Yes, I have searched the forum on this issue.
No this issue is not related to the 16.0.2 cypress issue.
I’ve had this issue for awhile off and on, as can be seen [here]
The documentation suggests simply copying over an older version of the .htaccess files but I need a more flexible solution because
I’m not sure if I have my .htaccess backup file
I keep having this problem over and over again.
My current manual changes to my .htaccess and .user.ini files were done on purpose to fix other problems. [click here to see thread detailing this issue]
This is not just effecting core, it’s also happening to apps.
Here’s the readouts:
sudo -u www-data php occ integrity:check-core - INVALID_HASH: - .htaccess: - expected: f30494d88fc2d7caf0be8b27629cb246483cea0203696e44fd376bff19db51bb89c9f4076b1f849627ef3cb011f4a20088116e7b0d10ce467a3dde5db71e108b - current: fa15cb5fbb6995a7036a8d31cc89cf0660b943a9efa7ba6b88994962d4effc7030cdc2abe5d0fbc5d05f864c7c632bdcdb3fea00ba9663e7a9091aa3c26abf33 - .user.ini: - expected: 4843b3217e91f8536cb9b52700efb20300290292cf6286f92794d4cec99df286afeb7dd6c91b1be20bc55eda541eef230a5c5e7dcd46c189edd0ed1e80c6d3f5 - current: 14240d7a7582f019b411929e75b00548aa62af083c542331e55e530972c0f7ee713dcf1e332ffcec38418ef2b35753a2afd18857e55362caa027738b0706043d
sudo -u www-data php occ integrity:check-app files_rightclick - EXTRA_FILE: - README.md: - expected: - current: cf73849388838de5037624e53303618579b164ec69fd55834ce4c5332ae33f778839e36298cbcc8ede90620927e076dbb8883479754e4c09b0491b15bf7653f3
I also tried to run:
sudo -u www-data php occ maintenance:update:htaccess
And as a result I now get a 504 error when I try to go to my settings overview page via my web portal.
I’ve already tried to turn off code signing as per suggestions in the first thread I linked and that did not work.
I also understand why code signing is an important security feature, why it should be enabled, but surely there’s some way for me to override this issue? I’m 100% sure that the changes to .htaccess are due to me, and not due to any kind of invader/hacker etc.
Looking at the documentation I see that I can also sign apps or core? Is this what I need to do in order to override this issue? I tried experimenting with this by signing the rightclick app (since I figure if I screwed that up I could just reinstall it pretty easily) but this did not work due to me not giving enough or giving the wrong arguments:
┌─ | /var/www/nextcloud └─➤ sudo -u www-data php occ integrity:check-app files_rightclick - EXTRA_FILE: - README.md: - expected: - current: cf73849388838de5037624e53303618579b164ec69fd55834ce4c5332ae33f778839e36298cbcc8ede90620927e076dbb8883479754e4c09b0491b15bf7653f3 ┌─ | /var/www/nextcloud └─➤ sudo -u www-data php occ integrity:sign-app files_rightclick Too many arguments, expected arguments "command". integrity:sign-app [--path PATH] [--privateKey PRIVATEKEY] [--certificate CERTIFICATE]
I’m guessing the issue there is I need my private key and cert? Not totally sure where those are kept. All the documentation I look up is about the encrypted files app which I don’t think I have enabled.
I found the occ command for checking what your security certs locations are and when I ran this I got the following output:
└─➤ sudo -u www-data php occ security:certificates +-----------+-------------+--------------+-------------+-----------+ | File Name | Common Name | Organization | Valid Until | Issued By | +-----------+-------------+--------------+-------------+-----------+
Which… seems to indicate that I don’t have a valid security cert for my installation?