imJexs Posted January 4, 2022 Share Posted January 4, 2022 This might be a bit of a long post as I want to include as much details as possible. However, I'd greatly appreciate it if you took the time as I'm completely stumped by this one. I know nginx isn't officially supported by IPS (even though it 100% most certainly should be - it's 2022), which is why this is in community support, but I'd love any ideas from IPS guys on this as well. Setup: I am in the middle of moving our website from AWS Elastic Beanstalk to Digital Ocean running inside a Docker Swarm (maybe soon to be k8s, doesn't matter). On AWS, I am running Apache/PHP 7.3.30 and in DO I'm running Nginx/PHP 8.0.13. Both web servers are now talking to the same managed MySQL database (8.0.26), and are using the same Redis cluster for caching as well as PHP sessions. Yes, I have triple checked that PHP sessions and caching is working properly on both web servers. Problem: Whenever I am using the PHP 7.3.30 server, everything works exactly as expected. Been using this setup for ages. No issues. Whenever I switch over to the Nginx/PHP 8.0.13, everything works as expected EXCEPT I cannot login to the front end. However, logins to the ACP work fine (like, what?). Our site uses the Steam login handler with the Standard login method disabled. Even when I turn on the Standard login and try to use user/pass, I get redirected to website.com/?_fromLogin=1 but the user state doesn't actually change. The userbar still has "Login or Sign In" and if I refresh I am not actually logged in. Investigation I did some more investigating, and to make things even weirder, even just requesting the website root (mywebsite.com/), increments the "core_members.failed_login_count" and adds a timestamp to "core_members.failed_logins" columns. So just refreshing the site does that. Then after 1-2 login attempts, it locks the user's account with "too many failed login attempts". Conclusion Exact same code base, exact same 3rd party apps enabled (all written by me and PHP 8 compatible), same MySQL server, same Redis cache, same PHP session handler, but can't sign in on PHP8. I've pretty much determined it has to either be a nginx configuration error like some sort of headers thing (grasping at straws here) or its an issue with this IPS release and the said version of PHP. I am VERY open to suggestions as I'm completely out of ideas. I've traced through the login process' code and I didn't find anything that would lead to the symptoms I saw. 😕 Best, Jexs Link to comment Share on other sites More sharing options...
imJexs Posted January 4, 2022 Author Share Posted January 4, 2022 I'm a doofus and didn't see the Advanced Self Hosting Support. If any mod sees this, please move this to https://invisioncommunity.com/forums/forum/524-advanced-self-hosting-assistance/ Link to comment Share on other sites More sharing options...
imJexs Posted January 4, 2022 Author Share Posted January 4, 2022 (edited) It was the cookie path that was being set incorrectly. Nginx was configured: server_name _; which was then being used by $_SERVER['SERVER_NAME']; in \IPS\Request::getCookiePath() which was causing the cookie path to be set to "//domain.com" instead of "/". I was under the impression that Nginx automatically set the server name to the request's host when using "_", but that is incorrect. Simply setting the correct server_name or manually changing the server name header to $host would fix it. Edited January 4, 2022 by imJexs gigantor and DSystem 1 1 Link to comment Share on other sites More sharing options...
Recommended Posts