I got your message and I got an error scanning your Nextcloud as well.
The scanner mainly checks your version and analyzes your http-headers, if HSTS etc. is set up correctly, you can test that also yourself.
@LukasReschke Can you have a look at the security scanner? Is there a repo to report such errors? @jospoortvliet fyi
OC-9.08 and NC-12 are hosted on same webspace with same .htaccess settings and so on.
OC security scan is working, NC security scan is NOT working with NC security scanner, sorry.
Found this thread while trying to look for a solution to the above said issue.
I had thought my NC install was so bad that it cannot detect the instance. LOL
Appreciate the effort put in to solve the issue. Thank you team NextCloud
Sure I can use a barrage of tools to do this, but it is still part of the security features Nextcloud provides. I do not think that it is a good idea to have it not working for a month after all. It should be at least marked as not working or taken down if not needed/useful anymore.
A bit of otherwise unhelpful background: this is managed by Lukas, who is quite busy with many other things. Running the scanner sadly generates quite a bit of work dealing with automated complaints that can (and did) get the servers shut off.
As soon as Lukas has time, I’m sure he will get to this.