diff --git a/self-hosted/restricted-instances.mdx b/self-hosted/restricted-instances.mdx index 57f7fc80..637becc2 100644 --- a/self-hosted/restricted-instances.mdx +++ b/self-hosted/restricted-instances.mdx @@ -37,13 +37,33 @@ This wildcard approach ensures all necessary widget functionalities such as conv ### Widget Assets -Make sure that static assets required by the ChatWidget are accessible. These are typically served from: +Make sure that all static and media assets the widget loads are accessible. The widget pulls from four paths: ``` https://yourdomain.com/packs +https://yourdomain.com/vite/assets +https://yourdomain.com/brand-assets +https://yourdomain.com/rails/active_storage ``` -Ensure all paths under this directory are accessible to support the widget fully. +- **`/packs`** — the SDK loader script (`packs/js/sdk.js`) embedded into the parent page. +- **`/vite/assets`** — JavaScript and CSS bundles loaded inside the widget iframe. Chatwoot migrated this UI from Webpack to Vite, so older guides referring only to `/packs` are incomplete for newer deployments. +- **`/brand-assets`** — installation-level branding (logo, favicon) shown inside the widget. +- **`/rails/active_storage`** — stored image and file attachment URLs. Without this, attachments can display as broken images or inaccessible files in the widget. + +All four paths must be publicly accessible to support the widget fully. + +Visitor file uploads are handled through the widget API endpoints covered above. If you use an external storage service such as S3, GCS, Azure Storage, or another S3-compatible provider, Chatwoot still generates `/rails/active_storage/...` URLs first and then redirects the browser to the storage provider's signed URL. In that setup, make sure visitors can also reach the storage provider or CDN hostname. + +### Widget Page + +The Chatwoot SDK loads the chat UI by injecting an iframe whose `src` points to `/widget`. This path must also be publicly accessible for the widget to render: + +``` +https://yourdomain.com/widget +``` + +Without this, the SDK script loads correctly but the iframe fails to load, resulting in a missing chat bubble. This commonly affects deployments behind authentication gateways such as Cloudflare Access, basic auth, or other ZTNA proxies. ## SMTP Configuration for Emails @@ -75,4 +95,4 @@ Implement comprehensive monitoring and logging solutions to swiftly detect and a By following these detailed instructions, your Chatwoot deployment can effectively operate within restricted network environments, ensuring a robust and secure customer support platform. - \ No newline at end of file +