No response from bot now

[intervisionlord]

> tail -f TelegramBot_debug.log

[2019-04-11 02:54:49] bot_log.DEBUG: Verbose HTTP Request output:
* Hostname was NOT found in DNS cache
*   Trying 132.148.13.46...
* Hostname was NOT found in DNS cache
* 149
* 154
* 167
* 220
* Connected to 132.148.13.46 (132.148.13.46) port 28602 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
*        subject: OU=Domain Control Validated; CN=api.telegram.org
*        start date: 2018-05-04 14:42:31 GMT
*        expire date: 2020-05-23 16:17:38 GMT
*        subjectAltName: api.telegram.org matched
*        issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certs.godaddy.com/repository/; CN=Go Daddy Secure Certificate Authority - G2
*        SSL certificate verify ok.
> POST /botXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/setWebhook HTTP/1.1
User-Agent: GuzzleHttp/6.3.3 curl/7.38.0 PHP/7.2.17
Content-Type: application/x-www-form-urlencoded
Host: api.telegram.org
Content-Length: 128

* upload completely sent off: 128 out of 128 bytes
< HTTP/1.1 200 OK
* Server nginx/1.12.2 is not blacklisted
< Server: nginx/1.12.2
< Date: Wed, 10 Apr 2019 23:54:49 GMT
< Content-Type: application/json
< Content-Length: 64
< Connection: keep-alive
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET, POST, OPTIONS
< Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
< Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
<
* Connection #0 to host api.telegram.org left intact

 [] []

On settings page after saving changes i get a massage:

Telegram: Webhook is already set

But there is no reaction on messages from bot

[brlumen]

@intervisionlord Debag file keeps track of outgoing messages from the plugin. Therefore, in this case, it is useless.

See, when you apply settings in the plugin or open a page with a user monitor, the plugin sends a request to the telegram servers and receives a response. When you write a message in a telegram client, you send a request to your server to the telegram server via the link that can be viewed on the User Monitor page. In this connection, you need to make sure that:

1. First, check whether your server is visible from the mantisbt outside your network (that is, from the Internet). Try to follow the link that you take on the page "user monitor". Your mantisbt should give a fatal error.
2. Supplies all intermediate certificates to complete a verification chain.

Here are more details on your server requirements: https://core.telegram.org/bots/webhooks#the-short-version Just keep in mind that the plugin currently does not support self-signed certificates.

[brlumen]

I would also like to draw your attention to the fact that in the event of any damage from Telegram, we will not be able to find out about it. From my experience there were 2 such cases. Symptoms are the same as you described.

[intervisionlord]

@intervisionlord Debag file keeps track of outgoing messages from the plugin. Therefore, in this case, it is useless.

See, when you apply settings in the plugin or open a page with a user monitor, the plugin sends a request to the telegram servers and receives a response. When you write a message in a telegram client, you send a request to your server to the telegram server via the link that can be viewed on the User Monitor page. In this connection, you need to make sure that:

1. First, check whether your server is visible from the mantisbt outside your network (that is, from the Internet). Try to follow the link that you take on the page "user monitor". Your mantisbt should give a fatal error.
2. Supplies all intermediate certificates to complete a verification chain.

Here are more details on your server requirements: https://core.telegram.org/bots/webhooks#the-short-version Just keep in mind that the plugin currently does not support self-signed certificates.

1. Yep, i receive an error INTERNAL APPLICATION ERROR

2. I'm using Let's Encrypt certificate and there was no problems with it for a long time

About details: You'll need a server that: ... Provides a supported, non-wildcard, verified or self-signed certificate.

WOW Problems with Wildcard??? This sounds strange - I'll try to change certificate...

[brlumen]

Once again, make sure that the server issues a certificate along with an intermediate and root certificate. The browser on the PC usually has in its base and intermediate and root, so it does not give an error. But for example, a mobile browser may well argue against a seemingly working certificate, since most mobile browsers (like the telegram server client) have a limited base of root and intermediate certificates.

[intervisionlord]

since most mobile browsers (like the telegram server client) have a limited base of root and intermediate certificates.

But it was working few days ago...

I suppose, that all chain is correct: Root:

Active ISRG Root X1 (self-signed) ISRG Root X1 Valid Certificate https://valid-isrgrootx1.letsencrypt.org/ ISRG Root X1 Revoked Certificate https://revoked-isrgrootx1.letsencrypt.org/ ISRG Root X1 Expired Certificate https://expired-isrgrootx1.letsencrypt.org/

Intermediate: Active Let’s Encrypt Authority X3 (IdenTrust cross-signed) Let’s Encrypt Authority X3 (Signed by ISRG Root X1) Backup Let’s Encrypt Authority X4 (IdenTrust cross-signed) Let’s Encrypt Authority X4 (Signed by ISRG Root X1) Retired Let’s Encrypt Authority X2 (IdenTrust cross-signed) Let’s Encrypt Authority X2 (Signed by ISRG Root X1) Let’s Encrypt Authority X1 (IdenTrust cross-signed) Let’s Encrypt Authority X1 (Signed by ISRG Root X1)

[brlumen]

Have you already worked the plugin before this issue?

