Nextcloud randomly logs out in browsers, part 2

ℹ️ Support
, ,
1
Support intro

Sorry to hear you’re facing problems. :slightly_frowning_face:

The community help forum (help.nextcloud.com) is for home and non-enterprise users. Support is provided by other community members on a best effort / “as available” basis. All of those responding are volunteering their time to help you.

If you’re using Nextcloud in a business/critical setting, paid and SLA-based support services can be accessed via portal.nextcloud.com where Nextcloud engineers can help ensure your business keeps running smoothly.

Getting help

In order to help you as efficiently (and quickly!) as possible, please fill in as much of the below requested information as you can.

Before clicking submit: Please check if your query is already addressed via the following resources:

(Utilizing these existing resources is typically faster. It also helps reduce the load on our generous volunteers while elevating the signal to noise ratio of the forums otherwise arising from the same queries being posted repeatedly).

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can. :heart:

The Basics

  • Nextcloud Server version (e.g., 29.x.x):
    • 31.0.5
  • Operating system and version (e.g., Ubuntu 24.04):
    • Ubuntu 24.04.2 LTS
  • Web server and version (e.g, Apache 2.4.25):
    • Apache 2.4.58
  • Reverse proxy and version _(e.g. nginx 1.27.2)
    • Apache 2.4.58
  • PHP version (e.g, 8.3):
    • 8.3.21
  • Is this the first time you’ve seen this error? (Yes / No):
    • replace me
  • When did this problem seem to first start?
    • No
  • Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
    • AIO
  • Are you using CloudfIare, mod_security, or similar? (Yes / No)
    • Yes, mod_security, but it is disabled for Nextcloud specifically.

Summary of the issue you are facing:

This is an issue I’ve been facing for a long time, but it’s recently resurfaced and seems to be getting worse. (Previous post is here: Nextcloud randomly logs out in browsers)

The symptoms I’m experiencing are virtually identical, and I have no idea what causes them. It happens seemingly at random, though as of late, has been happening more and more frequently. Since that post, I’ve completely re-installed Nextcloud using AIO. The issue still only occurs in the browser, the desktop client seems entirely unaffected. Each time the issue occurs, the first attempt to long in will fail with a session error, but no further information is given either by the UI or the logs.

Steps to replicate it (hint: details matter!):

Cannot reliably duplicate.

Log entries

Nextcloud

Please provide the log entries from your Nextcloud log that are generated during the time of problem (via the Copy raw option from Administration settings->Logging screen or from your nextcloud.log located in your data directory). Feel free to use a pastebin/gist service if necessary.

No log entries appear related.

Web Browser

If the problem is related to the Web interface, open your browser inspector Console and Network tabs while refreshing (reloading) and reproducing the problem. Provide any relevant output/errors here that appear.

Thus far, I've been unable to reliably duplicate this problem as it seems to happen at random. When it occurs again, I'll update with further details.

I’m normally pretty scrappy when it comes to issues like this, but I’m at my wits end here. I don’t have a way to reliably duplicate this issue. If anyone has any help, advice, settings I could look at or magic chants I could do, it would be greatly appreciated.

2

Any aspects of your infrastructure the same as pre-AIO? For example, it appears you’re still using an external reverse proxy rather than the AIO one. Is that the same one as before?

Also, at this point do you have any errors or warnings under “Admin settings->Overview”?

What, specifically, appears in your browser inspector Console tab when you’re logged out?

3

Virtually none, save for the reverse proxy. I’m doing so with Apache2 because this server also hosts other applications besides Nextcloud.

In Admin settings → Overview, I have a note saying I have a single warning in the logs dating back to June 17th of this year. I also have a note saying I don’t have a default phone region set, and I don’t have an email server configured. (Both of which matter little to me, so I simply haven’t done it.) Besides that, I’ve got the green checkmark saying all checks passed. The warning in question is for a failed login, which happened when I fat fingered my password.

When logged out, the following appears in the console:

Screenshot 2025-06-24 120135
Screenshot 2025-06-24 120135949×220 19.4 KB

This was via a manual log out, but the same appears when I’m logged out due to the session error too.

4

Are you doing any caching/etc on your reverse proxy?

What is the vhost config for the Nextcloud reverse proxy on your Apache instance?

5

This is what I’ve got configured in Apache. I don’t think I’ve got any caching going on.

<VirtualHost *:80>
    ServerName [redacted]

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    RewriteCond %{SERVER_NAME} =[redacted]
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
    ServerName [redacted]

    # Reverse proxy based on https://httpd.apache.org/docs/current/mod/mod_proxy_wstunnel.html
    RewriteEngine On
    ProxyPreserveHost On
    RequestHeader set X-Real-IP %{REMOTE_ADDR}s
    AllowEncodedSlashes NoDecode

    ProxyPass / http://localhost:11000/ nocanon
    ProxyPassReverse / http://localhost:11000/

    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteCond %{HTTP:Connection} upgrade [NC]
    RewriteCond %{THE_REQUEST} "^[a-zA-Z]+ /(.*) HTTP/\d+(\.\d+)?$"
    RewriteRule .? "ws://localhost:11000/%1" [P,L,UnsafeAllow3F]

    # Enable h2, h2c and http1.1
    Protocols h2 h2c http/1.1

    # Solves slow upload speeds caused by http2
    H2WindowSize 5242880

    # TLS
    SSLEngine               on
    SSLProtocol             -all +TLSv1.2 +TLSv1.3
    SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-S    SSLHonorCipherOrder     off
    SSLSessionTickets       off

    # If running apache on a subdomain (eg. nextcloud.example.com) of a domain that already has an wildcard ssl certificate from certbot o    # the <your-nc-domain> in the below lines should be replaced with just the domain (eg. example.com), not the subdomain.
    # In this case the subdomain should already be secured without additional actions
    SSLCertificateFile /etc/letsencrypt/live/[redacted]/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/[redacted]/privkey.pem

    # Disable HTTP TRACE method.
    TraceEnable off
    <Files ".ht*">
        Require all denied
    </Files>

    # Support big file uploads
    LimitRequestBody 0
    Timeout 86400
    ProxyTimeout 86400

    SecRuleEngine Off
    SecRequestBodyAccess Off
</VirtualHost>
6

Bump, is there anyone who’s got an answer for this?

7

I guess maybe I should open a bug report…

8

Bumping again, I still have this issue after more than 3 years.

9

Can you:

  • post an updated config (specifically the output of occ config:list system)
  • post an actual app list (output occ app:list)

Also:

  • Do you only have a single instance of Nextcloud running on your domain?
  • Do you have the access log entries from your Apache server during one of these events?
  • Do you have the error log entries from your Apache server during one of these events?

It would also be worth checking your mod_security audit log (I realize it’s supposedly off, but… also, it’s not off on the HTTP->HTTPS host so that’s another possibility).

10

This wont help you specifically but anyone out there that has the same problem - for me i had a external Redis with an HAProxy to detect the master in a Redis Sentinel Setup

The HAPRoxy has timeouts which where set at 5 minutes and users disconnected and had to reconnect through this setting.