Cannot login via Browser

ℹ️ Support
1

Hi there,
I’m running a nextcloud server (migrated from owncloud) on a VPS. After the hoster did an update of its machines (switched off an on the VPS), I had problems with my nextcloud installation. I could not connect. I told them and they solved this problem. Now my nextcloud clients connect and do any syncs (also CalDav and CarDav). But I can’t login via Webbrowser. So I’m not able to manage the accounts etc.

  • I call my nextcloud-site with the browser -> Login-page is displayed
  • I type in username and passwort and hit ENTER
  • for a second the message “logging in” is shown. Then the original login-screen is displayd. None of the user-Logins are working anymore.

=> nextcloud clients are working
=> I can login to my VPS via Putty and check the filesystem etc

I tried to set some permission on the filesystem with no success (I hope I did not distroy anything).

Any idea what and where to check?

system:

  • debian 9
  • nextcloud 13.0.5.2 (out of config.php)
  • apache 2
  • php 7.2

thanks in advance
Frank

2

pls provide some logfiles… maybe they would tell us more about the problem

3

Hello again,
in what logfiles should I have a visit?

for the moment I can provide these (only the last logs):

/var/log/apache2/error.log
[Mon Nov 05 09:44:12.659172 2018] [php7:error] [pid 31083] [client 203.160.52.100:53103] script ‘/var/www/html/qwq.php’ not found or unable to stat
[Mon Nov 05 09:44:12.931325 2018] [authz_core:error] [pid 31083] [client 203.160.52.100:53103] AH01630: client denied by server configuration: /var/www/html/.php
[Mon Nov 05 09:44:13.200513 2018] [php7:error] [pid 31083] [client 203.160.52.100:53103] script ‘/var/www/html/infos.php’ not found or unable to stat
[Mon Nov 05 09:44:13.469559 2018] [php7:error] [pid 31083] [client 203.160.52.100:53103] script ‘/var/www/html/x.php’ not found or unable to stat
[Mon Nov 05 09:44:13.737700 2018] [php7:error] [pid 31083] [client 203.160.52.100:53103] script ‘/var/www/html/htfr.php’ not found or unable to stat
[Mon Nov 05 09:44:14.004234 2018] [php7:error] [pid 31083] [client 203.160.52.100:53103] script ‘/var/www/html/zzk.php’ not found or unable to stat
[Mon Nov 05 09:44:14.270551 2018] [php7:error] [pid 31083] [client 203.160.52.100:53103] script ‘/var/www/html/toor.php’ not found or unable to stat
[Mon Nov 05 09:44:14.813214 2018] [php7:error] [pid 31080] [client 203.160.52.100:7086] script ‘/var/www/html/xiaoma.php’ not found or unable to stat
[Mon Nov 05 09:44:15.085439 2018] [php7:error] [pid 31080] [client 203.160.52.100:7086] script ‘/var/www/html/xiaomae.php’ not found or unable to stat
[Mon Nov 05 09:44:15.355543 2018] [php7:error] [pid 31080] [client 203.160.52.100:7086] script ‘/var/www/html/xiaomar.php’ not found or unable to stat
[Mon Nov 05 09:44:15.632157 2018] [php7:error] [pid 31080] [client 203.160.52.100:7086] script ‘/var/www/html/qq.php’ not found or unable to stat
[Mon Nov 05 09:44:15.906116 2018] [php7:error] [pid 31080] [client 203.160.52.100:7086] script ‘/var/www/html/data.php’ not found or unable to stat
[Mon Nov 05 09:44:16.180931 2018] [php7:error] [pid 31080] [client 203.160.52.100:7086] script ‘/var/www/html/log.php’ not found or unable to stat
[Mon Nov 05 09:44:16.456369 2018] [php7:error] [pid 31080] [client 203.160.52.100:7086] script ‘/var/www/html/fack.php’ not found or unable to stat
[Mon Nov 05 09:44:16.727156 2018] [php7:error] [pid 31080] [client 203.160.52.100:7086] script ‘/var/www/html/angge.php’ not found or unable to stat
[Mon Nov 05 09:44:16.997722 2018] [php7:error] [pid 31080] [client 203.160.52.100:7086] script ‘/var/www/html/index.php’ not found or unable to stat
[Mon Nov 05 12:27:35.041326 2018] [php7:error] [pid 32048] [client 223.105.4.249:41460] script ‘/var/www/html/index.php’ not found or unable to stat

in /var/log/apache2/acess.log
::1 - - [05/Nov/2018:12:43:50 +0100] “OPTIONS * HTTP/1.0” 200 126 “-” “Apache/2.4.25 (Debian) OpenSSL/1.0.2l (internal dummy connection)”
::1 - - [05/Nov/2018:12:43:51 +0100] “OPTIONS * HTTP/1.0” 200 126 “-” “Apache/2.4.25 (Debian) OpenSSL/1.0.2l (internal dummy connection)”
::1 - - [05/Nov/2018:12:43:52 +0100] “OPTIONS * HTTP/1.0” 200 126 “-” “Apache/2.4.25 (Debian) OpenSSL/1.0.2l (internal dummy connection)”

4

No ideas?
Could this be a file-permission problem?

