Failed to load resource: the server responded with a status of 405 (Not Allowed) needs help on nginx.conf

Question

I have full MERN stack app with AXIOS. On my localhost, the app works perfectly but when I deploy the app on nginx, all the POST request gets denied. I tried many solutions that I found on the web but doesn't work. I think it's CORS problem/ nginx config problem. Did I make Nginx.conf right? My node is running on localhost:8000, React on localhost:3000.

EDIT

Things that I have tried:

Nginx.conf:

server {
    listen 80;

server_name lovechangingtheworld.org;

location / {
    proxy_pass http://localhost:8000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    }

}

Do I need this on node too?

router.use((request, response, next) => {
  response.header("Access-Control-Allow-Origin", "*");
  response.header(
    "Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS"
  );
  response.header("Access-Control-Allow-Headers", "Content-Type");
  next();
});

node:

const express = require("express");
const router = express.Router();

const bcrypt = require("bcryptjs");
const jwt = require("jsonwebtoken");
const keys = require("../../config/keys");
const passport = require("passport");

// Load Input Validation
const validateRegisterInput = require("../../validation/register");
const validateLoginInput = require("../../validation/login");

// Load User model
const User = require("../../models/User");

router.use((request, response, next) => {
  response.header("Access-Control-Allow-Origin", "*");
  response.header(
    "Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS"
  );
  response.header("Access-Control-Allow-Headers", "Content-Type");
  next();
});



// @route   GET api/users/test
// @desc    Tests users route
// @access  Public
router.get("/test", (req, res) => res.json({ msg: "Users Works" }));

// @route   POST api/users/register
// @desc    Register user
// @access  Public
router.post("/register", (req, res) => {
  console.log("333333333333333333333333", req.body);
  const { errors, isValid } = validateRegisterInput(req.body);

  // Check Validation
  if (!isValid) {
    return res.status(400).json(errors);
  }

  User.findOne({ email: req.body.email }).then(user => {
    if (user) {
      errors.email = "Email already exists";
      return res.status(400).json(errors);
    } else {
      // const avatar = gravatar.url(req.body.email, {
      //     s: '200', // Size
      //     r: 'pg', // Rating
      //     d: 'mm' // Default
      // });

      const newUser = new User({
        name: req.body.name,
        email: req.body.email,

        password: req.body.password
      });

      bcrypt.genSalt(10, (err, salt) => {
        bcrypt.hash(newUser.password, salt, (err, hash) => {
          if (err) throw err;
          newUser.password = hash;
          newUser
            .save()
            .then(user => res.json(user))
            .catch(err => console.log(err));
        });
      });
    }
  });
});

// @route   GET api/users/login
// @desc    Login User / Returning JWT Token
// @access  Public
router.post("/login", (req, res) => {
  const { errors, isValid } = validateLoginInput(req.body);

  // Check Validation
  if (!isValid) {
    return res.status(400).json(errors);
  }

  const email = req.body.email;
  const password = req.body.password;

  // Find user by email
  User.findOne({ email }).then(user => {
    // Check for user
    if (!user) {
      errors.email = "User not found";
      return res.status(404).json(errors);
    }

    // Check Password
    bcrypt.compare(password, user.password).then(isMatch => {
      if (isMatch) {
        // User Matched
        const payload = {
          id: user.id,
          name: user.name,
          admin: user.adminLevel
        }; // Create JWT Payload

        // Sign Token
        jwt.sign(
          payload,
          keys.secretOrKey,
          { expiresIn: 3600 },
          (err, token) => {
            res.json({
              success: true,
              token: "Bearer " + token
            });
          }
        );
      } else {
        errors.password = "Password incorrect";
        return res.status(400).json(errors);
      }
    });
  });
});

// @route   GET api/users
// @desc    Get users
// @access  Public
router.get("/", (req, res) => {
  User.find({})
    .sort({ date: -1 })
    .then(users => {
      console.log("get", users), res.json(users);
    })
    .catch(err => res.status(404).json({ nousersfound: "No users found" }));
});

// @route   GET api/users/:id
// @desc    Get eventful by id
// @access  Public
router.get("/:id", (req, res) => {
  User.findById(req.params.id)
    .then(user => {
      console.log(user), res.json(user);
    })
    .catch(err =>
      res.status(404).json({ nouserfound: "No user found with that ID" })
    );
});

