NC11 WebDav for KeeWeb

Hello All,

I used to have OwnCloud 9.1 and I was using it with the KeeWeb Application (desktop app) : the KeeWeb desktop app was configured to use the WebDav folder to access the .kdbx file. Every works fine.

Then I migrated to NextCloud 10.2 and now to 11.0 and the same thing (same conf as it is the same server) do not work. I’m getting an 503 Error on my KeeWeb Application.

If I try to access the WebDav folder on Windows Explorer, It works fine.

I did the same test on a fresh Nexcloud Installation with Ubuntu 16.04 /Maria DB/ PHP7 and I had the same 503 error.

Ubuntu 14.04 LTS
Apache 2.4
PHP 5.6

NextCloud.Conf APACHE file :
Alias /owncloud “/var/www/owncloud/”
<VirtualHost *:80>
ServerName XXX
Redirect permanent / https://XXX

<VirtualHost *:443>
ServerName XXX

Header always set Strict-Transport-Security "max-age=15552000; includeSubDomain$

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/XX-cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/XX-private.key
DocumentRoot /var/www/owncloud/
<Directory /var/www/owncloud>

AllowOverride All
order allow,deny
Allow from all

All help will be great :wink:


503 is a server error, you should get some error messages in your webserver logs.


After searching in the Apache logs, i found those error :

[Tue Dec 20 08:25:39.616911 2016] [authz_core:error] [pid 11852] [client XXXX:51958] AH01630: client denied by server configuration: /var/www/owncloud/data/.ocdata

This error is expected, it just checks if the data-directory is protected against direct access.

The config-snipped of apache looks a bit incomplete, some tags seem to be missing (cf.

One more thing, the Order allow,deny-statements are from Apache 2.2, instead of

Order allow,deny
Allow from all

it should be

Require all granted



I modified my apache config with :

Alias /owncloud “/var/www/owncloud/”
<VirtualHost *:80>
ServerName XXX
Redirect permanent / https://XXX/

<VirtualHost *:443>
ServerName XXX

Header always set Strict-Transport-Security “max-age=15552000; includeSubDomains; preload”

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/XX-cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/XX-private.key
DocumentRoot /var/www/owncloud/

<Directory /var/www/owncloud>
Require all granted
Satisfy Any

Options +FollowSymlinks
AllowOverride All

Dav off

SetEnv HOME /var/www/owncloud
SetEnv HTTP_HOME /var/www/owncloud

And I checked that the followings modules are activated :
a2enmod rewrite
a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime

But I still get the 503 Error.

Not using KeeWeb here, but I had severe issues with WebDav and Nextcloud 11. I migrated from OC9.1 to NC10 and NC11. Apart from the sync client not working on Mac OS, I also noted that I couldn’t save files through webdav on Mac OS X. That worked perfectly fine on OC.
The messages in the log files weren’t very informative. Went straight to the server instead of through HAProxy, to make sure that wasn’t the cause of the problems. Didn’t make any difference.
I could save files via webdav, but everything ended up as 0 (zero) byte files.
After spending several hours on this issue, and disappointed that the sync client didn’t work either, I decided to revert back to a working(!) ownCloud. I’ll return if NC is more mature, or at least the bugs have been fixed.

If it worked in NC 10 and only the update broke it (same apache configuration, same system, same php), you should better create a bug report.

In my case it worked with OC 9.1 but did not work when I migrate to NC 10. Same Apache conf, system and PHP).

And just to clarify, Webdav access works with Windows Explorer, but not with Keeweb app.

All that sounds a bit like this issue, where DAVdroid couldn’t handle CSFR tokens:

You can try to add the user agent string of KeeWeb to the list of incompatible clients such as the OS X finder:

Thanks I’ll try this tomorrow.

Do you know how can I get the user agent string for Keeweb ?

I did not find it on Google.

Apache logs the user agent string by default in the access.log.

Ok, I had nothing on the access.log of Apache. I’m still searching.

There is the combined log format which should contain the user agent string:

It works :wink:

I had to modify the base.php file with the user agent as you said.

Thanks a lot Tfidd !

Are you using this app? There was already an issue reported:

No, i’m using the desktop app, not the Web app.

Perhaps notify them as well. Your solution is just a workaround not a real fix.