search

bitnami / vms

Bitnami VMs
https://bitnami.com
Other
206 stars 44 forks source link

[ghost] localhost urls #1310

Closed aggieben closed 9 months ago

aggieben commented 11 months ago

Platform

Azure

bndiagnostic ID know more about bndiagnostic ID

723f6607-df9d-c8d3-2a6f-0bc1891612b1

bndiagnostic output

===== Begin of bndiagnostic tool output =====

? Connectivity: Found possible issues
? Resources: Found possible issues
? Apache: Found possible issues
✓ Processes: No issues found
✓ Mysql: No issues found

[Connectivity]

Server ports 22, 80 and/or 443 are not publicly accessible. Please check the following guide to open server ports for remote access:

https://docs.bitnami.com/general/faq/administration/use-firewall/

[Resources]

Your instance has little available RAM memory.

Press [Enter] to continue:
 total used free shared buff/cache available Mem: 914 635 71 0 207 143 Swap: 634
328 306

You could try to increase your instance's memory. Please check your cloud provider's documentation for more information.

[Apache]

Found recent error or warning messages in the Apache error log.

[Wed Dec 13 03:01:50.350063 2023] [core:error] [pid 3708:tid 140332276573952]
[client **ip_address**:51153] AH10244: invalid URI path
(/../../../../../../../../../../etc/passwd)
 [Wed Dec 13 03:01:50.636717 2023] [core:error] [pid 4395:tid 140332142290688]
[client **ip_address**:51164] AH10244: invalid URI path
(/../../../../../../../../../../boot.ini)
 [Wed Dec 13 10:51:01.220008 2023] [core:error] [pid 4395:tid 140332377286400]
[client **ip_address**:38508] AH10244: invalid URI path
(/cgi-bin/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/bin/sh)

Please check the following guide to troubleshoot server issues:

Press [Enter] to continue: https://docs.bitnami.com/general/apps/wordpress/troubleshooting/debug-erro rs-apache/

===== End of bndiagnostic tool output =====

bndiagnostic was not useful. Could you please tell us why?

the suggested issues seem unrelated to my issue (and the open port diagnostic is incorrect)

Describe your issue as much as you can

Some of the links in my newly-installed Ghost blog are configured to navigate to localhost, which obviously doesn't work in a publicly-accessible site. I don't know that much about Ghost, and I don't know where to address this issue. Examples: the "sign in" link in the header, and the theme previewer in the admin portal.

mdhont commented 11 months ago

Could you tell me which links exactly so I can try to reproduce the issue? Regarding the Apache error log, it looks like these entries in your Apache log indicate attempts to access sensitive system files, such as /etc/passwd, /boot.ini, and even attempts to execute commands through a CGI script. I recommend checking the Apache access.log for suspicious ip addresses and to block them:

https://docs.bitnami.com/aws/faq/configuration/block-suspicious-ip/

aggieben commented 11 months ago

The Home and About menu links are defaulted to localhost, and I did finally figure out how to fix those (navigation section in the settings panel). But the site previewer at https://mysite.com/ghost/#/site tries to load localhost.

The sign-in link doesn't work, although I can't tell the reason yet. Since it's a JS link I'm not sure what it's trying to do.

tojofo commented 11 months ago

I'm getting the same thing on the AWS LightSail install. I did have the landing page working but was getting mixed mode errors on other pages. I attempted to fix that by setting the URL in the ghost conf as per the bitnami docs. Restared apache and ghost as per the bitnami docs but now my domain always gets redirected to https://127.0.0.1:2368/

tojofo commented 11 months ago

I have a diagnostic tool SHA I can share too c447a6f4-53a7-4f5c-2f3d-5a5217254e38

mdhont commented 11 months ago

I'd like to try to reproduce the issue. On which platform are you running the app? And what are the steps to reproduce it?

tojofo commented 10 months ago

I was using the Ghost app on AWS Lightsail. Following the instructions here https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-quick-start-guide-ghost

It was working except I was getting mixed mode errors for some JS around the subscribe button. I edited the Ghost conf to change the server URL to https restarted Ghost and Apache via the Bitnami controls and it stopped working. I think there is an issue with the Apache vhost configuration and I think the Bitname controls blew away the working changes at restart.

mdhont commented 10 months ago

Changing the server url probably caused the issue, did you configure the domain?

https://docs.bitnami.com/aws/apps/ghost/administration/configure-domain/

tojofo commented 10 months ago

Yes I configured the domain during the install. I set forward http to https and forward www to non-www.

The site "worked" but was getting a mixed mode error for the js script for the subscribe button. I edited the config of ghost changing my url from http... to https... (the bitnami install had set it as http) and restarted ghost and apache via the bitnami control scripts. Then the problem started occurring.

When I get the chance I will run it up again and demonstrate the mixed mode error. Then ask what the appropriate course of action is to correct that.

tojofo commented 10 months ago

Ok I have an instance running at ftwfa.com

After following the steps here Quick start guide: Ghost on Amazon Lightsail | Lightsail Documentation up to and including running the bncert tool I get the following state where the feedbackpage component is referencing localhost.

Screenshot 2024-01-07 at 12 28 40 pm

The Ghost forum suggests restarting ghost. I do that via sudo /opt/bitnami/ctlscript.sh restart ghost as per the instructions here Start or stop services

I now get the mixed content error. Last time this was the point where I edited the server url in the ghost config to be https://ftwfa.com and restarted ghost and apache and got the issue regarding localhost that this thread is about.

Screenshot 2024-01-07 at 12 37 05 pm

How would you like me to proceed?

tojofo commented 10 months ago

So changing the server url to https and restarting ghost is what causes the problem, how can I get bitnami to configure the ghost url to be https?

Reverting the change and restarting ghost does not return it to the previous state either, it stays forwarding to 127.0.0.1

mdhont commented 10 months ago

You can force https redirection. The following guide shows how:

https://docs.bitnami.com/aws/apps/ghost/administration/force-https-apache/

tojofo commented 10 months ago

You can force https redirection. The following guide shows how:

https://docs.bitnami.com/aws/apps/ghost/administration/force-https-apache/

Unfortunately that didn't work. http to https redirection is setup as part of the setup process by the bncert tool (though it looks wrong in the apache vhost setup because that still has ServerName www.example.com in a few places.

I think the problem is that ghost url-utils uses the ghost config server url to build the path from which to request that endpoint and it is blocked at the browser level as mixed content. Basically the short of it is the bitnami tool that maps http -> https probably needs to be updating the protocol of the url in the ghost config too.

tojofo commented 10 months ago

Ok I have fixed it in my case.

I needed to add RequestHeader set X-Forwarded-Proto "https" to ghost-https-vhost.conf and set the ghost url via sudo ghost config url https://mydomain.tld

github-actions[bot] commented 9 months ago

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

github-actions[bot] commented 9 months ago

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.