Hi. I have problems with access to nextcloud.com This is due to the lock-in in Russia? If so please transfer the resource to another ip?
ihorcss ~ # curl nextcloud.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://nextcloud.com/">here</a>.</p>
<hr>
<address>Apache/2.4.18 (Ubuntu) Server at nextcloud.com Port 80</address>
</body></html>
ihorcss ~ # ping nextcloud.com
PING nextcloud.com (165.227.162.232) 56(84) bytes of data.
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=1 ttl=61 time=40.0 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=2 ttl=61 time=40.1 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=3 ttl=61 time=40.0 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=4 ttl=61 time=40.1 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=5 ttl=61 time=40.0 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=6 ttl=61 time=40.0 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=7 ttl=61 time=40.1 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=8 ttl=61 time=40.1 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=9 ttl=61 time=40.0 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=10 ttl=61 time=40.1 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=11 ttl=61 time=40.1 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=12 ttl=61 time=40.0 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=13 ttl=61 time=40.0 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=14 ttl=61 time=40.1 ms
64 bytes from nextcloud.com (165.227.162.232): icmp_seq=15 ttl=61 time=40.1 ms
^C
--- nextcloud.com ping statistics ---
15 packets transmitted, 15 received, 0% packet loss, time 14018ms
rtt min/avg/max/mdev = 40.040/40.113/40.188/0.170 ms
Looks like redirection problem, code 302 is common way do redirect things, e.g. from http to https.
In Russia it is common to block IP ranges because of new Network regulation (just google it) and a lot of good services are suffering about it (they could be also blocked). User should be redirected to Landing Page saying “this content blocked blablabla” but in case of https it is done very unprofessional: some operators try to do man in the middle attack and push you some “valid” but other certificate to redirect you to landing page. With new browsers it does not work very good. Try to visit https link directly and check if redirect still happens.
do they still try to fight telegram-messenger? i have heard about russian gourvernment blocking wirde IP-ranges to fight telegram, regardless of colateral damage done to other services
It is not entirely clear. When I was in Russia earlier this year, sometimes it worked (DSL or whatever it is), sometimes it did not (MTS iirc), and different with WiFi providers. So it seemed that depending on the provider one of the hops inbetween was blocked.
From Roskomnadzor I got the reply to change the IP, which is ridiculous. However, this will happen in the not so far distance anyway as we plan to move the website to another hoster. That’ll probably help. Otherwise, Roskomnadzor running Amok and banning half the IPs is just insane.
Regarding this one I’m not sure if those two are related. It is not specified why it is blocked (Сайт https://nextcloud.com не открывается)
But seems long time I host Telegram-proxy for my friends in Russia. Thanks God we have a huge time shift between lands, because during the day my outgoing channel has being fully used.
Stuff like this makes me mad. Wrote this for anybody in the same boat. Will not only download the newest NextCloud though tor but will also verify it against the official NextCloud gpg keys. This will work on Debian and Ubuntu. Ill port it to any Linux/BSD OS if asked.
PS if there is any fuckery from Russian, Chinese etc ISPs trying to block tor Ill mix in some nice transforms to get around their lame DPI.
Just make this script executable with
chmod +x
#!/bin/sh
# Change to version of NextCloud to download if not latest.
# latest.tar.bz2 is default
nextcloudVersion='latest.tar.bz2'
# NextCloud Public Key. Or you can import it yourself from
# https://nextcloud.com/nextcloud.asc. Both should match.
gpgKey='D75899B9A724937A'
sudo apt update
sudo apt install torsocks wget
gpg --recv-keys "$gpgKey" || gpg --keyserver pgp.mit.edu "$gpgKey"
torsocks wget "https://download.nextcloud.com/server/releases/$nextcloudVersion"
torsocks wget "https://download.nextcloud.com/server/releases/$nextcloudVersion.asc"
gpg --verify "$nextcloudVersion.asc" "$nextcloudVersion" 2>&1 | grep \
'Good signature' || { printf 'BAD GPG SIGNATURE\n'; exit 1; }
Mehh just wrote a version of the above script that gets around gov and ISP blocking Tor. It uses obfs4 transforms to hide your Tor traffic from their deep packet inspection. Should work everywhere. China might still be an issue though. If so Ill write one for them too using meek transforms.
#!/bin/sh
# Change to version of NextCloud to download if not latest.
# latest.tar.bz2 is default
nextcloudVersion='latest.tar.bz2'
# NextCloud Public Key. Or you can import it yourself from
# https://nextcloud.com/nextcloud.asc. Both should match.
gpgKey='D75899B9A724937A'
# If you happen to live in a shithole country that blocks tor you can circumvent
# censorship by transforming the Tor traffic between the client and the bridge.
# This way censors will see innocent looking transformed traffic instead of the actual Tor traffic.
# Sooner or later the below bridges will stop working. You can get more from the torproject.
# https://bridges.torproject.org/options
bridgeAddress1='obfs4 94.242.249.2:58809 6AF3024788A7EA8F84E3FA3F60018B62291803E4 cert=X0sDCJLKMM/EISdGDEfGrsks41UYmScjIIXQ9AZgWFVKNKS6klcNEpdF4tNXFz6kIyk4Ug iat-mode=0'
bridgeAddress2='obfs4 35.203.134.33:10022 15524C683CC872C8C8FB5B779A8D53F54F7ADCD4 cert=bXLTv0Kwt1zgPBoeVF86vC+0tYAHepR7+QMczhhTQw9hpAIhatt/Bpe6rSGY63Zh8aZ+dQ iat-mode=0'
bridgeAddress3='obfs4 188.166.252.228:9443 595770328CA95E39FF5B81013880B46CA1B29546 cert=3PjhGUq3xWDMrBAzbV1eU4zPSB3GRGBpYdXQEs9hkrwC9RSZdnEe1P+cg7VgLgYTj/2MMg iat-mode=0'
##################################
[ "$(id -u)" = 0 ] || { printf 'Must be root to run script\n'; exit 1; }
apt update
apt install torsocks wget obfs4proxy
cat >>/etc/tor/torrc<<EOF
# Using transforms to get around ISP Tor fuckery
UseBridges 1
Bridge "$bridgeAddress1"
Bridge "$bridgeAddress2"
Bridge "$bridgeAddress3"
# Set tor to use obfs4 proxy plugin
ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy
EOF
service tor restart
printf 'Waiting 30sec for Tor bootstrap'
sleep 30
gpg --recv-keys "$gpgKey" || gpg --keyserver pgp.mit.edu "$gpgKey"
torsocks wget "https://download.nextcloud.com/server/releases/$nextcloudVersion"
torsocks wget "https://download.nextcloud.com/server/releases/$nextcloudVersion.asc"
gpg --verify "$nextcloudVersion.asc" "$nextcloudVersion" 2>&1 | grep \
'Good signature' || { printf 'BAD GPG SIGNATURE\n'; exit 1; }
Crazy people are everywhere and among all peoples. Glad You posted and take actions that will allow to access.