Nextcloud does not accept all file there any solution?

I would love to move my development directory for a specific project onto my nextcloud instance in my NAS so that I could work from anywhere and have my work automatically synced.

However, nextcloud is routinely deleting any file I upload with the suffix .inc and this makes it impossible for me to achieve my goal. I have a few dozen PHP files that are used as library files and are identified with the suffix .inc.

Why is nextcloud not agnostic on file identifiers, and is there anything I can do about this?

To my knowledge only .htaccess files are blacklisted. Then, also the upload is not possible. How do you know that Nextcloud is deleting this file, do you have any hint in the logfiles?

Or a different process (e.g. anti-virus)? How long does it take the file to be deleted?

What you can check, put a file into your Nextcloud. Check on the oc_filecache-table that there is an entry for it. Wait for it to disappear and check the database again. If the entry was removed as well, it could have been Nextcloud, the client or something accessing the file via Nextcloud. If there is a different process on the system, you will probably still find the entry in the oc_filecache-table.

I uploaded a *.inc file via NC client, it worked so far and the file hasn’t been deleted (yet?)

I had been uploading them using the cp command from my dev directory on my workstation, via the webdav connection I maintain between my workstation and the nextcloud instance on my NAS.

I just tried uploading a file named using the browser interface. The upload failed and a small popup (that looked like a tooltip) came up for about 5 seconds that said “forbidden”.

The permissions on are my ordinary user permissions, and they match the permissions specified for the directories accessible through the webdav connection (which is specified like this: sudo mount -t davfs2 /home/jiml/owncloud -o rw,uid=jiml,gid=jiml).

So, the file is being blacklisted and - based on what I see - it is being blacklisted based upon suffix. There are other PHP files that are identified as .php which are present in the subdirectory, and in other subdirectories which are devoted to C code, everything is there.

Subsequent to this problem occurring, I did enable the file access control plugin hoping it would help, but it seems this plugin specifically permits me to deny file types, it does not permit me to permit file types that are otherwise blocked.

This particular installation of nextcloud started as an owncloud installation about three years ago, and has been upgraded ever since. Currently it is nextcloud 11.0.5.

I did just look in that data table, and there are no entries for the *.inc files that have been deleted.

Hmm, you don’t use the ransomware app by chance do you?
@LukasReschke any issues with inc files?

What is the ransomware app? Never heard of it.

This nextcloud instance is hosted on a Nas4Free system, which runs FreeBSD. It is configured basically as an appliance.

Oh, I see. I visited the app store for the first time in awhile and I see the ransomware app. Don’t use it, don’t have any purpose for it.

File Access Control and ransomware apps are the only thing I could imagine to block this in Nextcloud.

You can check your webserver, perhaps the configuration does not allow .inc-files. For apache it could look like this:

<Files  ~ "\.inc$">
  Order allow,deny
  Deny from all

Can you try on the demo instances, perhaps it is a client issue:

Good catch!

Nas4free uses lighttpd. I looked in /var/etc/httpd.conf and found this:

$HTTP[“remoteip”] == “” { url.access-deny = ( “~”, “.inc”, “.htpasswd” ) }
$HTTP[“remoteip”] == “” { url.access-deny = ( “~”, “.inc”, “.htpasswd” ) }

This is part of the default setup.

So, I copied/pasted into the Nas4Free webserver config the following:

$HTTP[“remoteip”] == “” { url.access-deny = ( “~”, “.htpasswd” ) }
$HTTP[“remoteip”] == “” { url.access-deny = ( “~”, “.htpasswd” ) }

and the problem was solved. The config options I place are read and applied after the defaults, so this change enables .inc files. I am happy enough to not have “~” files synced. Further, this instance of the webserver serves only nextcloud. There is another instance that serves the NAS4Free web config page, and it is not affected by this change. Thus, I have not opened the overall device to having code files uploaded to it.

Thanks for your assistance.

1 Like