Stripe Webhook 错误无法连接
Stripe Webhook Error Unable to Connect
我在 Rails 中构建的网站遇到了一个奇怪的问题 4. 在开发它时,我正在使用 Ngrok 测试 Stripe webhook,结果很好,所以代码 应该 没问题,但现在在生产中我收到 Stripe 的错误消息,说它无法连接到 webhook。
此外,我想使用 Loader.io 进行一些压力测试,在添加主机后,当被要求验证他们要求上传到根目录的文件时,它也失败了 There was an error loading the URL 错误。
这不知何故让我相信我的 Nginx 配置可能有问题,即使该网站在浏览器中运行良好,我有来自北美和欧洲的用户并且没有任何关于超时或速度慢的投诉到目前为止,即使它运行在一个小 VPS.
这是 Nginx 主机文件:
server {
listen 80;
listen 443 ssl http2;
ssl on;
ssl_certificate /var/lib/acme/live/example.com/fullchain;
ssl_certificate_key /var/lib/acme/live/example.com/privkey;
# Set up preferred secure protocols and ciphers. TLS1.2 is required for HTTP/2
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
root /var/www/example/public;
server_name example.com;
if ($ssl_protocol = "") {
rewrite ^ https://$server_name$request_uri? permanent;
}
client_max_body_size 20M;
passenger_enabled on;
rails_env production;
# For issuing https certificates
location ^~ /.well-known/acme-challenge/ {
alias /var/www/acme-challenge/.well-known/acme-challenge/;
}
location ~* ^/assets/ {
# Per RFC2616 - 1 year maximum expiry
# http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
expires 1y;
add_header Cache-Control public;
# Some browsers still send conditional-GET requests if there's a
# Last-Modified header or an ETag header even if they haven't
# reached the expiry date sent in the Expires header.
add_header Last-Modified "";
add_header ETag "";
break;
}
}
这是 Rails 部分
路线
match 'stripe/webhook' => 'stripe#webhook', via: [:post, :get], as: :stripe_webhook
控制器
class StripeController < ApplicationController
protect_from_forgery :except => [:subscription, :webhook] #Otherwise the request from Stripe wouldn't make it to the controller
skip_before_action :require_login, only: [:webhook]
def webhook
Stripe.api_key = 'SECRET'
begin
event_json = JSON.parse(request.body.read)
#make sure this is the real deal by verifying the event by fetching it from Stripe
if event.has_key?("id")
event = Stripe::Event.retrieve(event_json["id"])
txt = 'OK'
handle_transaction(event)
else
txt = 'ERROR'
end
render plain: txt, layout: false, status: 200
rescue => e
Rails.logger.info "===================== ERROR ==================="
Rails.logger.info e.inspect
render plain: 'ERROR', layout: false, status: 500
end
end
#rest of the actions and private methods
#(...)
end
知道为什么会这样吗?
原来问题出在托管服务提供商层面,他们不得不将来自 stripe 的 IP 列入白名单。
如果有人需要,可以找到 IP https://stripe.com/files/ips/ips_webhooks.txt。
我在 Rails 中构建的网站遇到了一个奇怪的问题 4. 在开发它时,我正在使用 Ngrok 测试 Stripe webhook,结果很好,所以代码 应该 没问题,但现在在生产中我收到 Stripe 的错误消息,说它无法连接到 webhook。
此外,我想使用 Loader.io 进行一些压力测试,在添加主机后,当被要求验证他们要求上传到根目录的文件时,它也失败了 There was an error loading the URL 错误。
这不知何故让我相信我的 Nginx 配置可能有问题,即使该网站在浏览器中运行良好,我有来自北美和欧洲的用户并且没有任何关于超时或速度慢的投诉到目前为止,即使它运行在一个小 VPS.
这是 Nginx 主机文件:
server {
listen 80;
listen 443 ssl http2;
ssl on;
ssl_certificate /var/lib/acme/live/example.com/fullchain;
ssl_certificate_key /var/lib/acme/live/example.com/privkey;
# Set up preferred secure protocols and ciphers. TLS1.2 is required for HTTP/2
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
root /var/www/example/public;
server_name example.com;
if ($ssl_protocol = "") {
rewrite ^ https://$server_name$request_uri? permanent;
}
client_max_body_size 20M;
passenger_enabled on;
rails_env production;
# For issuing https certificates
location ^~ /.well-known/acme-challenge/ {
alias /var/www/acme-challenge/.well-known/acme-challenge/;
}
location ~* ^/assets/ {
# Per RFC2616 - 1 year maximum expiry
# http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
expires 1y;
add_header Cache-Control public;
# Some browsers still send conditional-GET requests if there's a
# Last-Modified header or an ETag header even if they haven't
# reached the expiry date sent in the Expires header.
add_header Last-Modified "";
add_header ETag "";
break;
}
}
这是 Rails 部分
路线
match 'stripe/webhook' => 'stripe#webhook', via: [:post, :get], as: :stripe_webhook
控制器
class StripeController < ApplicationController
protect_from_forgery :except => [:subscription, :webhook] #Otherwise the request from Stripe wouldn't make it to the controller
skip_before_action :require_login, only: [:webhook]
def webhook
Stripe.api_key = 'SECRET'
begin
event_json = JSON.parse(request.body.read)
#make sure this is the real deal by verifying the event by fetching it from Stripe
if event.has_key?("id")
event = Stripe::Event.retrieve(event_json["id"])
txt = 'OK'
handle_transaction(event)
else
txt = 'ERROR'
end
render plain: txt, layout: false, status: 200
rescue => e
Rails.logger.info "===================== ERROR ==================="
Rails.logger.info e.inspect
render plain: 'ERROR', layout: false, status: 500
end
end
#rest of the actions and private methods
#(...)
end
知道为什么会这样吗?
原来问题出在托管服务提供商层面,他们不得不将来自 stripe 的 IP 列入白名单。
如果有人需要,可以找到 IP https://stripe.com/files/ips/ips_webhooks.txt。