Thanks for the suggestions. As my Nextcloud is on a shared hosting platform, I cannot edit httpd.conf or vhost.
I think it would be good to have the enforcement of https implemented directly within Nextcloud or an option of Nextcloud that edits the .htaccess file and thereby keeps the integrity check valid.
Is there any news relating to enforcing https via config file or GUI on a Nextcloud 11.X installation?
Reading the comments on https://github.com/nextcloud/server/issues/132 tell me that seems to be a heavy lift.
Is there a best practice for Apache 2.4 and htaccess when you cannot change apache config itself?
Thanks in advance. Still getting used to the forum. The tag and search concept is still a bit overwhelming for me. Sorry, if I overlooked a fresher thread about this topic.
I am also interested in getting feedback on this topic. Currently I run the same settings as @ambux does. It is working fine but a security warning is popping up in the administrator menu.
Related: I found out the hard way that having: Redirect permanent / https://my.domain
before document root in your apache2.conf file causes it to not redirect, which messes up a whole slew of things, like logout.
Make sure that Redirect comes before other lines in virtual host entries, and that you do not add the server alias.