This tool look awesome, is there some kind of API ?
I explain myself: I’m administrating several Nextcloud instances and I would be very usefull for me either to run a script that check that each instance is up to date and safe or run the scanner on each server periodically and receive a report by e-mail if something should be done.
I get the same error as @jakobssystems but hopefully without doing a typo.
I have tried with and without https:// and scan.owncloud.com works.
URL: https://nextcloud.mydomain.com
Version:
11.0.1.2
Issues:
No vulnerabilities
Thank you for being up to date and caring about ownCloud security. To keep you informed you might want to sign up to our newsletter.
I followed @riegerCLOUD install guide and I use geoip and nginx. Is the server located in Germany? DE should be allowed and I tried to disable geoip but it does not work. Any idea?
Did you try to call them and ask for IPv4? I just moved my server from IPv4 only provider to IPv6+DS-Lite, found out about all the problems related to it, called them and instantly got switched to dual stack .
The results don’t match for many clients i support. Neither the shown URL nor the domain host_prefix fit.
Most results are obsolete, so my question is how to force a rescan?
If I press the icon for rescan and wait for more than the suggested 5 minutes nothing changed since days.
I would really appreciate any kind of assistance. Thanks in advance. Carsten
Hi Soko, unfortunately STRG+F5 doesn’t solve this behaviour. Nextcloud is based on NGINX and doesn’t point to any subdir since weeks. NGINX and REDIS were restarted several times … what might help?
Suggestion:
I set X-Frame-Options to ALLOW-FROM because of Collabora - maybe the scanner could report the returned header instead of simply complaining that it isn’t set to SAMEORIGIN?
I’ve made the tweaks and want to rescan, but its remembering me
How can I rescan please?
Is their an option to clear cache the same as the ssl test website
Edit: Requested rescan and waited for a while, seemed more than 5 mins, but it didn’t seem to rescan in front of my eyes but in the background? Maybe I am wrong there, but the rescan did occur and an A+
Hopefully there will be some reminders in the gui to rescan if it hasn’t been done for x period of time, so I don’t forget to keep checking it in the future
I solved the rescan issue by disabling geoip in NGINX.
After having restarted NGINX and pressed the icon for rescan, the new results were shown after few minutes.
Nextcloud’s scan-server seems to be located out of germany and out of US, that’s why it failed for me regarding geoip.