Origin Server in Cloudflare.
Ich habe keine aktiven Firewalls.
Webseitenkonfiguration
server {
listen 80 ;
listen 443 ssl http2 ;
server_name www.justnainai.com;
index index.php index.html index.htm default.php default.htm default.html;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
access_log /www/sites/www.justnainai.com/log/access.log main;
error_log /www/sites/www.justnainai.com/log/error.log;
location ^~ /.well-known/acme-challenge {
allow all;
root /usr/share/nginx/html;
}
include /www/sites/www.justnainai.com/proxy/*.conf;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
ssl_certificate /www/sites/www.justnainai.com/ssl/fullchain.pem;
ssl_certificate_key /www/sites/www.justnainai.com/ssl/privkey.pem;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
proxy_set_header X-Forwarded-Proto https;
add_header Strict-Transport-Security "max-age=31536000";
}
Originaler Reverse-Proxy
location ^~ / {
proxy_pass http://127.0.0.1:50080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
add_header X-Cache $upstream_cache_status;
add_header Cache-Control no-cache;
proxy_ssl_server_name off;
proxy_ssl_name $proxy_host;
add_header Strict-Transport-Security “max-age=31536000”;
}
(google_oauth2) Authentifizierungsfehler! access_denied: OmniAuth::Strategies::OAuth2::CallbackError, access_denied
FEHLER
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `block in error'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `block in dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `each'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `error'
omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'
omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'
omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:89:in `callback_phase'
omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'
omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'
omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
omniauth-1.9.2/lib/omniauth/builder.rb:45:in `call'
/var/www/discourse/lib/middleware/omniauth_bypass_middleware.rb:43:in `call'
rack-2.2.10/lib/rack/tempfile_reaper.rb:15:in `call'
rack-2.2.10/lib/rack/conditional_get.rb:27:in `call'
rack-2.2.10/lib/rack/head.rb:12:in `call'
actionpack-7.2.2/lib/action_dispatch/http/permissions_policy.rb:38:in `call'
/var/www/discourse/lib/content_security_policy/middleware.rb:12:in `call'
/var/www/discourse/lib/middleware/anonymous_cache.rb:397:in `call'
/var/www/discourse/lib/middleware/csp_script_nonce_injector.rb:12:in `call'
/var/www/discourse/config/initializers/008-rack-cors.rb:14:in `call'
rack-2.2.10/lib/rack/session/abstract/id.rb:266:in `context'
rack-2.2.10/lib/rack/session/abstract/id.rb:260:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:31:in `block in call'
activesupport-7.2.2/lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:30:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/debug_exceptions.rb:31:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/show_exceptions.rb:32:in `call'
logster-2.20.0/lib/logster/middleware/reporter.rb:40:in `call'
railties-7.2.2/lib/rails/rack/logger.rb:41:in `call_app'
railties-7.2.2/lib/rails/rack/logger.rb:29:in `call'
/var/www/discourse/config/initializers/100-quiet_logger.rb:20:in `call'
/var/www/discourse/config/initializers/100-silence_logger.rb:29:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/request_id.rb:33:in `call'
/var/www/discourse/lib/middleware/enforce_hostname.rb:24:in `call'
rack-2.2.10/lib/rack/method_override.rb:24:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/executor.rb:16:in `call'
rack-2.2.10/lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler-3.3.1/lib/mini_profiler.rb:191:in `call'
/var/www/discourse/lib/middleware/processing_request.rb:12:in `call'
message_bus-4.3.8/lib/message_bus/rack/middleware.rb:60:in `call'
/var/www/discourse/lib/middleware/request_tracker.rb:360:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/remote_ip.rb:96:in `call'
railties-7.2.2/lib/rails/engine.rb:535:in `call'
railties-7.2.2/lib/rails/railtie.rb:226:in `public_send'
railties-7.2.2/lib/rails/railtie.rb:226:in `method_missing'
rack-2.2.10/lib/rack/urlmap.rb:74:in `block in call'
rack-2.2.10/lib/rack/urlmap.rb:58:in `each'
rack-2.2.10/lib/rack/urlmap.rb:58:in `call'
unicorn-6.1.0/lib/unicorn/http_server.rb:634:in `process_client'
unicorn-6.1.0/lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn-6.1.0/lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn-6.1.0/lib/unicorn/http_server.rb:143:in `start'
unicorn-6.1.0/bin/unicorn:128:in `<top (required)>'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'
(microsoft_office365) Authentifizierungsfehler! access_denied: OmniAuth::Strategies::OAuth2::CallbackError, access_denied | Der Benutzer hat den Zugriff auf den vom Client-Anwendungsprogramm angeforderten Bereich verweigert.
