Netcloud 20.0.1 well-known/webfinger and well-known/nodeinfo errors

Hey all,

I have been running nextcloud 21 on my ubuntu 20.04.2 VM and have been running into this issue
There are some warnings regarding your setup. Your web server is not properly set up to resolve "/.well-known/webfinger". Further information can be found in the documentation. Your web server is not properly set up to resolve "/.well-known/nodeinfo". Further information can be found in the documentation. Please double check the installation guides ↗, and check for any errors or warnings in the log. Check the security of your Nextcloud over our security scan ↗.
I thought the issue would fix itself after updating to version 21.0.1 but that did not happen and after upgrading, I am still getting the same issue. I have running my Nextcloud install through Nginx. Here is my Nginx config file. I have tried most of the recommendations that have been talked about in this post here.

Any help would be appreciated. Thanks

Glad to have a working search function in this forum. You should give it a try next time

https://help.nextcloud.com/search?q=webfinger%20nodeinfo%20nginx

I’ve hit the same issue. The post you’ve linked is about caldav & carddav.
The new issue is with

Your web server is not properly set up to resolve "/.well-known/webfinger". Further information can be found in the documentation.
Your web server is not properly set up to resolve "/.well-known/nodeinfo". Further information can be found in the documentation.

Problem is, the linked documentation does also only speak about caldav & carddav, which work fine for me.

I’m running Nextcloud in a subfolder named nextcloud on an Apache2 httpd webserver, and my /var/www/html/.htaccess file reads:

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteRule ^\.well-known/host-meta /nextcloud/public.php?service=host-meta [QSA,L]
  RewriteRule ^\.well-known/host-meta\.json /nextcloud/public.php?service=host-meta-json [QSA,L]
  RewriteRule ^\.well-known/webfinger /nextcloud/public.php?service=webfinger [QSA,L]
  RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav/ [R=301,L]
</IfModule>

Manually browsing to carddav or caldav requires http auth and then shows a message that this url is for dav clients.
browsing to .well-known/webfinger though gave me a nextcloud error page.

Searching Google some more gave me this page:

Which shows a different line for webfinger and adds one for nodeinfo:

RewriteRule ^.well-known/webfinger /nextcloud/index.php/.well-known/webfinger [R=301,L]
RewriteRule ^.well-known/nodeinfo /nextcloud/index.php/.well-known/nodeinfo [R=301,L]

adapting my .htaccess file to match makes those URLs now return this json output:
{"message":"nodeinfo not supported"}

And the nextcloud/index.php/settings/admin/overview page now is also happy.

[quote=“wovetudi, post:3, topic:113158”]

RewriteRule ^.well-known/webfinger /nextcloud/index.php/.well-known/webfinger [R=301,L]
RewriteRule ^.well-known/nodeinfo /nextcloud/index.php/.well-known/nodeinfo [R=301,L]

Thanks, that did the job! Although – forgive my pointillism! – to be strict, the first dot in the regular expression should be escaped like this: ^\.well-known.

Hi there,

I’m so sorry I am having a brain fart moment trying to fix this issue on my server. I am getting the following messages on my overview screen:

• Your web server is not properly set up to resolve “/.well-known/webfinger”. Further information can be found in the documentation .
• Your web server is not properly set up to resolve “/.well-known/nodeinfo”. Further information can be found in the documentation .
• Your web server is not properly set up to resolve “/.well-known/caldav”. Further information can be found in the documentation .
• Your web server is not properly set up to resolve “/.well-known/carddav”. Further information can be found in the documentation .

Here is my .htaccess file

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{HTTP_USER_AGENT} DavClnt
  RewriteRule ^$ /remote.php/webdav/ [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
  RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>

My installation root is in /var/www/nextcloud and my apache is setup as this as the root.

Any help is much appriciated.

John

You know, I’ve been looking for a solution to this issue all across the NC forum AND documentation. Still couldn’t find a proper one. So please don’t assume that someone asking anything here is just lazy or spamming. The idea of a community is to help each other, not to be ironic for nothing. If you have a proven method that works for this issue, please share it. If not, don’t be a smart ass and just move over.

If you didn’t solve your problem yet, you might want to check the updated Nginx config settings at https://docs.nextcloud.com/server/21/admin_manual/installation/nginx.html. Looks like there are updates that solve those issues. At least this worked for me.

Following [beamtic](https://beamtic.com/webfinger-and-nodeinfo-nextcloud) way of setting these redirect rules in the vhost conf file (apache) was the only way for me to get rid of these errors

The Beamtic website could not be reached because “The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.” (Firefox). Chromium produced a similar result.
I really need to clear the webfinger and nodeinfo warnings, can anybody enlighten me as to the method Beamtic suggested? Perhaps Beamtic could sort out the security issue with their site?

I have tried beamtic, also not working

Beamtic is working again it seems.
Following its redirect advice, I adapted it for those who are using an Apache reverse proxy in front of wordpress in Docker:

    ProxyPass "/.well-known/webfinger" "${NCInternalURI}/index.php/.well-known/webfinger"
    ProxyPass "/.well-known/nodeinfo" "${NCInternalURI}/index.php/.well-known/nodeinfo"

where NCINternalURI is the the full URI of your dockerized WP eg

Define NCInternalURI http://192.168.1.5:8081

I get this error when I implement the code (stated in https://docs.nextcloud.com/server/25/admin_manual/installation/nginx.html ) in Nginx:

nginx: [emerg] “upstream” directive is not allowed here in /etc/nginx-rc/extra.d/nextcloud.location.main.nextcloudnogeenconfig.conf:1 nginx: configuration file /etc/nginx-rc/nginx.conf test failed

Any thoughts?

Installation: Runcloud

I checked on Runcloud helpdesk on this matter and this is what they said:

We have tried accessing the directors under .well-known under your web app via browser and are getting the 404 Not found error. Further checking the web app documentation root we could not find the .well-known directory.

I just clean installed a working Nextcloud application. Why is there a missing folder?

My question being: How to solve this? Reinstall gives the same problems. Using latest version (25.2?)

Thanks!

They also advised me to have this in main Nginx configuration:

location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}

location = /.well-known/webfinger {
allow all;
}

location = /.well-known/nodeinfo {
allow all;
}

Here’s another twist to the story: I get this same warning using Nextcloud 29, flag about webfinger but WebFinger works just fine!

So what is it the admin test is testing?

I keep asking myself how much sense it makes to keep re-opening a thread which started in April 2021 - at least 3 years back.

I hope none of you is running any of those versions (nc 21!) anymore or you will have some more major security problems than running into well-Known/webfinger problems.

so i’m gonna close thos thread now. If you want to relate to the problem pls open a new thread and put a link out to this one.
Don’t forget to give more informations about your setup.

thanks