What permissions doas nextcloud, apache and php need?

5

i think it’s a type of misconfiguration. like could you pls check if there are files like ‘qwq.php’, ‘infos.php’ andindex.php under /var/www/html - since your logfile complains about them missing there.

about the permissions… i am not sure. there is a advice about it somewhere though.

6

No, there are no such files as var/www/html is nearly empty. It is the standard apache root. There are only a index.php and a info.php file.

My nextcloud root is /var/www/owncloud.

What logfile could tell me more?

7

Hi Frank

/var/www/html/nextcloud/data/nextcloud.log will provide more info.

Thank you

8

Ah ok. in nextcloud.log I found some of these lines:

index.php/login",“message”:“session_write_close(): open(/var/lib/php/sessions/sess_rpkfjnakd17dc7gbeqa3phdku2, O_RDWR) failed: Permission denied (13) at /var/www/owncloud/lib/private/Session/Internal.php#206”,“userAgent”:“Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36”,“version”:“13.0.5.2”}

/index.php/login",“message”:“session_write_close(): open(/var/lib/php/sessions/sess_rpkfjnakd17dc7gbeqa3phdku2, O_RDWR) failed: Permission denied (13) at /var/www/owncloud/lib/private/Session/Internal.php#206”,“userAgent”:“Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36”,“version”:“13.0.5.2”}

/index.php/login",“message”:“session_write_close(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/sessions) at /var/www/owncloud/lib/private/Session/Internal.php#206”,“userAgent”:"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safar

/index.php/login",“message”:“session_write_close(): open(/var/lib/php/sessions/sess_mnhmg24i0p2i5l9lhse9fvplr6, O_RDWR) failed: Permission denied (13) at /var/www/owncloud/lib/private/Session/Internal.php#206”,“userAgent”:“Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36”,“version”:“13.0.5.2”}

/index.php/login",“message”:“session_write_close(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/sessions) at /var/www/owncloud/lib/private/Session/Internal.php#206”,“userAgent”:"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safa

Seems to be a permission-problem.(?)
Can anyone provide me the correct permissions?

Falk

9

First, the missing .php files and errors indicate hacking attacks. You should enable strict Fail2Ban rules on your Apache Error Log Files.

Second, if it worked before the restart, and WebDAV Clients still working after restart, but your Login not, then this is a indicator that something must have been banned or disabled.

Just as rough guess: Delete all recordset in your mysql table: oc_bruteforce_attempts, delete your browser Cache and disable any DOM manipulating browser addons and retry login.

10

Ok, fail2ban is installed and running. That was a good idea! The mysql table is cleared and also the browser cache.

Same behavior.

I think the problem is still a permission as you can see in the log: “Permission denied (13) at /var/www/owncloud/lib/private/Session/Internal.php#206”,”

What is the correct permission setting to “var/www/owncloud/lib/private…”?

Regards
F.

11

Ok - finally I found a solution: I had to make

writable for www-data. Now it works. ;o)

1 Like
12

I am having the same issue, but my nextcloud.log shows login failed. I don’t know why?! Permission settings under /var/lib/php/sessions is fine. I have free storage as well. Any clue?!

{“reqId”:“DMytASAQ9W3TClTRDSy2”,“level”:2,“time”:“2020-05-13T00:29:45+00:00”,“remoteAddr”:“27.62.114.215”,“user”:"–",“app”:“core”,“method”:“GET”,“url”:"/nextcloud/index.php/core/preview.png?file=Readme%20(3).md&x=310&y=672&a=1&mode=cover",“message”:“Login failed: ‘Test1’ (Remote IP: ‘27.62.114.215’)”,“userAgent”:“Mozilla/5.0 (iOS) Nextcloud-iOS/2.25.9”,“version”:“18.0.4.2”}

{“reqId”:“fBKsd8M8HUiGVJwzH8KG”,“level”:2,“time”:“2020-05-13T00:29:45+00:00”,“remoteAddr”:“27.62.114.215”,“user”:"–",“app”:“core”,“method”:“GET”,“url”:"/nextcloud/index.php/core/preview.png?file=Readme%20(2).md&x=310&y=672&a=1&mode=cover",“message”:“Login failed: ‘Test1’ (Remote IP: ‘27.62.114.215’)”,“userAgent”:“Mozilla/5.0 (iOS) Nextcloud-iOS/2.25.9”,“version”:“18.0.4.2”}

Screenshot_15
Screenshot_151235×400 22.8 KB

sessions
sessions1079×170 7.84 KB