DigitalOcean

Report this

What is the reason for this report?
Question

https and http2 NGINX config for socket.io

Posted on June 1, 2017
Nginx
Ubuntu 16.04
Node.js
MakiJS

By MakiJS

I have node.js app which is served by NGINX. I can’t connect socket.io. I got 404 for POST request for establising socket connection.

It’s working locally, so it must be an NGINX problem.

# HTTP - redirect all requests to HTTPS:
  server {
     listen 80;
     listen [::]:80;
     return 301 https://$host$request_uri;
  }
  # HTTPS - proxy requests on to local Node.js app:
  server {
     listen 443 ssl http2;
     server_name example.com;
     ssl on;
     ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
     ssl_session_timeout 5m;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
     location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:8080;
        proxy_ssl_session_reuse off;
        proxy_set_header Host $http_host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
     }
}

Thanks for any help.



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Jonathan Tittle
Jonathan Tittle
June 1, 2017

@MakiJS

Let’s run a test, replace your location / {} block with this one:

location / {
    proxy_pass http://127.0.0.1:8080;
    proxy_buffers 16 32k;
    proxy_buffer_size 64k;
    proxy_busy_buffers_size 128k;
    proxy_cache_bypass $http_pragma $http_authorization;
    proxy_connect_timeout 59s;
    proxy_hide_header X-Powered-By;
    proxy_http_version 1.1;
    proxy_ignore_headers Cache-Control Expires;
    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
    proxy_no_cache $http_pragma $http_authorization;
    proxy_pass_header Set-Cookie;
    proxy_read_timeout 600;
    proxy_redirect off;
    proxy_send_timeout 600;
    proxy_temp_file_write_size 64k;
    proxy_set_header Accept-Encoding '';
    proxy_set_header Cookie $http_cookie;
    proxy_set_header Host $host;
    proxy_set_header Proxy '';
    proxy_set_header Referer $http_referer;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Original-Request $request_uri;
}

It’s a bit more detailed, but it’ll definitely tell us whether or not the issue is with NGINX or the app. If the above doesn’t work, there’s an issue somewhere in the app. If it does work, then we shouldn’t need to do anything else :-).

I would, however, recommend replacing:

     ssl on;
     ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
     ssl_session_timeout 5m;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

with:

    ssl on;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_ecdh_curve secp384r1;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_session_cache shared:SSL:50m;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_session_tickets off;
    ssl_session_timeout 5m;

It too is a little more detailed, but worth making the change to ensure specifics are added.

Once you’re done making changes, restart NGINX and test the connection.

0
Jonathan Tittle
Jonathan Tittle
June 1, 2017

@MakiJS

Is your socket.io application listening on 127.0.0.1 and port 8080? If so, please run:

tail -20 /var/log/nginx/error.log

and post the output to a code block as you did with your server block. If it’s not, you’ll need to make sure the application is listening on that IP and port, otherwise it won’t work.

0
MakiJS
MakiJS
June 2, 2017

@kamaln7 I try to add the first block and it seem’s nothing changed, but can you please be more specific with the second one.

@jtittle I replace config with the following and again nothing changes.

Thanks guys for taking the time.

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.