// @route   POST api/users/:id
// @desc    change user to admin
// @access  Private
router.post(
  "/:id",
  passport.authenticate("jwt", { session: false }),
  (req, res) => {
    User.findOne({ _id: req.params.id })
      .then(user => {
        console.log("1231231231", user);
        if (user) {
            if(user.adminLevel)
                user.adminLevel = false;
            else
                user.adminLevel = true;
        }
        user.save().then(user => res.json(user));
      })
      .catch(err => res.status(404).json({ usernotfound: "No post found" }));
  }
);

// @route   GET api/users/current
// @desc    Return current user
// @access  Private
router.get(
  "/current",
  passport.authenticate("jwt", { session: false }),
  (req, res) => {
    res.json({
      id: req.user.id,
      name: req.user.name,
      email: req.user.email,
      admin: req.user.adminLevel
    });
  }
);

// @route   DELETE api/users
// @desc    Delete user
// @access  Private
router.delete(
  "/",
  passport.authenticate("jwt", { session: false }),
  (req, res) => {
    console.log("at route", req.body);

    User.findOneAndRemove({ _id: req.user.id }).then(() =>
      res.json({ success: true })
    );
  }
);

module.exports = router;

I just want to write my answer for future people who have the same problem. I was stuck in 405 for 4 hours. **I just wanna mention that maybe the nginx .conf file is not the only place you can find the issue** after I reviewed my codes I understand it's not the nginx problem, it's a back-end problem. In my code for user login, the place that I validate the token, I send a request to the front-end instead of the back-end itself... what a shame... I fixed it and my app is working fine now... — Raskul, Nov 21 '21 at 22:13

Stamos · Accepted Answer · 2019-01-09T10:09:49.687

3

The nginx configuration that you have is wrong. For node app to be exposed through nginx you need a Reverse Proxy I have already answered a related question

nginx config for Reverse proxy using no SSL. server.

server {
    listen 80;

    server_name example.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

}

Using SSL

server {

    listen 443;
    server_name example.com;

    ssl_certificate           /etc/letsencrypt/fullchain.pem;
    ssl_certificate_key       /etc/letsencrypt/privkey.pem;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    location / {

      proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-Proto $scheme;

      # Fix the “It appears that your reverse proxy set up is broken" error.
      proxy_pass          http://localhost:3000;
      proxy_read_timeout  90s;

      proxy_redirect      http://localhost:3000 https://example.com;
    }
 }

In the example.com you put your domain that you have registered with the IP of your. If you dont have a domain you can test it by adding it in the hosts How to add an IP to hostname file

Example 127.0.0.1 example.com

Where ever you see http://localhost:3000; you put the IP and port of the internal node app. In case its in the same machine you leave it as localhost:port.

EDIT 1

In you case

server {
    listen 80;

    server_name lovechangingworld.org;

    location / {
        proxy_pass http://localhost:8000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

}

EDIT 2

For nodemailer to work there are two ways.Lets say that nodemailer runs at port localhost:3000 Either use a port like lovechangingworld.org:8088 or create a subdomain like mail.lovechangingworld.org. Create file in sites-available touch mail.lovechangingworld.org 2. Add the configuration

Example 1 new subdomain:

server {
        listen 80;

        server_name mail.lovechangingworld.org;

        location / {
            proxy_pass http://localhost:3000;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }

    }

Example 2 diferent port:

 server {
            listen 8088;

            server_name lovechangingworld.org;

            location / {
                proxy_pass http://localhost:3000;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection 'upgrade';
                proxy_set_header Host $host;
                proxy_cache_bypass $http_upgrade;
            }

