Logging: Trusted domain error: incoming IP problem


I think I somehow understood what this kind of error is, tell me if I’m wrong: It’s usually some random bot trying to access my server (not clear how though), and NC block them at some point (not clear how though). Anyway, it’s seems that it is not a big deal, since it happens rarely and each incoming IP is more or less unique.
Sometimes I google this incoming IP and it turns out to come from malicious host confirming my hypothesis. But today when I googled an IP address:

Warning	core	Trusted domain error. "" tried to access using "XXXXXXXXXX" as host.

or here in raw format

{"reqId":"m4X6Rx9bmGjit7VUzoyu","remoteAddr":"","app":"core","message":"Trusted domain error. \"\" tried to access using \"XXXXXXXXXXX\" as host.","level":2,"time":"2017-01-10T19:58:38+00:00","method":"GET","url":"\/","user":"--","version":""}

I got as a 2nd result in google of the above mentioned address this: https://github.com/nextcloud/server/issues/2298

Which I find weird, since there the address seems legit (In my log I have the same kind of message with the address where I access the server).

So my questions boil down to how is it possible? Could it be because of my limited understanding of this error? To which action this error refers btw?


Putting the IP coinciding with another user (@LukasReschke aside), the error you’re seeing is as you described - some remote server somewhere is hitting your NC instance against it’s public IP rather than hostname (as a confident guess).

Because you’ve not authorised any other domain than yours, NC doesn’t permit it. It looks like this:

You can control what domain/hostname/IP is trusted in your NC config file, but in this case you wouldn’t want to.

Thanks for the reply and the explanation, I managed to reproduce the warning message.

Is it just a coincidence that it corresponds to another NC user?