starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-02-05 16:49:47 +03:00
Code Issues 784 Packages Projects Releases 10 Wiki Activity

False redirecting to 404 on several subfolders #922

New Issue
Closed
opened 2026-02-04 22:56:45 +03:00 by OVERLORD · 1 comment
OVERLORD commented 2026-02-04 22:56:45 +03:00
Owner
Copy Link

Originally created by @Stackhollow on GitHub (Nov 22, 2018).

Hello everybody,
I am new to GitHub and since three months I run my own server with Ubuntu 18.04. It's the first time I use Linux.

On GitHub and in other forums I did not find anything to my problem.
 
I use nginx and MariaDB. Currently I run some applications via nignx. I have a gateway host for this and a virtual host for each application.
 
Recently, I came across BookStack to be able to document well. I really liked the application and installed it.
 
I currently have the problem that obviously some redirects are not forwarded correctly and I'm redirected in some subfolders on the error page 404 / not found.

I have adapted the APP_URL accordingly. I would like to be reachable at https://domain.com/bookstack. I have included the URL in the .env including trailing slash.
 
Below are my current host configurations.

Gateway-Host

upstream php-handler {
    server unix:/run/php/php7.2-fpm.sock;
}
 
server {
	listen 80 default_server;
	server_name domain.name.ltd server_ip;
 
	root /var/www;
	
	location ^~ /.well-known/acme-challenge {
		proxy_pass http://127.0.0.1:port;
		proxy_redirect off;
	}
	
	location / {
		# Enforce HTTPS
		# Use this if you always want to redirect to the DynDNS address (no local access).
		return 301 https://$server_name$request_uri;
		
		# Use this if you also want to access the server by local IP:
		#return 301 https://$server_addr$request_uri;
    }		
}
 
server {
	listen 443 ssl http2;
	server_name noopiescloud.spdns.de 192.168.178.52;
  
	# Certificates used
	ssl_certificate ***;
	ssl_certificate_key ***;
  
	# Not using TLSv1 will break:
	#	Android <= 4.4.40
	#	IE <= 10
	#	IE mobile <=10
	# Removing TLSv1.1 breaks nothing else!
	# TLSv1.3 is not supported by most clients, but it should be enabled.
	ssl_protocols TLSv1.2 TLSv1.3;
	
	# Cipher suite from https://cipherli.st/
	# Max. security, but lower compatibility 
	ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384';
 
	# Cipher suite from https://wiki.mozilla.org/Security/Server_Side_TLS
	#ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
 
	# (Modern) cipher suite from https://mozilla.github.io/server-side-tls/ssl-config-generator/
	#ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
 
	# Diffie-Hellman parameter for DHE ciphersuites, recommended 4096 bits
	# ssl_dhparam /etc/nginx/ssl/dhparams.pem;
  
	# Use multiple curves.
	# secp521r1: Not supported by Chrome
	# secp384r1: Not supported by Android (DAVdroid)
	ssl_ecdh_curve secp521r1:secp384r1:prime256v1;
 
	# Server should determine the ciphers, not the client
	ssl_prefer_server_ciphers on;
  
	# OCSP Stapling
	# fetch OCSP records from URL in ssl_certificate and cache them
	ssl_stapling on;
	ssl_stapling_verify on;
	
	# This should be chain.pem
	# See here: https://certbot.eff.org/docs/using.html
	ssl_trusted_certificate ***;
	
	resolver 192.168.178.1;
  
	# SSL session handling
	ssl_session_timeout 24h;
	ssl_session_cache shared:SSL:50m;
	ssl_session_tickets off;
 
	#
	# Add headers to serve security related headers
	#  
	# HSTS (ngx_http_headers_module is required)
	# In order to be recoginzed by SSL test, there must be an index.hmtl in the server's root
	add_header Strict-Transport-Security "max-age=63072000; includeSubdomains" always;
	add_header X-Content-Type-Options "nosniff" always;
	# Usually this should be "DENY", but when hosting sites using frames, it has to be "SAMEORIGIN"
	add_header Referrer-Policy "no-referrer" always;
	#add_header X-Frame-Options "SAMEORIGIN" always;
	add_header X-XSS-Protection "1; mode=block" always;
	add_header X-Robots-Tag none;
	add_header X-Download-Options noopen;
	add_header X-Permitted-Cross-Domain-Policies none;
 
	location = / {
        # Disable access to the web root, otherwise nginx will show the default site here.
		deny all;
        }	