FEHLER2
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `block in error'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `block in dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `each'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `error'
omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'
omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'
omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:89:in `callback_phase'
omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'
omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'
omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'
omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
omniauth-1.9.2/lib/omniauth/builder.rb:45:in `call'
/var/www/discourse/lib/middleware/omniauth_bypass_middleware.rb:43:in `call'
rack-2.2.10/lib/rack/tempfile_reaper.rb:15:in `call'
rack-2.2.10/lib/rack/conditional_get.rb:27:in `call'
rack-2.2.10/lib/rack/head.rb:12:in `call'
actionpack-7.2.2/lib/action_dispatch/http/permissions_policy.rb:38:in `call'
/var/www/discourse/lib/content_security_policy/middleware.rb:12:in `call'
/var/www/discourse/lib/middleware/anonymous_cache.rb:397:in `call'
/var/www/discourse/lib/middleware/csp_script_nonce_injector.rb:12:in `call'
/var/www/discourse/config/initializers/008-rack-cors.rb:14:in `call'
rack-2.2.10/lib/rack/session/abstract/id.rb:266:in `context'
rack-2.2.10/lib/rack/session/abstract/id.rb:260:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:31:in `block in call'
activesupport-7.2.2/lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:30:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/debug_exceptions.rb:31:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/show_exceptions.rb:32:in `call'
logster-2.20.0/lib/logster/middleware/reporter.rb:40:in `call'
railties-7.2.2/lib/rails/rack/logger.rb:41:in `call_app'
railties-7.2.2/lib/rails/rack/logger.rb:29:in `call'
/var/www/discourse/config/initializers/100-quiet_logger.rb:20:in `call'
/var/www/discourse/config/initializers/100-silence_logger.rb:29:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/request_id.rb:33:in `call'
/var/www/discourse/lib/middleware/enforce_hostname.rb:24:in `call'
rack-2.2.10/lib/rack/method_override.rb:24:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/executor.rb:16:in `call'
rack-2.2.10/lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler-3.3.1/lib/mini_profiler.rb:191:in `call'
/var/www/discourse/lib/middleware/processing_request.rb:12:in `call'
message_bus-4.3.8/lib/message_bus/rack/middleware.rb:60:in `call'
/var/www/discourse/lib/middleware/request_tracker.rb:360:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/remote_ip.rb:96:in `call'
railties-7.2.2/lib/rails/engine.rb:535:in `call'
railties-7.2.2/lib/rails/railtie.rb:226:in `public_send'
railties-7.2.2/lib/rails/railtie.rb:226:in `method_missing'
rack-2.2.10/lib/rack/urlmap.rb:74:in `block in call'
rack-2.2.10/lib/rack/urlmap.rb:58:in `each'
rack-2.2.10/lib/rack/urlmap.rb:58:in `call'
unicorn-6.1.0/lib/unicorn/http_server.rb:634:in `process_client'
unicorn-6.1.0/lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn-6.1.0/lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn-6.1.0/lib/unicorn/http_server.rb:143:in `start'
unicorn-6.1.0/bin/unicorn:128:in `<top (required)>'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'
app.yml
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
- "templates/web.ratelimited.template.yml"
- "templates/cloudflare.template.yml"
expose:
- "50080:80"
- "50443:443"
params:
db_default_text_search_config: "pg_catalog.english"
#db_shared_buffers: "256MB"
#db_work_mem: "40MB"
#version: tests-passed
env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
# DISCOURSE_DEFAULT_LOCALE: en
#UNICORN_WORKERS: 3
DISCOURSE_HOSTNAME: 'www.justnainai.com'
DISCOURSE_DEVELOPER_EMAILS: ''
DISCOURSE_MAX_REQS_PER_IP_PER_10_SECONDS: 400
DISCOURSE_MAX_ASSET_REQS_PER_IP_PER_10_SECONDS: 800
DISCOURSE_SMTP_ADDRESS: smtp.gmail.com
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: ''
DISCOURSE_SMTP_PASSWORD: ''
DISCOURSE_SMTP_ENABLE_START_TLS: true
DISCOURSE_SMTP_AUTHENTICATION: login
volumes:
- volume:
host: /var/discourse/shared/standalone
guest: /shared
- volume:
host: /var/discourse/shared/standalone/log/var-log
guest: /var/log
OAuth2::ConnectionError (FinalDestination: alle aufgelösten IPs wurden blockiert)
Und kürzlich trat dieser Fehler auf den Foren auf, und 4797 davon werden nicht gleichzeitig in den Protokollen angezeigt.
Habe es gerade auf meinem lokalen Computer getestet.
Keine Probleme beim Google-Login gesehen.
Dies deutet auf ein Netzwerkproblem auf Ihrem neuen Host hin. Ich vermute, die Probleme begannen, als Sie umgezogen sind. Etwas in Ihrem Stack blockiert Anfragen an die Authentifizierungsserver… Leider kann ich nicht weiterhelfen, aber ich habe es auf einer Website getestet, die wir hosten, und die Google-Authentifizierung funktioniert korrekt.