Resolving “You have a connection issue or the server is down” in n8n 1.119.1 with SSE/WSS

Questions
1

When using n8n 1.119.1 deployed via Docker + Nginx, many users encounter the following message in the frontend:

You have a connection issue or the server is down. n8n should reconnect automatically once the issue is resolved.

Additionally, the browser console or container logs may show errors like:

wss://your-n8n-domain.com/rest/push?pushRef=xxxx failed to connect
Origin header does NOT match the expected origin.
ResponseError: Invalid origin!

These issues typically involve SSE / WSS push connection failures, preventing the frontend from receiving real-time updates.

1. Symptoms

  1. n8n frontend loads normally, but real-time updates fail.

  2. Browser shows connection errors; logs indicate WebSocket or SSE failures.

  3. Container logs report Invalid origin or Origin: undefined.

2. Root Causes

2.1 SSE replaces WebSocket

  • From n8n v1.90+, the /rest/push endpoint uses Server-Sent Events (SSE) instead of WebSocket.

  • The frontend still tries WSS initially but falls back to SSE if it fails.

  • Adding WebSocket Upgrade/Connection headers in Nginx is no longer needed and may break the connection.

2.2 Origin header validation

  • n8n SSE validates that the request’s Origin matches the container’s N8N_HOST and WEBHOOK_URL.

  • If the request is missing the correct Origin header, SSE is rejected:

Origin header does NOT match the expected origin.
ResponseError: Invalid origin!

2.3 Nginx/hosting interference

  • Default PHP includes (enable-php-00.conf) may intercept /rest/push.

  • Rewrite rules or root settings can override SSE paths.

  • Nginx buffer settings can interrupt long-lived SSE connections.

3. Solution

3.1 Configure Docker environment variables

Set the following in your docker-compose or container environment:

N8N_HOST=your-n8n-domain.com
N8N_PROTOCOL=https
N8N_PORT=5678
WEBHOOK_URL=https://your-n8n-domain.com/
N8N_PUSH_BACKEND=sse
# Optional: temporarily disable origin check for cross-domain access
# N8N_DISABLE_PUSH_ORIGIN_CHECK=true

Notes:

  • Container port remains 5678; HTTPS is handled by Nginx.

  • N8N_PUSH_BACKEND=sse enables SSE.

  • N8N_DISABLE_PUSH_ORIGIN_CHECK=true can temporarily bypass origin validation if needed.

3.2 Nginx configuration (example)

server {
    listen 80;
    server_name your-n8n-domain.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    server_name your-n8n-domain.com;

    ssl_certificate     /path/to/fullchain.pem;
    ssl_certificate_key /path/to/privkey.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_tickets on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    add_header Strict-Transport-Security "max-age=31536000";

    error_page 497 https://$host$request_uri;
    error_page 404 /404.html;
    error_page 502 /502.html;

    access_log /var/log/nginx/n8n-access.log;
    error_log /var/log/nginx/n8n-error.log;

    location / {
        proxy_pass http://127.0.0.1:5678;
        proxy_http_version 1.1;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # Optional: force Origin header for cross-domain
        proxy_set_header Origin https://your-n8n-domain.com;

        # SSE settings
        proxy_set_header Cache-Control 'no-cache';
        proxy_set_header Accept 'text/event-stream';
        proxy_buffering off;
        proxy_cache off;
        proxy_read_timeout 3600;
    }

    # Disable interference from default PHP / rewrite / root
    # include enable-php-00.conf;
    # root /var/www/html;
    # include /etc/nginx/conf.d/rewrite.conf;

    location ~ .*\.(js|css|png|jpg|jpeg|gif|bmp|svg|ico|webp)$ {
        expires 30d;
        access_log off;
        error_log off;
    }

    location ~ \.well-known { allow all; }
    location ~ ^/(\.user.ini|\.htaccess|\.git|\.env|\.svn|\.project|LICENSE|README.md) { return 404; }
}

3.3 Deployment Steps

  1. Apply and restart Nginx:
nginx -t
systemctl restart nginx
  1. Update docker-compose environment variables and restart n8n:
docker-compose down
docker-compose up -d

  1. Open n8n in the browser → F12 → Network → /rest/push

    • Status: 200 OK

    • Content-Type: text/event-stream

    • Connection remains CONNECTING/OPEN → SSE works properly

  2. If Invalid origin persists, check that N8N_HOST matches the accessed domain or enable N8N_DISABLE_PUSH_ORIGIN_CHECK=true.

3.4 Notes

  • Do not use WebSocket Upgrade/Connection headers; SSE replaces WSS.

  • Keep N8N_PORT as 5678; SSL is handled by Nginx.

  • Comment out PHP includes, rewrite rules, and root directives to avoid intercepting SSE.

  • Origin check can be temporarily disabled for testing.

4. Summary

  • The “You have a connection issue or the server is down” message usually indicates SSE push is blocked.

  • n8n 1.119.1 uses SSE instead of WebSocket.

  • Correct Docker environment variables and Nginx SSE configuration are critical.

  • Origin validation is the most common reason SSE push fails.

  • With proper setup, frontend real-time updates will work and the connection message disappears.

This configuration ensures SSE push works reliably, and the n8n frontend reconnects automatically without showing connection errors.

1 Like