Hello,
I hope everyone is safe here!
My domain name is like this: sub.mydomain.com
when I enter the above URL it’s just redirecting to sub.mydomain.com/login
what I want to do is:
when someone enters this URL:
sub.mydomain.com it will show a static custom HTML page or nothing.
but to log in, it should require full login URL like:
sub.mydomain.com/login
Thank you very much.
Can anyone help me please?
Hi @sevenMan
I’m not a 100% sure, but I don’t think that’s possible. At least not easily…
Can I ask why you wanna do that? Is this some kind of “security by obscurity” thing you are planing?
If so I can only say that bots will find the login page anyways… You won’t believe how many entries with /login or /wp-login.php etc. I find, when I look at my Apache logs…
Secure your server properly, make sure that you always have the latest security updates installed for all relavent packages and Nextcloud itself. Use secure passwords, 2FA and maybe something like Fail2ban. And if all this does not seem safe enough for you, don’t make it publicly available and use a VPN connection in order to access it from outside your local network.
https://docs.nextcloud.com/server/latest/admin_manual/installation/harden_server.html
I appreciate your comments. you got me correctly. i will be looking into hardening.!
For hardening it is useless to separate / and /login .
And if it would be a security feature, why is there no bug report at Github?
Ya, you are correct. NC is extremely secure than we thought it is.
Perhaps Nextcloud is not secure. But differ between / and /login does not really improve security. An Nextcloud attacker would scan /login and not / 