403 on MKCOL, DELETE, and PUT

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version: 23.0.6
Operating system and version: UNRAID 6.10.3
Apache or nginx version (eg, Apache 2.4.25): nginx 2018/08/16
PHP version (eg, 7.4): 7.4.26

The issue you are facing: HTTP 403 whenever a WebDAV client or a client in the webpage tries to create or delete a folder.

Is this the first time you’ve seen this error? (Y/N):N

Steps to replicate it:
WebDAV client(Desktop app in this case)

  1. Try to sync new folder
  2. Receive 403 error
    WebUI
  3. Try to create folder
  4. Get a “could not create folder” error popup, browser dev tools point out that it is a 403 error

The output of your Nextcloud log in Admin > Logging:

Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T16:17:02-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T16:17:02-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/InstantUpload/Messenger/received_856443728319266.jpeg		2022-07-16T16:17:02-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:50:28-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:50:28-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:50:27-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T13:50:27-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/Documents/2022 Junior Fair/2022 Judges/2022 Judges Confirmation Letters/2022 Showman of Showmwen.doc		2022-07-16T13:50:27-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:50:27-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:49:32-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:49:31-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:49:31-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:49:31-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T13:49:31-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/Documents/2022 Junior Fair/2022 Judges/2022 Judges Confirmation Letters/2022 Showman of Showmwen.doc		2022-07-16T13:49:31-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:49:31-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T13:49:31-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/Documents/2021 Junior Fair/2021 Sponsors/2021 Saddle Horse/Copy of 2018 SPONSOR VENDORS LIST (2).xls		2022-07-16T13:49:31-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:49:30-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T13:49:30-0400
Error	PHP	Allowed memory size of 536870912 bytes exhausted (tried to allocate 20480 bytes) at /config/www/nextcloud/apps/mail/vendor/bytestream/horde-stream/lib/Horde/Stream.php#402		2022-07-16T13:37:25-0400
Fatal	webdav	Sabre\DAV\Exception\ServiceUnavailable: System is in maintenance mode.		2022-07-16T13:14:02-0400
Fatal	webdav	Sabre\DAV\Exception\ServiceUnavailable: System is in maintenance mode.		2022-07-16T13:14:01-0400
Fatal	webdav	Sabre\DAV\Exception\ServiceUnavailable: System is in maintenance mode.		2022-07-16T13:14:01-0400
Error		OCA\Circles\Exceptions\MigrationException: A migration process is already running		2022-07-16T13:14:00-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:59:13-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:58:55-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T12:58:55-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/Documents/Default.rdp		2022-07-16T12:58:55-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:58:10-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T12:58:10-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/Documents/2021 Junior Fair/2021 Sponsors/2021 Goat Sponsors/Goat sponsors 8.23.21.xls		2022-07-16T12:58:10-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:57:52-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:57:52-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T12:57:52-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/InstantUpload/VZMedia/141049.jpeg		2022-07-16T12:57:52-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:57:48-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T12:57:48-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/Documents/2021 Junior Fair/2021 Sponsors/2021 Saddle Horse/Copy of 2018 SPONSOR VENDORS LIST (2).xls		2022-07-16T12:57:48-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:57:47-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T12:57:47-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/InstantUpload/Messenger/received_856443728319266.jpeg		2022-07-16T12:57:47-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:57:43-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:57:40-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:57:37-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:57:35-0400
Error	no app in context	OC\ServerNotAvailableException: Legacy cipher is no longer supported!		2022-07-16T12:57:35-0400
Error	no app in context	Couldn't re-calculate unencrypted size for files/Documents/2022 Junior Fair/2022 Judges/2022 Judges Confirmation Letters/2022 Showman of Showmwen.doc		2022-07-16T12:57:35-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!		2022-07-16T12:57:35-0400
Fatal	webdav	Sabre\DAV\Exception: Legacy cipher is no longer supported!

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'ocrg3shpyyq5',
  'passwordsalt' => '+L7ogZ/h3F0PpefF2KX9vx9TouSM25',
  'secret' => 'k9g29712Xy0WLY2pzPUUxmV0i/PEw8NVR5sTen5/7CB3S50C',
  'trusted_domains' => 
  array (
    0 => '192.168.0.112',
    1 => 'url.of.nextcloud',
  ),
  'trusted_proxies' => 
  array (
    0 => '192.168.0.212',
  ),
  'overwritehost' => 'url.of.nextcloud',
  'overwriteprotocol' => 'https',
  'overwritewebroot' => '/nextcloud',
  'dbtype' => 'mysql',
  'version' => '23.0.6.1',
  'overwrite.cli.url' => 'https://url.of.nextcloud/nextcloud',
  'dbname' => 'nextcloud',
  'dbhost' => '192.168.0.112:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => '########',
  'installed' => true,
  'theme' => '',
  'loglevel' => 0,
  'maintenance' => false,
  'mail_from_address' => 'address',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => 'gmail.com',
  'mail_smtphost' => 'smtp.gmail.com',
  'mail_smtpport' => '587',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 'address@gmail.com',
  'mail_smtppassword' => '###########',
  'mail_smtpsecure' => 'tls',
  'default_phone_region' => '.us',
);

The output of your Apache/nginx/system log in /var/log/____:

Either unable to find it, or no log available

Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

N/A

Do you use the server-side encryption?

You have these warnings about the Legacy cipher, I don’t know if that is linked with the creation of folders. Because you said it is linked to the clients, if you create folder or do the same things via web-interface it works?

For the legacy encryption stuff:
https://docs.nextcloud.com/server/23/admin_manual/configuration_files/encryption_migration.html

Important: Before you touch anything regarding enryption, make sure to have a full backup of the current situation (data, config-file, current database dump), so in the worst case you can always get back to the current situation!

The webserver logs could be of interest as well to identify permission issues, a full disk or something like that.

About the legacy encryption stuff: I did run the encryption migration. I will try running the command again, since it is still giving the error.

When I try to create a folder or a file in web interface it does not work, it throws a 403 error in the dev tools.

Can you say which lines of logs are created, when you try this?
The webserver access and error logs would be very interesting as well. For linux, you usually have them in the /var/log folder…

Sorry for the wait. the /var/log/nginx folder has an error.log, but it is empty.
I have been decrypting the files in my installation to remove that as a factor in this. It is still only around half way done decrypting.

After doing some digging i get the following message in logging when trying to make a file inside of my documents folder specifically. I will note that i can create files in other folders just fine

|Error|no app in context|OCP\Files\NotPermittedException: Could not create path

  1. /config/www/nextcloud/lib/private/Files/Template/TemplateManager.php - line 162:OC\Files\Node\Folder->newFile()
  2. /config/www/nextcloud/apps/files/lib/Controller/TemplateController.php - line 57:OC\Files\Template\TemplateManager->createFromTemplate()
  3. /config/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 217:OCA\Files\Controller\TemplateController->create()
  4. /config/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 126:OC\AppFramework\Http\Dispatcher->executeController()
  5. /config/www/nextcloud/lib/private/AppFramework/App.php - line 157:OC\AppFramework\Http\Dispatcher->dispatch()
  6. /config/www/nextcloud/lib/private/Route/Router.php - line 302:OC\AppFramework\App::main()
  7. /config/www/nextcloud/ocs/v1.php - line 62:OC\Route\Router->match()
  8. /config/www/nextcloud/ocs/v2.php - line 23:require_once(“/config/www … p”)|
    | — | — |

Actually, figured out the issue. I run this in the linuxserver docker container, for reference. I wondered why it only happened to a specific file, and after digging into the data directory in my container i discovered the specific file that gave me 403 errors belonged to root instead of the docker container user.