Support

Home Forums Event Espresso Premium EE4 App "Invalid Response from the upstream server"

EE4 App "Invalid Response from the upstream server"

Posted: July 26, 2018 at 5:50 am


Josh

  • Support Staff

July 26, 2018 at 8:07 am

Hi,

The documentation has a solution for that error message:

https://eventespresso.com/wiki/ee4-event-apps/#apache-fcgi


spaetverkehr

July 26, 2018 at 9:37 am

I’ve tried that solution but it doesn’t solve my problem. Is there a difference with https?


Josh

  • Support Staff

July 26, 2018 at 10:03 am

No difference. Can you outline exactly what you’ve tried so we’re not telling you to try things you’ve already tried?


spaetverkehr

July 26, 2018 at 10:11 am

I’ve tried what you’ve told me and this:

We are able to fix your site. The problem was the server wasn’t allowing the Authorization header to pass with the request. There’s an .htaccess file in the root level directory of your server that had this line of code:
RewriteRule ^index\.php$ - [L]
we changed that line of code to this:
RewriteRule ^index\.php$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
and the app will log in correctly now.

So at the moment both of those fixes are active in my htaccess file. I also tried typing the url at app login with http, https and without.


spaetverkehr

July 26, 2018 at 10:12 am

This is what my .htaccess looks like.

# Begin Custom htaccess	 	
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1	 	
# End Custom htaccess

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

# Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
	Order deny,allow
	Deny from all
</IfModule>
</Files>

# END Wordfence WAF


Josh

  • Support Staff

July 26, 2018 at 10:17 am

The second “fix” you list is no longer recommended, so that part can be changed back.

You could also try temporarily removing the WordFence rules to see if there’s a conflict.

Also, a few users have reported that installing the Application Passwords plugin resolved their issues. You can download the Application Passwords plugin from wordpress.org:

https://wordpress.org/plugins/application-passwords/


spaetverkehr

July 26, 2018 at 10:24 am

I’ve tried all three, but I still get the error message…


Josh

  • Support Staff

July 26, 2018 at 10:31 am

May I ask what’s the URL that you’re inputting into the Website URL field of the app?


spaetverkehr

July 26, 2018 at 10:32 am

spaetverkehr.de


Josh

  • Support Staff

July 26, 2018 at 10:35 am

If you temporarily deactivate all other plugins (besides Event Espresso) and temporarily switch to the default WordPress theme, do you still get the error from the app?


spaetverkehr

July 26, 2018 at 10:41 am

yup.


Josh

  • Support Staff

July 26, 2018 at 11:06 am

That narrows things down to a server configuration issue where the server isn’t allowing the Authorization headers to be passed. Usually the .htaccess edit will do the trick, but not always.

We know that the REST API on your site can send a valid response if it’s a request that doesn’t require authorization, e.g.
https://spaetverkehr.de/wp-json/ee/v4.8.36/events/
and
https://spaetverkehr.de/wp-json/ee/v4.8.36/site_info

Can you contact your host and ask them if they can allow the HTTP_AUTHORIZATION header?


spaetverkehr

July 28, 2018 at 2:31 am

They told me edit my htaccess and add:

RewriteEngine On
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]

So now it looks like this (I removed all other RewriteRules):

# Begin Custom htaccess	 	
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1	 	
# End Custom htaccess

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
</IfModule>
# END WordPress

# Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
	Order deny,allow
	Deny from all
</IfModule>
</Files>
# END Wordfence WAF

But I still get the error. I’m all out of ideas…


spaetverkehr

July 28, 2018 at 2:51 am

Okay, I found something interesting. The Application Passwords plugin was giving me this error message:

Due to a potential server misconfiguration, it seems that HTTP Basic Authorization may not work for the REST API on this site: “Authorization” headers are not being sent to WordPress by the web server. You can learn more about this problem, and a possible solution, on our GitHub Wiki.

So I did as recommended on the Wiki and added
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization}]

But as long as RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last] was part of htaccess, I would still get the above message. Removing this line of code got rid of the error message and even the REMOTE_USER line wasn’t necessary anymore.

I don’t know if this is of any help (no combination of RewriteRules has solved the original problem), but it feels like something is definitely wrong here :D.


Josh

  • Support Staff

July 28, 2018 at 1:09 pm

You should go with the .htaccess access rule suggested by the host. If the Authorization header still isn’t getting passed with their suggested .htaccess rule alone they should be able to investigate further.

Here’s how to make sure the site is using the host’s suggested .htaccess alone:

1) Deactivate the WordFence plugin
2) Navigate to the WP Dashboard’s Settings > Permalinks page, and leave that tab open
3) Take a backup and remove everything from the site’s .htaccess file
4) Add the host’s suggested .htaccess rule to the .htaccess file, and save the file
5) Click the Update button on the Settings > permalinks page
6) Reload the .htaccess file from your FTP client and verify that the custom .htaccess rule did not get overwritten when WordPress added its rewrite rules
7) Try the app


spaetverkehr

August 2, 2018 at 1:43 pm

Thanks for your continued support! I tried your 7 steps – no change. The RewriteRule definitely does not get overwritten though.

My host is asking what requirements the plugin has for their server (very open question, I know). What should I tell them?


Josh

  • Support Staff

August 2, 2018 at 2:31 pm

Specific to the issue at hand, the app requires the server allowing the Authorization header to be passed. You can point them to this Github issue where an engineer from WPEngine (another web host) left some follow up:

https://github.com/WP-API/WP-API/issues/2512


Josh

  • Support Staff

August 2, 2018 at 2:35 pm

Here’s an additional troubleshooting tip from a related issue on Github:

https://github.com/WP-API/Basic-Auth/issues/35#issuecomment-403703396

The support post ‘EE4 App "Invalid Response from the upstream server"’ is closed to new replies.

Have a question about this support post? Create a new support post in our support forums and include a link to this existing support post so we can help you.

Support forum for Event Espresso 3 and Event Espresso 4.
Documentation for EE3 and EE4
Documentation for Event Espresso 3

Documentation for Event Espresso 4

Status: closed

Updated by  Josh 2 weeks, 3 days ago ago

Topic Tags

Notifications

This topic is: not resolved
Do NOT follow this link or you will be banned from the site!