I have a server running nextcloud 12, which is used to store my personal files. There is user ‘admin’ which is used only for administration, no files stored in it. I’d set a strong password and 2FA but still I see it as a security risk in my environment, since if anyone gained access to it they’d be able to gain access to my data (no encryption used) and I don’t always have my phone to login and so. So a question: can I disable the admin account via occ command safely? Can an instance run without any account having admin rights?
@Haroldas_Velioniskis I think it it is nowadays a higher security risk to use an unencrypted connections than having an admin account created on your instance. Due to the fact that you’re already using 2FA you could also use the Restrict login to IP addresses app to lock-down access to the server.
Coming back to the unencrypted connection, I recommend to use the FOC Let’s Encrypt certificate service to obtain your own certificate.
Yeah… just set a very strong password and live with it. The chances are reeally slim, that anyone gets a foot into your NC instance using your admin. It would probably easier to break into your house and steal your computer, if needed.
When talking about encryption, I meant that the files are not encrypted, I’m using HTTPS (get’s A+ at ssllabs.com). The restriction to IP seems a good idea for sure. The password is long and generated from random numbers, so I guess it’s strong. Thanks for help!
A problem: the ip lock app requires v13, which is not in my upgrade channel yet (production)
Yeah, I was also talking about the non-encrypted files. Taking control and responsibilty for your own data is what NC is about. I strong password for each account created on your NC instance is the foundation of everything else.
I wonder though, why NC 13 is not in your channel, since I upgraded right via that channel.
If I switch thr channel to ‘stable’ it shows an upgrade to 13. But ‘production’-no upgrades
Well… your choice then, of course, but stable seems stable enough. We are using it with our company for 1100+ users and experience no issues with it.