I have a question in which I’ve been biting my teeth for some time.
I always get notified via the Fail2Ban protocol that there are authorization problems.
Excerpt from the Fail2Ban log for a whole day for error 401
(I replaced the usernames with User1 / User2):
/remote.php/dav/principals/users/User1/: 53 Time(s)
/remote.php/dav/calendars/User1/: 45 Time(s)
/remote.php/dav/principals/users/User2/: 27 Time(s)
/remote.php/dav/addressbooks/users/User1/contacts/: 22 Time(s)
/remote.php/dav/calendars/User2/: 13 Time(s)
/remote.php/dav/principals/users/: 4 Time(s) /remote.php/dav/addressbooks/users/User1/: 1 Time(s) /remote.php/dav/calendars/User2/inbox/: 1 Time(s) /remote.php/dav/calendars/User1/inbox/: 1 Time(s) /remote.php/dav/calendars/User1/personal/ ... 11545F6302C.ics: 1 Time(s)
I suspect that it is the DAV protocol, with which I sync the calendars and contacts on various iOS devices.
I’ve turned on two-factoring and assigned an App-PW for each app.
The Sync also works satisfactorily, I just can not explain the error messages.
In the relevant forums I have already searched, but I have come to no success.
It seems that if an iOS device wants to sync, it will be rejected first and will be accepted by the server on the second try ?!
I read this live in the log /var/log/apache2/nextcloud-access.log.
Some lines of /var/log/apache2/nextcloud-access.log:
XX.XXX.XXX.XXX - - [21/Aug/2019:08:26:10 +0200] “PROPFIND /remote.php/dav/principals/users/USER1/ HTTP/1.1” 401 5847 “-” “iOS/12.4 (16G77) dataaccessd/1.0”
XX.XXX.XXX.XXX - - [21/Aug/2019:08:26:11 +0200] “REPORT /remote.php/dav/principals/users/ HTTP/1.1” 401 1290 “-” “iOS/12.4 (16G77) dataaccessd/1.0”
XX.XXX.XXX.XXX - - [21/Aug/2019:08:26:11 +0200] “PROPFIND /remote.php/dav/calendars/User1/ HTTP/1.1” 401 1290 “-” “iOS/12.4 (16G77) dataaccessd/1.0”
Nextcloud version 220.127.116.11
Operating system and version Ubuntu 18.04 LTS)
PHP version 7.3.8
I have already suspected http2 and have disabled it - unfortunately without success.
Any ideas? I hope you can help me.