Nextcloud 29.0.6 shows Security & setup warnings - trusted_proxies

mepi0011 · 13 September 2024 16:05

Hi,

I have noticed that since one of the last Nextcloud updates I get a Security & setup warning!

How can I change my settings to solve these messages?

* Your data directory and files are probably accessible from the internet. The .htaccess file is not working. It is strongly recommended that you configure your web server so that the data directory is no longer accessible, or move the data directory outside the web server document root.
* Your "trusted_proxies" setting is not correctly set, it should be an array of IP addresses - optionally with range in CIDR notation. For more details see the documentation ↗.

j0nnymoe · 13 September 2024 16:16

Check that your config.php file is configured correctly. If you’re using SWAG, it will tell you how in the proxy-conf.

mepi0011 · 13 September 2024 18:02

Yes, I use SWAG.

In the config.php I have the hostname (swag) in the trusted_proxies array.
As I understand is to change this to an IP4 or IP6 address.

What is the correct IP address from swag?
In my router I forward the port 443 to 192.168.128.xx
The docker container has a network (swag_default) in which swag has the address 172.23.0.x/16

I think I have to insert the IP addreas of the docker network (172.23.0.x/16). How can I ensure that swag gets the same IP address after a restart of docker?

j0nnymoe · 13 September 2024 18:16

I was kind of expecting you to provide an example of your config.php but never mind.

Does it look like this:
'trusted_proxies' => [gethostbyname('swag')], ?

You don’t need to set a static IP on a container.

mepi0011 · 13 September 2024 18:31

My confi.php at this point looks like this:

  'trusted_proxies' => 
  array (
    0 => 'swag',
  ),

I have now changed the config.php according to your suggestion as follows:

  'trusted_proxies' => 
  array (
    0 => gethostbyname('swag'),
  ),

The second error message from nextcloud has now disappeared.

Now I just have to solve the following error:

Your data directory and files are probably accessible from the internet. The .htaccess file is not working. It is strongly recommended that you configure your web server so that the data directory is no longer accessible, or move the data directory outside the web server document root.

Any hint?

j0nnymoe · 13 September 2024 18:34

Again config.php issue, I believe it’s the array section where you have your domain listed and ip address - the IP address needs to be removed.

Probably wise to post that snippet from your config.

mepi0011 · 13 September 2024 18:39

Snippset fon my config.php where I define the trusted domains:

  'trusted_domains' => 
  array (
    0 => 'nas',
    1 => '192.168.xx.xx',
    2 => 'nextcloud.<my_domain>',
  ),

I removed the IP addresses and the domain name ‘nas’ and the error message is gone!

system · 18 September 2024 18:40

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.