	#
	#app1
	#
	location ^~ /app1 {		
	proxy_pass http://127.0.0.1:port;
	proxy_read_timeout 90;
	}

	#
	#app2
	#        
	location ^~ /app2 {        
        proxy_pass http://127.0.0.1:port;
	}

	#
	# app3
	#
	location ^~ /app3 {
	proxy_pass http://127.0.0.1:port;	
	}

	#
	# BookStack
	#
	location ^~ /bookstack/ {
	rewrite ^/bookstack/(.*) /$1 break;
	proxy_pass http://127.0.0.1:port/;
	return 301 https://$server_name$request_uri;
	proxy_redirect off;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	}
}

 
BookStack Virtual Host

server {
    listen port;
    root /var/www/bookstack/public;
    index  index.php index.html index.htm;
    server_name  127.0.0.1;

    access_log /var/log/nginx/bookstack_access.log; 
    error_log /var/log/nginx/bookstack_error.log; 

    client_max_body_size 100M;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
       }

    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) { 
	deny all; 
	}

    location ~ \.php$ {
	fastcgi_split_path_info ^(.+\.php)(/.+)$; 
	include fastcgi_params; 
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
	fastcgi_param PATH_INFO $fastcgi_path_info; 
	fastcgi_pass unix:/run/php/php7.2-fpm.sock; 
	}
}

Also an excerpt from the last logs.

2018/11/22 13:27:27 [error] 3067#3067: *504 open() "/usr/share/nginx/html/login" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /login HTTP/1.1", host: "domain.name.com"
2018/11/22 13:27:34 [error] 3067#3067: *504 open() "/usr/share/nginx/html/login" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /login HTTP/1.1", host: "domain.name.com"
2018/11/22 13:30:24 [error] 3067#3067: *603 open() "/usr/share/nginx/html/translations" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /translations HTTP/1.1", host: "domain.name.com"
2018/11/22 13:30:29 [error] 3066#3066: *677 open() "/usr/share/nginx/html/translations" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /translations HTTP/1.1", host: "domain.name.com"
2018/11/22 13:31:41 [error] 3066#3066: *817 open() "/usr/share/nginx/html/books/ufw/create-page" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /books/ufw/create-page HTTP/1.1", host: "domain.name.com"
2018/11/22 13:31:59 [error] 3066#3066: *677 open() "/usr/share/nginx/html/books/ufw/create-page" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /books/ufw/create-page HTTP/1.1", host: "domain.name.com"

Hope, u guys can help me out with this.

