Steps to reproduce
- Upload file with name info.html
- Upload file with name READ_Me.kk
-
Expected behaviour
Ransomware protection should stop these files from upload to the nextcloud
Actual behaviour
All files that prohibited to upload all successfully uploaded.
General server configuration
Operating system: Linux myhqubt002 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64
Web server: Apache/2.4.18 (Ubuntu) (apache2handler)
Database: mysql 5.7.19
PHP version: 7.0.22-0ubuntu0.16.04.1
PHP-modules loaded
- Core
- date
- libxml
- openssl
- pcre
- zlib
- filter
- hash
- Reflection
- SPL
- session
- standard
- apache2handler
- mysqlnd
- PDO
- xml
- apcu
- bz2
- calendar
- ctype
- curl
- dom
- mbstring
- fileinfo
- ftp
- gd
- gettext
- iconv
- imagick
- intl
- json
- ldap
- exif
- mcrypt
- mysqli
- pdo_mysql
- Phar
- posix
- readline
- shmop
- SimpleXML
- sockets
- sysvmsg
- sysvsem
- sysvshm
- tokenizer
- wddx
- xmlreader
- xmlwriter
- xsl
- zip
- Zend OPcache
Nextcloud configuration
Nextcloud version: 12.0.3 - 12.0.3.3
Updated from an older Nextcloud/ownCloud or fresh install: YOUR ANSWER HERE
Where did you install Nextcloud from: YOUR ANSWER HERE
Are you using external storage, if yes which one: Array
(
[0] => \OC\Files\Storage\Local
[1] => \OCA\Files_External\Lib\Storage\FTP
[2] => \OC\Files\Storage\DAV
[3] => \OCA\Files_External\Lib\Storage\OwnCloud
[4] => \OCA\Files_External\Lib\Storage\SFTP
[5] => \OCA\Files_External\Lib\Storage\AmazonS3
[6] => \OCA\Files_External\Lib\Storage\Dropbox
[7] => \OCA\Files_External\Lib\Storage\Google
[8] => \OCA\Files_External\Lib\Storage\Swift
[9] => \OCA\Files_External\Lib\Storage\SFTP
)
Are you using encryption: no
Are you using an external user-backend, if yes which one: YOUR ANSWER HERE (LDAP/ActiveDirectory/Webdav/…)
Signing status
[]
Enabled apps
- activity: 2.5.2
- admin_audit: 1.2.0
- admin_notifications: 1.0.0
- announcementcenter: 3.1.0
- bruteforcesettings: 1.0.2
- circles: 0.12.4
- comments: 1.2.0
- dav: 1.3.0
- defaultgroup: 0.3.0
- drawio: 0.8.8
- federatedfilesharing: 1.2.0
- federation: 1.2.0
- files: 1.7.2
- files_accesscontrol: 1.2.5
- files_automatedtagging: 1.2.2
- files_clipboard: 0.6.4
- files_downloadactivity: 1.1.1
- files_external: 1.3.0
- files_pdfviewer: 1.1.1
- files_retention: 1.1.2
- files_sharing: 1.4.0
- files_snapshots: 0.1.1
- files_texteditor: 2.4.1
- files_trashbin: 1.2.0
- files_versions: 1.5.0
- files_videoplayer: 1.1.0
- firstrunwizard: 2.1
- gallery: 17.0.0
- groupfolders: 1.1.0
- impersonate: 1.0.1
- issuetemplate: 0.2.2
- logreader: 2.0.0
- lookup_server_connector: 1.0.0
- metadata: 0.5.0
- nextant: 1.0.8
- nextcloud_announcements: 1.1
- notes: 2.3.1
- notifications: 2.0.0
- oauth2: 1.0.5
- ojsxc: 3.3.0
- ownbackup: 17.5.0
- password_policy: 1.2.2
- provisioning_api: 1.2.0
- quota_warning: 1.1.0
- ransomware_protection: 1.0.4
- serverinfo: 1.2.0
- sharebymail: 1.2.0
- socialsharing_email: 1.0.1
- spreed: 2.0.1
- survey_client: 1.0.0
- systemtags: 1.2.0
- tasks: 0.9.5
- theming: 1.3.0
- theming_customcss: 1.0.0
- twofactor_backupcodes: 1.1.1
- updatenotification: 1.2.0
- user_ldap: 1.2.1
- workflowengine: 1.2.0
- workin2gether: 0.9.6
Disabled apps
- encryption
- user_external
Content of config/config.php
{
"instanceid": "ocx0080cp7aq",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"192.168.103.1",
"192.167.90.15",
"122.255.114.168",
"nextcloud.elken.com"
],
"datadirectory": "\/media\/mynewdrive\/nextcloud",
"overwrite.cli.url": "http:\/\/192.168.103.1\/nextcloud",
"dbtype": "mysql",
"version": "12.0.3.3",
"dbname": "nextcloud",
"dbhost": "localhost",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"mail_smtpmode": "smtp",
"mail_smtpauthtype": "PLAIN",
"mail_from_address": "nextcloud",
"mail_domain": "elken.com",
"mail_smtphost": "192.168.100.105",
"mail_smtpport": "25",
"ldapIgnoreNamingRules": false,
"ldapProviderFactory": "\\OCA\\User_LDAP\\LDAPProviderFactory",
"memcache.local": "\\OC\\Memcache\\APCu",
"updater.release.channel": "beta",
"maintenance": false,
"theme": "",
"loglevel": 2
}
LDAP config
With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your Nextcloud installation folder
Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';
Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.
Client configuration
Browser: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Operating system: YOUR ANSWER HERE
Logs
Web server error log
Insert your webserver log here
Nextcloud log (data/nextcloud.log)
Insert your Nextcloud log here
Browser log
Insert your browser log here, this could for example include:
a) The javascript console log
b) The network log
c) ...