Nextcloud version (eg, 20.0.5): 22.2.0
Operating system and version (eg, Ubuntu 20.04): Raspbian 10.11
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.38
PHP version (eg, 7.4): PHP 7.3.29
The issue you are facing:
I have problems with webdav, caldav, uploaded files with 0 bytes and multiple error and warning messages from mod_security. Right now I’m trying to fix these mod_security problems.
The output of your Nextcloud log in Admin > Logging: (only 1 error)
PHP Error: Undefined offset: 5 at /var/www/html/nextcloud/lib/private/Updater.php#154
/var/www/html/nextcloud/lib/private/Updater.php - line 154:
OC\Log\ErrorHandler::onError(8, "Undefined offset: 5", "/var/www/ht ... p", 154, { logLevel: ... e})
/var/www/html/nextcloud/core/ajax/update.php - line 200:
OC\Updater->upgrade()
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'instanceid' => '',
'passwordsalt' => '',
'secret' => '',
'trusted_domains' =>
array (
0 => 'localhost',
1 => '192.168.0.3',
2 => 'old.sample.com',
3 => 'site.provider.org',
),
'datadirectory' => '/var/www/html/nextcloud/data',
'dbtype' => 'mysql',
'version' => '22.2.0.2',
'overwrite.cli.url' => 'https:\\/\\/site.provider.org',
'dbname' => 'nextcloud',
'dbhost' => 'localhost:5432',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud',
'dbpassword' => '',
'installed' => true,
'maintenance' => false,
'theme' => '',
'loglevel' => 5,
'default_phone_region' => 'BR',
'memcache.local' => '\\OC\\Memcache\\APCu',
'updater.secret' => '',
);
These are the errors I get in my apache error.log:
[Wed Oct 20 22:19:16.456854 2021] [:error] [pid 10002] [client 191.191.10.38:64947] [client 11.91.1.38] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/share/modsecurity-crs/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "46"] [id "911100"] [msg "Method is not allowed by policy"] [data "PUT"] [severity "CRITICAL"] [ver "OWASP_CRS/3.1.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "OWASP_CRS/POLICY/METHOD_NOT_ALLOWED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "OWASP_AppSensor/RE1"] [tag "PCI/12.1"] [hostname ".org"] [uri "/nextcloud/ocs/v2.php/apps/weather_status/api/v1/location"] [unique_id "YXDAFB4m4yCmCX6JGv71@gAAAAE"]
[Wed Oct 20 22:19:16.474163 2021] [:error] [pid 10002] [client :64947] [client ] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname ".org"] [uri "/nextcloud/ocs/v2.php/apps/weather_status/api/v1/location"] [unique_id "YXDAFB4m4yCmCX6JGv71@gAAAAE"]
I’ve read multiple sites, docs, etc but no matter what I try to do to remove these (RemoveRuleById, etc) nothing changes. It’s as if my config changes are not being considered.
Any tips?