[brlumen]

I mean, did your plugin stop receiving messages? That is, until this point everything worked correctly?

[intervisionlord]

I mean, did your plugin stop receiving messages? That is, until this point everything worked correctly?

Exactly. It works perfectly before this issue

[brlumen]

Let's try to see the logs of your web server. Try to find messages about attempts to connect from telegram servers to your web server in the intervals between sending a message to telegram chat.

[brlumen]

There should be similar messages: source_ip - - [11 / Apr / 2019: 13: 56: 25 +0700] "POST /plugin.php?page=TelegramBot/hook&token=you_token_bot HTTP / 1.0" 200 961 "-" "-"

[intervisionlord]

Nope... I have checked my iptables rules but there are no IP's of telegram servers, I'll try to check other IP's there

[brlumen]

I also recommend that you check twitter for messages about problems with telegrams from other users in your region. Perhaps this is still a problem on the side of telegrams.

[intervisionlord]

Well, i drop all my iptables reject rules and check info about problems from telegram side. And there are no reason why it doesnt work...

Sad ((

[brlumen]

@intervisionlord Did you manage to solve the problem?

[intervisionlord]

I can's solve it myself unfortunately, because i see nothing incorrect from my servers

[brlumen]

@intervisionlord I am sorry that you have problems. Let me know if I can help you with anything else.

[intervisionlord]

i try to ask in telegram support and they ask to test "getWebhookinfo" method. I can't uderstand how to use this information (see screenshot)

[brlumen]

They ask you to check what method returns that they indicated to you. I have once again checked the documentation for their api and found that this method can indeed return an error message delivery message via webhook. The fact is that the plugin uses this method on the page "user monitor", but it returns there only if your webhook is successfully installed. Today I will figure out how to get additional information, and write you further instructions.

пт, 12 апр. 2019, 22:32 Andreas Lord notifications@github.com:

i try to ask in telegram support and they ask to test "getWebhookinfo" method. I can't uderstand how to use this information (see screenshot) [image: image] https://camo.githubusercontent.com/a9b55dd8999ab9f785581457db4a70b4c7b52da2/68747470733a2f2f696d672e7477722e73752f696d616765732f323031392f30342f31322f373456362e706e67

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/mantisbt-plugins/TelegramBot/issues/28#issuecomment-482619275, or mute the thread https://github.com/notifications/unsubscribe-auth/AY0QVm-96KTcvoNlQYkBsxEDLYU7nYK_ks5vgKcjgaJpZM4coecu .

[intervisionlord]

Please, let me know anytime if I could help to solve this issue.

[brlumen]

@intervisionlord While I am preparing a patch, try to get webhookinfo through a browser. Copy the following line into your browser's address bar. In the line, replace "<token>" with your bot's token. Keep in mind that you should end up with something like this bot7623764: hdgugshf27HGDWHdjsdsh. That is, the word bot before the token is required!

https://api.telegram.org/bot<token>/getWebhookInfo

In response, the server will send you telegrams about the following line: {"ok":true,"result":{"url":"https://you_d0main/plugin.php?page=TelegramBot/hook&token=you_token","has_custom_certificate":false,"pending_update_count":0,"max_connections":40}}

In my example, there is no error information, but you probably will have the last_error_message parameter.

[intervisionlord]

Yep, i got this {"ok":true,"result":{"url":"https://XXXXXXXXXXXXX/plugin.php?page=TelegramBot/hook&token=XXXXXXXXXXXXXXXXXXXX","has_custom_certificate":false,"pending_update_count":88,"max_connections":40}} (some data hidden for some reasons)

Clear pending_count, reset webHook url and set it again... And now connection timeout ((( "has_custom_certificate":false,"pending_update_count":1,"last_error_date":1555171631,"last_error_message":"Connection timeout expired","max_connections":40

[brlumen]

What was the first mistake?

[brlumen]

In any case, the last error indicates that the server telegrams can not send you data. You need to check the availability of the IP address of your server from other Internet segments. It is possible that there is some problem with your ISP's routing. Do you use a proxy server?

[intervisionlord]

i am using proxy only in plugin settings. From other segments my server is available. At this moment i have no ip's in firewall (except asian geoblock) and unfortunately telegram doesn't provide any service to check availability of server from their side.

PingTest result (IMG.PNG)

[intervisionlord]

What was the first mistake?

Actually i don't know, i tried to clear pending requests by changing webhookUrl to other resource and after that return valid url

[brlumen]

You are from Russia?

[brlumen]

Probably correctly ask, the server with the mantis is in the Russian segment of the Internet?

[intervisionlord]

yep. Russia. But our ISP's can block only outcoming connections, that's why i am using proxy in plugin settings. There are no facts, that they are blocking incoming connections too. And that's why i try to get response from telegram support to check my server availability from their side.

[brlumen]

Let's continue the conversation via email in Russian, if it is convenient for you. My email: igflocal@gmail.com

[intervisionlord]

Ok

[brlumen]

As a result, it was found out that the provider blocked outgoing traffic to the ip address of the Telegram server.