Originally created by @Stackhollow on GitHub (Nov 22, 2018). Hello everybody, I am new to GitHub and since three months I run my own server with Ubuntu 18.04. It's the first time I use Linux. On GitHub and in other forums I did not find anything to my problem.   I use nginx and MariaDB. Currently I run some applications via nignx. I have a gateway host for this and a virtual host for each application.   Recently, I came across BookStack to be able to document well. I really liked the application and installed it.   I currently have the problem that obviously some redirects are not forwarded correctly and I'm redirected in some subfolders on the error page 404 / not found. I have adapted the APP_URL accordingly. I would like to be reachable at https://domain.com/bookstack. I have included the URL in the .env including trailing slash.   Below are my current host configurations. Gateway-Host ``` upstream php-handler { server unix:/run/php/php7.2-fpm.sock; } server { listen 80 default_server; server_name domain.name.ltd server_ip; root /var/www; location ^~ /.well-known/acme-challenge { proxy_pass http://127.0.0.1:port; proxy_redirect off; } location / { # Enforce HTTPS # Use this if you always want to redirect to the DynDNS address (no local access). return 301 https://$server_name$request_uri; # Use this if you also want to access the server by local IP: #return 301 https://$server_addr$request_uri; } } server { listen 443 ssl http2; server_name noopiescloud.spdns.de 192.168.178.52; # Certificates used ssl_certificate ***; ssl_certificate_key ***; # Not using TLSv1 will break: # Android <= 4.4.40 # IE <= 10 # IE mobile <=10 # Removing TLSv1.1 breaks nothing else! # TLSv1.3 is not supported by most clients, but it should be enabled. ssl_protocols TLSv1.2 TLSv1.3; # Cipher suite from https://cipherli.st/ # Max. security, but lower compatibility ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384'; # Cipher suite from https://wiki.mozilla.org/Security/Server_Side_TLS #ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; # (Modern) cipher suite from https://mozilla.github.io/server-side-tls/ssl-config-generator/ #ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; # Diffie-Hellman parameter for DHE ciphersuites, recommended 4096 bits # ssl_dhparam /etc/nginx/ssl/dhparams.pem; # Use multiple curves. # secp521r1: Not supported by Chrome # secp384r1: Not supported by Android (DAVdroid) ssl_ecdh_curve secp521r1:secp384r1:prime256v1; # Server should determine the ciphers, not the client ssl_prefer_server_ciphers on; # OCSP Stapling # fetch OCSP records from URL in ssl_certificate and cache them ssl_stapling on; ssl_stapling_verify on; # This should be chain.pem # See here: https://certbot.eff.org/docs/using.html ssl_trusted_certificate ***; resolver 192.168.178.1; # SSL session handling ssl_session_timeout 24h; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; # # Add headers to serve security related headers # # HSTS (ngx_http_headers_module is required) # In order to be recoginzed by SSL test, there must be an index.hmtl in the server's root add_header Strict-Transport-Security "max-age=63072000; includeSubdomains" always; add_header X-Content-Type-Options "nosniff" always; # Usually this should be "DENY", but when hosting sites using frames, it has to be "SAMEORIGIN" add_header Referrer-Policy "no-referrer" always; #add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; location = / { # Disable access to the web root, otherwise nginx will show the default site here. deny all; } # #app1 # location ^~ /app1 { proxy_pass http://127.0.0.1:port; proxy_read_timeout 90; } # #app2 # location ^~ /app2 { proxy_pass http://127.0.0.1:port; } # # app3 # location ^~ /app3 { proxy_pass http://127.0.0.1:port; } # # BookStack # location ^~ /bookstack/ { rewrite ^/bookstack/(.*) /$1 break; proxy_pass http://127.0.0.1:port/; return 301 https://$server_name$request_uri; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } ```   BookStack Virtual Host ``` server { listen port; root /var/www/bookstack/public; index index.php index.html index.htm; server_name 127.0.0.1; access_log /var/log/nginx/bookstack_access.log; error_log /var/log/nginx/bookstack_error.log; client_max_body_size 100M; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) { deny all; } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_pass unix:/run/php/php7.2-fpm.sock; } } ``` Also an excerpt from the last logs. ``` 2018/11/22 13:27:27 [error] 3067#3067: *504 open() "/usr/share/nginx/html/login" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /login HTTP/1.1", host: "domain.name.com" 2018/11/22 13:27:34 [error] 3067#3067: *504 open() "/usr/share/nginx/html/login" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /login HTTP/1.1", host: "domain.name.com" 2018/11/22 13:30:24 [error] 3067#3067: *603 open() "/usr/share/nginx/html/translations" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /translations HTTP/1.1", host: "domain.name.com" 2018/11/22 13:30:29 [error] 3066#3066: *677 open() "/usr/share/nginx/html/translations" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /translations HTTP/1.1", host: "domain.name.com" 2018/11/22 13:31:41 [error] 3066#3066: *817 open() "/usr/share/nginx/html/books/ufw/create-page" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /books/ufw/create-page HTTP/1.1", host: "domain.name.com" 2018/11/22 13:31:59 [error] 3066#3066: *677 open() "/usr/share/nginx/html/books/ufw/create-page" failed (2: No such file or directory), client: IP, server: domain.name.com, request: "GET /books/ufw/create-page HTTP/1.1", host: "domain.name.com" ``` Hope, u guys can help me out with this.
OVERLORD added the 🐕 Support label 2026-02-04 22:56:45 +03:00
OVERLORD commented 2026-02-04 22:56:57 +03:00
Author
Owner
Copy Link

@Stackhollow commented on GitHub (Dec 4, 2018):

I don't use nginx anymore. I just switched to Apache and got the application up and running properly.

@Stackhollow commented on GitHub (Dec 4, 2018): I don't use nginx anymore. I just switched to Apache and got the application up and running properly.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🎨 Design
📖 Docs Update
🐛 Bug
🐛 Bug
:cat2:🐈 Possible duplicate
💿 Database
Open to discussion
💻 Front-End
🐕 Support
🚪 Authentication
🌍 Translations
🔌 API Task
🏭 Back-End
Upstream
🔨 Feature Request
🛠️ Enhancement
🛠️ Enhancement
🛠️ Enhancement
❤️ Happy feedback
🔒 Security
🔍 Pending Validation
💆 UX
📝 WYSIWYG Editor
🌔 Out of scope
🔩 API Request
:octocat: Admin/Meta
🖌️ View Customization
Question
🚀 Priority
🛡️ Blocked
🚚 Export System
A11y
🔧 Maintenance
> Markdown Editor
pull-request
Mirrored from GitHub Pull Request
No Label 🐕 Support
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/BookStack#922
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?