Had to disable Apache security2 module

I just upgraded my Raspbian (Debian) Raspberry Pi from Wheezy to Stretch. All Apache pages were broken, until I enabled the php7.0 module with sudo a2enmod php7.0.

However, Nextcloud WebDAV (and CalDAV and CardDAV) were still broken. I had the following message on my admin page.

Your web server is not yet set up properly to allow file synchronization because the WebDAV interface seems to be broken.

I went through the recommended help page, but none of it was relevant. (i.e. I checked modules, config, etc. and everything was fine.)

However, I finally attempted disabling security2 with sudo a2dismod security2. After restarting apache, it worked! I’m not 100% sure of the security implications of this. In Wheezy, I had specific modsecurity rules activated in modsecurity-crs/activated_rules, but the new version doesn’t seem to have this directory.

Anyway, hopefully this is useful to anyone else updating to Stretch.