        }

edited Jan 09 '19 at 10:09

answered Jan 07 '19 at 07:56

Stamos

3,938
1
22
48

Like this??? server { listen 80; server_name lovechangingworld.org:8000; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } } This doesn't work, same error. And Im confused No SSL. I signed into ubuntu with SSL. which one do i use? – I.Y Jan 07 '19 at 20:44
what port do you start the nodeJS app? port 8000? in that case remove the 8000 from the domain name and leave as `lovechangingworld.org` and replace the `localhost:3000` with `localhost:8000;`. I added an example in you answer with port 8000 – Stamos Jan 08 '19 at 06:10
ok. I tried that too. that's the last thing i tried and still doesnt work. on pm2 status tho, some errors has been gone. but still giving me 405 methods not allowed – I.Y Jan 08 '19 at 06:23
Does `lovechangingworld.org` point to the IP address of you node server? – Stamos Jan 08 '19 at 07:12
Maybe you have other configurations? – Stamos Jan 08 '19 at 07:37
I believe yes, lovechangingtheworld.org because the site has nodemailer and that works. what other configs that i can check? these are pm2 logs: 0|server | App listening on port 8000! 0|server | MongoDB Connected 0|server | Server is ready to take messages /home/lovechangetw/.pm2/logs/static-page-server-8080-out.log last 15 lines: 1|static-p | Exposing /var/www/LCTW/client/build directory on port 8080 – I.Y Jan 08 '19 at 07:39
Also i notice that nginx.conf is almost identical as file in cd /etc/nginx/sites-available. Are they supposed to be same? – I.Y Jan 08 '19 at 08:42
Well if you havent changed any files in `/etc/nginx/sites-available/` then you have to check if you have put your config in the correct place. In the abode dir remove the default and create a file like `lovechangingtheworld.org` and in there add the above config. – Stamos Jan 08 '19 at 13:01
Thank you so much, I finally got it to deploy. I got rid of the nginx.conf and added it at /etc/nginx/sites-available/. But I have other issues now, which I fixed it before with the wrong nginx.conf setup... React-router urls don't work when refreshing or writting manually. any thoughts? and Also my Nodemailer stop working with CORS errors – I.Y Jan 09 '19 at 08:58
You have to configure a new server that will handle the `nodemailer`. I ll add an example. – Stamos Jan 09 '19 at 09:56
Do I have to have `server_name`? tutorial and I was taught, just `server { listen 80; location / { proxy_pass http://10.198.8.84:8000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } }` without `server_name`. This config is on `/etc/nginx/sites-available`. So you are saying I need to make another file. similar to this but different port? – I.Y Jan 09 '19 at 19:40
node is running on localhost:8000, react is runing on localhost:3000 above comment is exactly how its setup for me. – I.Y Jan 09 '19 at 19:44
Actually, Nodemailer works if I am **not** logged in... ERROR: Access to XMLHttpRequest at 'http://lovechangingtheworld.org:8000/sendvolunteer' from origin 'http://lovechangingtheworld.org' has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response. createError.js:16 Uncaught (in promise) Error: Network Error at e.exports (createError.js:16) at XMLHttpRequest.d.onerror (xhr.js:87) Is this the same issues? – I.Y Jan 09 '19 at 21:14
I prefer subdomains. Actually you can have many servers in localhost and change ports.Following the example 1 with ports `3000`,`3001`,`3002`, `8000`, and then create subdomains like `loveworld.org` for `3000`, ian.loveworld.org for `3001`, stamos.loveworld.org for `3002`, mail.loveworld.org for `8000` – Stamos Jan 10 '19 at 07:16
Do I change the `listen xxxx;` to ports? Or change the `proxy_pass http://localhost:xxxx;`? my node is running on 8000 – I.Y Jan 10 '19 at 07:58
You only change `server_name` and `proxy_pass` listen is always `80`. Check out [Difference between proxy server and reverse proxy server](https://stackoverflow.com/questions/224664/difference-between-proxy-server-and-reverse-proxy-server) it has many exelent examples. It is better to anderstand the philosophy, how it works and why first. – Stamos Jan 10 '19 at 08:09
Ok. is `server_name lovechangingtheworld.org/mailing` ok? do I put the actual URL? – I.Y Jan 10 '19 at 08:13
I didnt really set up port config on nodemailer. according to this [https://nodemailer.com/smtp/] doc said port 587 or 465? Do i have to go config it? – I.Y Jan 10 '19 at 08:29
[https://stackoverflow.com/questions/54123312/nodemailer-doesnt-work-correctly-full-react-redux-project-with-node-and-expre] I made a new post with my codes that are related to this error if you want to see my codes. I really appreciate your help. I am pretty noob at these. @Stamos – I.Y Jan 10 '19 at 08:53

score 1 · Answer 2 · answered Jan 07 '19 at 06:14

1

server_name should be server name, you are providing document root instead.
run your node app on server and provide a reverse proxy in your Nginx conf to your node app.
you can use This doc to setup a Nodejs app for production

answered Jan 07 '19 at 06:14

Mozafar Gholami

141
3

Failed to load resource: the server responded with a status of 405 (Not Allowed) needs help on nginx.conf

2 Answers2