Nextcloud version: 12.03
Operating system and version: Ubuntu 16.04
nginx version: 1.10.3
PHP version: 7.1.12
Is this the first time you’ve seen this error?: Yes
Can you reliably replicate it?: Yes, access Nextcloud from domain example.com or any subdomain which isn’t cloud{.}example{.}com
The issue you are facing: Nextcloud is displaying on the main domain and on subdomains it should not be displaying on. It is only supposed to be displaying on ‘cloud.example.com’. On all other addresses is shows an “Untrusted Domain” page and asks for me to login as root to add it as a trusted domain, except it’s not a trusted domain because I do not want Nextcloud being accessed from these domains. My other domains were displaying properly until I installed Nextcloud, which has no hijacked everything.
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'instanceid' => 'nugget',
'passwordsalt' => 'hotdog',
'secret' => 'pizza',
'trusted_domains' =>
array (
0 => 'cloud{.}example{.}com',
),
'datadirectory' => '/var/nc_data',
'dbtype' => 'mysql',
'version' => '12.0.3.3',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'xyz',
'dbpassword' => '123',
'installed' => true,
'htaccess.RewriteBase' => '/',
'overwriteprotocol' => 'https',
'loglevel' => 1,
'logtimezone' => 'Europe/Berlin',
'logfile' => '/var/nc_data/nextcloud.log',
'log_rotate_size' => 104857600,
'cron_log' => true,
'filesystem_check_changes' => 1,
'quota_include_external_storage' => false,
'knowledgebaseenabled' => false,
'memcache.local' => '\\OC\\Memcache\\APCu',
'filelocking.enabled' => 'true',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '/var/run/redis/redis.sock',
'port' => 0,
'timeout' => 0.0,
),
'maintenance' => false,
'theme' => '',
'enable_previews' => true,
'enabledPreviewProviders' =>
array (
0 => 'OC\\Preview\\PNG',
1 => 'OC\\Preview\\JPEG',
2 => 'OC\\Preview\\GIF',
3 => 'OC\\Preview\\BMP',
4 => 'OC\\Preview\\XBitmap',
5 => 'OC\\Preview\\Movie',
6 => 'OC\\Preview\\PDF',
7 => 'OC\\Preview\\MP3',
8 => 'OC\\Preview\\TXT',
9 => 'OC\\Preview\\MarkDown',
),
'preview_max_x' => 512,
'preview_max_y' => 512,
'preview_max_scale_factor' => 1,
'auth.bruteforce.protection.enabled' => true,
'trashbin_retention_obligation' => 'auto, 7',
'overwrite.cli.url' => 'https://cloud{.}example{.}com',
);
The output of your nextcloud.conf:
fastcgi_cache_path /usr/local/tmp/cache levels=1:2 keys_zone=NEXTCLOUD:100m inactive=60m;
map $request_uri $skip_cache {
default 1;
~*/thumbnail.php 0;
~*/apps/galleryplus/ 0;
~*/apps/gallery/ 0;
}
server {
listen 80;
server_name cloud{.}example{.}com;
location ^~ /.well-known/acme-challenge {
proxy_pass http://127.0.0.1:81;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
server_name cloud{.}example{.}com;
root /var/www/nextcloud/;
access_log /var/log/nginx/nextcloud.access.log main;
error_log /var/log/nginx/nextcloud.error.log warn;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
client_max_body_size 10240M;
location / {
rewrite ^ /index.php$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
include php_optimization.conf;
fastcgi_pass php-handler;
fastcgi_param HTTPS on;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache NEXTCLOUD;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
location ~ \.(?:css|js|woff|svg|gif)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=15778463";
access_log off;
expires 30d;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
access_log off;
expires 30d;
}
}