Enabling htaccess to secure data-folder

I recently installed nextcloud on my ubuntu 18.04 server. Now I’m dealing with proper configuration - also http-access to prevent remote access to the /data directory.

The problem occurs when I enable the htaccess-files by chaning the directory rule in the apache.conf file to

<Directory /var/www/>
     ..
     AllowOverride all
     ..
</Directory>

The apache will send the http-errorcode 500 “internal server error”.

I consider the problem to be part of the trusted domains (cloud.mydomain.tld) and the domain rewrite rule (config.php). The domain cloud.mydomain.tld won’t let me access the folder /var/www/html/nextcloud/data/username, but git.mydomain.ttl does.

My question: How to setup the cloud that none can access the /var/www/html/nextcloud/data/username folders?

You could put the data folder completely out of the apache-root-folder (like /home/nc-data), you just have to make sure that the www-data user has full access. If you have an existing setup, there are howtos on this forum how to change the folder path.

In general: Internal Server Error -> check your webserver error logfile for more information. Rewrite rules and redirects are a good guess but there can be other issues as well.