I would like to allow company internal users to have full access to Nextcloud using sync client and WebDAV but external users should be able to use only website. I know, I can’t achieve this using Nextcloud interface but if I will set reverse proxy between Nextcloud server and internet and block some URLs (responsible for sync client and web daw) for external users – is it possible? If so, could you tell me what should be blocked please?
I think not. For WebDAV you need “remote.php” but also the website uses it. Also i do not know if you can block single files (e.g. “remote.php”) on your reverse proxy.
But why are do want it? It makes NO sense to only allow website and not WebDAV.
Thank you devnull,
I want to make sure, sync client (and the best mapping drive using WebDAV) doesn’t work for external users. People who have no company computers can’t sync files.
Not sure what the benefit of that would be - if they have access through the web interface they can just write a js client that fetches the files via that route. 
@Piotrir I think with deny “remote.php” the following app does not work:
Why remote.php (WebDAV) for first picture in picture-folder
Perhaps it is possible to deny nextcloud-clients because they are listed in the user security part.
But i think you can not deny WebDAV.