Hi,
This tool look awesome, is there some kind of API ?
I explain myself: I’m administrating several Nextcloud instances and I would be very usefull for me either to run a script that check that each instance is up to date and safe or run the scanner on each server periodically and receive a report by e-mail if something should be done.
I have a nextcloud instance running with a custom port and custom nextcloud prefix like
https://mydomain.com:12345/mynextcloudinstance
When I let the scanner scan this URL it returns:
Scan failed! The scan for the specified domain failed.
Either no Nextcloud or ownCloud can be found there or you tried to scan
too many servers.
could the scanner be adapted so that it can scan it.
Hello!
I get the same error as @jakobssystems but hopefully without doing a typo.
I have tried with and without https:// and scan.owncloud.com works.
URL:
https://nextcloud.mydomain.com
Version:
11.0.1.2
Issues:
No vulnerabilities
Thank you for being up to date and caring about ownCloud security. To keep you informed you might want to sign up to our newsletter.
I followed @riegerCLOUD install guide and I use geoip and nginx. Is the server located in Germany? DE should be allowed and I tried to disable geoip but it does not work. Any idea?
Hi,
is IPv6 supported by the scan? I got an error that no Nextcloud instance was found. Sadly my provider has only DSLite stacks.
One of our hosting providers for the scanner doesn’t support IPv6 at the moment. Thus the scanner won’t be able to detect IPv6 hosts.
Did you try to call them and ask for IPv4? I just moved my server from IPv4 only provider to IPv6+DS-Lite, found out about all the problems related to it, called them and instantly got switched to dual stack 
.
Not so far. In their FAQ they refer to a company which sells routers with configured IPv4 tunnel. Thank you for the hint.
The results don’t match for many clients i support. Neither the shown URL nor the domain host_prefix fit.
Most results are obsolete, so my question is how to force a rescan?
If I press the icon for rescan and wait for more than the suggested 5 minutes nothing changed since days.
I would really appreciate any kind of assistance. Thanks in advance. Carsten
After the rescanning, you need a reload (strg + F5)…
By my first try, the Url wich should be https://mycloudsname.com was shown as https://mycloudsname.com/owncloud
In my apache conf I had
Alias /owncloud “pathToTheCloudDir”
After commenting this entry out, the test showed me the right url…
So I think the test seeks for “known” urls and the first of it is shown, also if this is not the url of the cloud…
Hi Soko, unfortunately STRG+F5 doesn’t solve this behaviour. Nextcloud is based on NGINX and doesn’t point to any subdir since weeks. NGINX and REDIS were restarted several times … what might help?
Yes, I can reproduce your issue, don’t have a solution.
Trying with https://nc.c-rieger.de/login makes a new scan and ends with no Installation found error…
Scan failed! The scan for the specified domain failed. Either no Nextcloud or ownCloud can be found there or you tried to scan too many servers.
Think nextcloud have to delete the scan from 17/02/20 out of their cache…
@LukasReschke ???
Thx for reproducing and assistance! Hopefully waiting for @LukasReschke 
@LukasReschke: I can’t scan further URLs regarding this instance neither:
e.g. https://nextcloud.dedyn.io
Suggestion:
I set X-Frame-Options to ALLOW-FROM because of Collabora - maybe the scanner could report the returned header instead of simply complaining that it isn’t set to SAMEORIGIN?
Great idea, thanks for this!
I’ve made the tweaks and want to rescan, but its remembering me 
How can I rescan please?
Is their an option to clear cache the same as the ssl test website 
Edit: Requested rescan and waited for a while, seemed more than 5 mins, but it didn’t seem to rescan in front of my eyes but in the background? Maybe I am wrong there, but the rescan did occur and an A+
Hopefully there will be some reminders in the gui to rescan if it hasn’t been done for x period of time, so I don’t forget to keep checking it in the future
Thanks
I solved the rescan issue by disabling geoip in NGINX.
After having restarted NGINX and pressed the icon for rescan, the new results were shown after few minutes.
Nextcloud’s scan-server seems to be located out of germany and out of US, that’s why it failed for me regarding geoip.
It solved my problem too. I don’t know why it did not work last time when I changed geoip to “default yes;”.
sorry, the rescan only happens after about 8 hours I believe… It is a resource usage limitation.
Ok sure, but in my case the rescan seemed to happen automatically in the background in 10 minutes.
Likely I was just lucky.
Thanks
well, yeah, or maybe I’m wrong 
