[ Nextcloud 15 update ] : "/.well-known/webfinger" impossible to reach

ℹ️ Support
,
1

Hi guys,

I’m using a Nextcloud instance running on CentOS Linux release 7.6.1810 (Core) on VPS.
I’m using httpd and php 7.2. The packages and kernel are up to date.

Yesterday I decided to update in Nextcloud 15. I’d to correct few errors in the overview just after update.
And I’ve this one, which appears but after resolution of the others, I even had the time to see the no error view.

:warning: The web server configuration can’t reach “/.well-known/webfinger” . You’ll find more information in docs.

I’ve an .htaccess file in my nextcloud directory which has the following content :

.htaccess from nextcloud directory

<IfModule mod_headers.c>
<IfModule mod_setenvif.c>
<IfModule mod_fcgid.c>
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
</IfModule>
<IfModule mod_proxy_fcgi.c>
SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
</IfModule>

<IfModule mod_env.c>
# Add security and privacy related headers
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header set X-Robots-Tag "none"
Header set X-Download-Options "noopen"
Header set X-Permitted-Cross-Domain-Policies "none"
Header set Referrer-Policy "no-referrer"
SetEnv modHeadersAvailable true
</IfModule>

# Add cache control for static resources
<FilesMatch "\.(css|js|svg|gif)$">
Header set Cache-Control "max-age=15778463"
</FilesMatch>

# Let browsers cache WOFF files for a week
<FilesMatch "\.woff2?$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
</IfModule>
<IfModule mod_php5.c>
php_value upload_max_filesize 511M
php_value post_max_size 511M
php_value memory_limit 512M
php_value mbstring.func_overload 0
php_value always_populate_raw_post_data -1
php_value default_charset 'UTF-8'
php_value output_buffering 0
<IfModule mod_env.c>
SetEnv htaccessWorking true
</IfModule>
</IfModule>
<IfModule mod_php7.c>
php_value upload_max_filesize 511M
php_value post_max_size 511M
php_value memory_limit 512M
php_value mbstring.func_overload 0
php_value default_charset 'UTF-8'
php_value output_buffering 0
<IfModule mod_env.c>
SetEnv htaccessWorking true
</IfModule>
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} DavClnt
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
RewriteRule ^\.well-known/webfinger /public.php?service=webfinger [QSA,L]
RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
RewriteRule ^remote/(.*) remote.php [QSA,L]
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.*
RewriteRule ^(?:\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
<IfModule mod_mime.c>
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
ModPagespeed Off
</IfModule>
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####

ErrorDocument 403 //
ErrorDocument 404 //

Which contains every lines it should, the default anyway. But I keep having the following error in my server overview.

I’ve made few researches before to post here. The only informations I found was about a file .htaccess in directory before nextcloud and the solution did’nt work. ( My vhost httpd is not before anyway ) I’ve also tried to modify the .htaccess from nextcloud directory with content from topics I found but the result was the same, didn’t work.

If anyone have an idea to help me ?

Sorry for bad english, it’s not my native language.

I’ll be thankful.
Have a nice day,
Regards,

1 Like
2

So you just need to re-generate a new .htaccess file.
Do like this
Where X is your http user (www-data or httpd or whatever your system)
Y the path of your nextcloud installation

sudo -u X php Y maintenance:htaccess:update

3

Hello and thank you for your fast answer, I tried your solution and that is the result :

Copy/Past from PuTTY

[root@xxx nextcloud]# sudo -u apache php occ maintenance:htaccess:update

There are no commands defined in the “maintenance:htaccess” namespace.

Did you mean one of these?
maintenance
maintenance:mimetype
maintenance:theme
maintenance:update

Regards,

4

I finally find with occ list the good way to do it. And it didn’t resolve the overview’s error…

Copy/Past from PuTTY

[root@xxx nextcloud]# sudo -u apache php occ maintenance:update:htaccess
.htaccess has been updated

I restarted httpd after check that the .htaccess file was new and the error keep staying here…

Regards,

5

error
error1576×430 27 KB

That means in english :

Translation

Security warnings & configuration

It is important for the security and performance of your instance that it is properly configured. In order to help you, your Nextcloud instance performs some automatic checks. For more information, please consult the related documentation.
There are some warnings about your configuration.

 The configuration of the web server does not reach "/.well-known/webfinger". You will find more information in the documentation.

Please consult the installation guides :arrow_upper_right: and check the log errors or warnings.

Check the security of your Nextcloud with our security scan :arrow_upper_right:
Version

Nextcloud 15.0.0
Your version is up to date.

Update channel: Stable

6

Excuse me for having forgetting occ.

Did you closed your browser and restart it completely ?

I fix this like this.
Open your /var/www/nextcloud/.htaccess file and see if a line reffer to webfinger.

7

There is the line, and it’s the same that in my first message.

8

That line : " RewriteRule ^\.well-known/webfinger /public.php?service=webfinger [QSA,L]"

9

I’m french too

Normally you shouldn’t have this message anymore.

Contact my by mp if you want a remote session with me to see what could be wrong.

11

@jospoortvliet I have the same issue than @Kitslap
Our .htaccess works well for the other redirections, but the Admin Page of Nextcloud still says that we have an error with .well-known/webfinger
@Kitslap is on Apache with CentOS
I am on Nginx with Ubuntu.

12

I have the same with debian stretch, apache2. I have no idea, tried nearly everything.

1 Like
13

Same here. Ubuntu 18.04, Apache 2.4.37, PHP 7.2.13 (using php-fpm).

The App user_webfinger is not available, if this is relevant. I copied user_webfinger from Github under nextcloud/server but it is a very old version and doesn’t work with NC 15.0.0.

14

@Kitslap @Nemskiller This might be caused by Nextcloud running in a subfolder.

If you running Nextcloud e.g. in domain.tld/nextcloud/, it will check domain.tld/.well-known/webfinger, not domain.tld/nextcloud/.well-known/webfinger

In that case you need to manually adapt your web server config and / or add a htaccess file in the folder corresponding to domain.tld

15

Helas we are both in root folder
https://mydomain.xyz give nextcloud
Not https://mydomain.xyz/nextcloud

16

I get the same error Message. My cloud running under cloud.domain.tld

17

thanks, I did it, but no success, also after a restart.

18

Can you verify that https://mydomain.xyz/.well-known/webfinger redirects to https://mydomain.xyz/public.php?service=webfinger

If it does despite the error message please report a bug at https://github.com/nextcloud/server/issues

19

I have in htaccess in the root directory:
Redirect 301 /.well-known/carddav “/nextcloud/remote.php/dav”
Redirect 301 /.well-known/caldav “/nextcloud/remote.php/dav”
Redirect 301 /.well-known/webfinger “/nextcloud/public.php?service=webfinger”

21

The redirect doesn’t work. Also, manually going to https://cloud.example.com/public.php?service=webfinger gives an error: missing resource

22

The redirect error message goes away only if i install the social app. But if I uninstall the social app, then the error message is back. Also it displays the “missing resource”.