Getting Pretty URLs broke access to my Nextcloud

I just did a fresh install of Linux Mint 18 and Nextcloud. Got everything working and thought I’d try to get the Pretty URLs working. But now since playing with it, trying to access my site went from working to “Nextcloud: Access Denied.”

I have a domain: http://awildmango.com, and I was trying to get the URL for the nextcloud login page to be http://upload.awildmango.com instead of http://upload.awildmango.com/nextcloud. But after attempting this, even trying to get to it from upload.awildmango.com/nextcloud doesn’t work.

When I try to access it from upload.awildmango.com I get this:

Version is 11.0.2
My Nextcloud installation is at /var/www/html/nextcloud

Here is my nextcloud/config/config.php

<?php $CONFIG = array ( 'instanceid' => '*********', 'passwordsalt' => '**********', 'secret' => '***********', 'trusted_domains' => array ( 0 => 'upload.awildmango.com', 1 => 'localhost'

),
‘datadirectory’ => ‘/MyZFSPool/NextCloudData/data’,
‘overwrite.cli.url’ => ‘http://upload.awildmango.com’,
‘htaccess.RewriteBase’ => ‘/’,
‘dbtype’ => ‘mysql’,
‘version’ => ‘11.0.2.7’,
‘dbname’ => ‘nextcloud’,
‘dbhost’ => ‘localhost’,
‘dbport’ => ‘’,
‘dbtableprefix’ => ‘oc_’,
‘dbuser’ => ‘',
‘dbpassword’ => '
***’,
‘logtimezone’ => ‘UTC’,
‘installed’ => true,
);

Heres /etc/apache2/sites-available/nextcloud.conf

<VirtualHost *:80>

DocumentRoot “/var/www/html/nextcloud/”
ServerName upload.awildmango.com

Alias /nextcloud “/var/www/html/nextcloud/”

<Directory “/var/www/html/nextcloud/”>
Options +FollowSymlinks
AllowOverride All
Order Allow,Deny

Dav off

SetEnv HOME /var/www/html/nextcloud/
SetEnv HTTP_HOME /var/www/html/nextcloud/

ErrorLog /var/log/apache2/awildmango.com-error_log CustomLog /var/log/apache2/awildmango.com-access_log common

I also have a2enmod env and a2enmod rewrite enabled

I’ve also updated the .htaccess with:

sudo -u www-data php occ maintenance:update:htaccess

Here is .htaccess current output: (screenshot because formatting gets messed up on forum in text)

###To set up the permissions originally I ran the script in the Nextcloud documentation, and modified it for my storage path. Heres what I ran:

#!/bin/bash
ocpath=‘/var/www/html/nextcloud’
htuser=‘www-data’
htgroup=‘www-data’
rootuser=‘root’

printf “Creating possible missing Directories\n”
mkdir -p /MyZFSPool/NextCloudData/data
mkdir -p $ocpath/assets
mkdir -p $ocpath/updater

printf “chmod Files and Directories\n”
find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640
find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750
chmod 755 ${ocpath}

printf “chown Directories\n”
chown -R ${rootuser}:${htgroup} ${ocpath}/
chown -R ${htuser}:${htgroup} ${ocpath}/apps/
chown -R ${htuser}:${htgroup} ${ocpath}/assets/
chown -R ${htuser}:${htgroup} ${ocpath}/config/
chown -R ${htuser}:${htgroup} /MyZFSPool/NextCloudData/data/
chown -R ${htuser}:${htgroup} ${ocpath}/themes/
chown -R ${htuser}:${htgroup} ${ocpath}/updater/

chmod +x ${ocpath}/occ

printf “chmod/chown .htaccess\n”
if [ -f ${ocpath}/.htaccess ]
then
chmod 0644 ${ocpath}/.htaccess
chown ${rootuser}:${htgroup} ${ocpath}/.htaccess
fi
if [ -f /MyZFSPool/NextCloudData/data/.htaccess ]
then
chmod 0644 /MyZFSPool/NextCloudData/data/.htaccess
chown ${rootuser}:${htgroup} /MyZFSPool/NextCloudData/data/.htaccess
fi

###Heres the output from an ls in my Nextcloud directory

###I can’t think of anything else that would be helpful to include, let me know of any other info you’d need to see to help troubleshoot
Any help would be greatly appreciated because I can’t access my Nextcloud web interface at all!

Hi @ShadowWolf810 it looks like you’ve been hit with the htaccess bug.

@LukasReschke

Do you have a backup of the htaccess file before you made changes? If so, copy everything from above the ### Do not change anything above this line ### and paste it back into the file.

Hi @JasonBayton Thanks for the reply. I found a work around from some other forum posts, and have gotten the URLs working correctly.

I made the ‘htaccess.RewriteBase’ => ‘/’, change to my config file. And for the overwrite.cli.url, I changed it to http://192.168.1.200 which is the local IP of my server (not sure if this actually affected anything or if my domain name would have worked as well). Then I manually changed the permissions of the .htaccess file to root temporarily to allow for read and writes. Then I logged in as root and ran the occ maintenance:update:htaccess command. It updated the file, then I manually changed the permissions on .htaccess back to www-data.

Then I added:

< Files .htaccess >
order allow,deny
deny from all
< /Files >

To my apache.conf file to ensure there were no security risk there.

Let me know if I can be of any help for additional info!

You should have done that before running the OCC command as a first step

You’re essentially forcing NC to “overwrite” the URL, so if you access the server remotely you may run into issues, since an internal IP can’t be resolved from outside your network.

Sorry worded that poorly. I was just going over the steps I took to work around the issue. I tried the htaccess.RewriteBase’ => ‘/’, as my first step when I originally posted this. Then started from there again, and changed the permissions manually, then ran the OCC command.

As far as the remote access goes, it doesn’t seem to have affected it. I can still ssh to the machine from the local ip within the network, as well as using the public IP.

On a side note, is it normal for a ton of IP addresses to try to connect to my machine? I’ve been watching the logs and have had about 20 different IPs from China, Africa, Netherlands, you name it cause a “Trusted Domain Error “Their IP” tried to access “My IP” as host.” I’ve just been adding those IP addresses to the firewall on the server to drop all connection, is that sufficient?

Ah OK, sorry :slight_smile:

Sorry, overwrite URL generally overwrites the link in the URL bar from https://mydomain.com/nextcloud to https://192.215.0.3/nextcloud - it doesn’t have any impact on connectivity of the server, just the URL in a browser.

If it’s a public server, you’ll have to get used to that; perfectly normal :slight_smile:

Hmm interesting, because I have the overwrite URL set as http://192.168.1.200, but my URL still shows up correctly. https://upload.awildmango.com

Another question for you, how do I go about separating the different webpages? (I’m learning a lot but still new to all these web hosting shenanigans). So for example I want https://upload.awildmango.com to go to the Nextcloud sign in page, and then https://awildmango.com to go to a regular homepage of a website that I have yet to build. But currently both domains take you to the Nextcloud login page.

Gotcha, I sort of figured. It is a public server, is just mildly spooky. Will the logs in the admin page notify me if someone did gain access? And is it referencing someone trying to ssh into the machine and log in as root or…?