At my workplace we use nginx as a proxy for a socket.io messaging application that was launched around a week ago. We’ve had very few bug/error reports from users so I’m assuming that it mostly works as intended. The only problem is that when I check the nginx logs I see a lot of 400 responses. There are roughly 5 400 responses for every 101 response. I’ve Googled this all week but still haven’t found an answer.

Here is a typical log entry:

84.21.154.15 - - [30/Apr/2024:14:20:43 +0100] "GET /socket.io/?EIO=4&transport=websocket HTTP/1.1" 400 45 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15"

My application code looks like this

import express from 'express'
const app = express()
import http from 'http'
const server = http.createServer(app)
import { Server } from 'socket.io'
const io = new Server(server)
import cors from 'cors'
import winston from 'winston'
import fs from 'fs'
import mongoose from 'mongoose'

import config  from './config'
import { init } from './init'

const port = config.app.port || 3004

// CORS
app.use(cors({
  origin: '*'
}))

mongoose.connect(
  config.db.url || 'mongodb://localhost/api',
  {
    dbName: 'api',
    useUnifiedTopology: true,
    useNewUrlParser: true,
  }
)
// Get Mongoose to use the global promise library
mongoose.Promise = global.Promise
const db = mongoose.connection
db.on('error', console.error.bind(console, 'MongoDB connection error:'))

const main = () => {
  init(io)

  server.listen(port, () => {
    const ds = new Date().toISOString()
    console.log('Server started at %d on %s', port, ds)
  })
}

export default main

And my virtualhost in nginx looks like this

server{
    server_name ***.*******.***.org;
    access_log /var/log/nginx/***-access.log;
    error_log /var/log/nginx/***-error.log;
    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_pass http://*.*.**.***:3004;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-NginX-Proxy false;
    }


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/***.*******.***/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/***.*******.***/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server{
    if ($host = ***.*******.***) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    server_name ***.*******.***;
    listen 80;
    return 404; # managed by Certbot


}