Nextcloud windows client 403 forbidden

ajamesm819 · October 30, 2023, 12:10am

Support intro

Sorry to hear you’re facing problems

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can

Nextcloud version (eg, 20.0.5): 27.1.3
Operating system and version (eg, Ubuntu 20.04): Linux 6.1.38-Unraid x86_64
PHP version (eg, 7.4): 8.2.10

The issue you are facing: 403 forbidden for uploads from windows client, not uploading files, nextcloud error log showing OCA\DAV\Connector\Sabre\Exception\Forbidden and OCP\Files\ForbiddenException

Is this the first time you’ve seen this error? (N):

The output of your Nextcloud log in Admin > Logging:

[webdav] Error: OCA\DAV\Connector\Sabre\Exception\Forbidden: Access denied to audio/wav in Folder Videos/2022/05/GOPR9179.WAV.ocTransferId412295337.part at <<closure>>

 0. /config/www/nextcloud/apps/dav/lib/Connector/Sabre/File.php line 318
    OCA\DAV\Connector\Sabre\File->convertToSabreException()
 1. /config/www/nextcloud/apps/dav/lib/Connector/Sabre/Directory.php line 149
    OCA\DAV\Connector\Sabre\File->put()
 2. /app/www/public/3rdparty/sabre/dav/lib/DAV/Tree.php line 307
    OCA\DAV\Connector\Sabre\Directory->createFile("*** sensitive parameters replaced ***")
 3. /app/www/public/3rdparty/sabre/dav/lib/DAV/Tree.php line 133
    Sabre\DAV\Tree->copyNode()
 4. /app/www/public/3rdparty/sabre/dav/lib/DAV/Tree.php line 163
    Sabre\DAV\Tree->copy()
 5. /config/www/nextcloud/apps/dav/lib/Upload/ChunkingPlugin.php line 94
    Sabre\DAV\Tree->move()
 6. /config/www/nextcloud/apps/dav/lib/Upload/ChunkingPlugin.php line 76
    OCA\DAV\Upload\ChunkingPlugin->performMove()
 7. /app/www/public/3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
    OCA\DAV\Upload\ChunkingPlugin->beforeMove()
 8. /app/www/public/3rdparty/sabre/dav/lib/DAV/CorePlugin.php line 603
    Sabre\DAV\Server->emit()
 9. /app/www/public/3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
    Sabre\DAV\CorePlugin->httpMove()
10. /app/www/public/3rdparty/sabre/dav/lib/DAV/Server.php line 472
    Sabre\DAV\Server->emit()
11. /app/www/public/3rdparty/sabre/dav/lib/DAV/Server.php line 253
    Sabre\DAV\Server->invokeMethod()
12. /app/www/public/3rdparty/sabre/dav/lib/DAV/Server.php line 321
    Sabre\DAV\Server->start()
13. /config/www/nextcloud/apps/dav/lib/Server.php line 365
    Sabre\DAV\Server->exec()
14. /config/www/nextcloud/apps/dav/appinfo/v2/remote.php line 35
    OCA\DAV\Server->exec()
15. /app/www/public/remote.php line 172
    require_once("/config/www/nex ... p")

Caused by:

OCP\Files\ForbiddenException: Access denied to audio/wav in Folder Videos/2022/05/GOPR9179.WAV.ocTransferId412295337.part at <<closure>>

 0. /config/www/nextcloud/apps/files_staticmimecontrol/lib/StorageWrapper.php line 206
    OCA\FilesStaticmimecontrol\StorageWrapper->checkFileAccess()
 1. /config/www/nextcloud/apps/dav/lib/Connector/Sabre/File.php line 248
    OCA\FilesStaticmimecontrol\StorageWrapper->writeStream()
 2. /config/www/nextcloud/apps/dav/lib/Connector/Sabre/Directory.php line 149
    OCA\DAV\Connector\Sabre\File->put()
 3. /app/www/public/3rdparty/sabre/dav/lib/DAV/Tree.php line 307
    OCA\DAV\Connector\Sabre\Directory->createFile("*** sensitive parameters replaced ***")
 4. /app/www/public/3rdparty/sabre/dav/lib/DAV/Tree.php line 133
    Sabre\DAV\Tree->copyNode()
 5. /app/www/public/3rdparty/sabre/dav/lib/DAV/Tree.php line 163
    Sabre\DAV\Tree->copy()
 6. /config/www/nextcloud/apps/dav/lib/Upload/ChunkingPlugin.php line 94
    Sabre\DAV\Tree->move()
 7. /config/www/nextcloud/apps/dav/lib/Upload/ChunkingPlugin.php line 76
    OCA\DAV\Upload\ChunkingPlugin->performMove()
 8. /app/www/public/3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
    OCA\DAV\Upload\ChunkingPlugin->beforeMove()
 9. /app/www/public/3rdparty/sabre/dav/lib/DAV/CorePlugin.php line 603
    Sabre\DAV\Server->emit()
10. /app/www/public/3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
    Sabre\DAV\CorePlugin->httpMove()
11. /app/www/public/3rdparty/sabre/dav/lib/DAV/Server.php line 472
    Sabre\DAV\Server->emit()
12. /app/www/public/3rdparty/sabre/dav/lib/DAV/Server.php line 253
    Sabre\DAV\Server->invokeMethod()
13. /app/www/public/3rdparty/sabre/dav/lib/DAV/Server.php line 321
    Sabre\DAV\Server->start()
14. /config/www/nextcloud/apps/dav/lib/Server.php line 365
    Sabre\DAV\Server->exec()
15. /config/www/nextcloud/apps/dav/appinfo/v2/remote.php line 35
    OCA\DAV\Server->exec()
16. /app/www/public/remote.php line 172
    require_once("/config/www/nex ... p")

MOVE /remote.php/dav/uploads/ajamesm/1851027793/.file
from [my.public.ip.address] by ajamesm at 2023-10-29T23:33:48+00:00

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'datadirectory' => '/data',
  'instanceid' => '-----',
  'passwordsalt' => '-----',
  'secret' => '-----',
  'trusted_domains' => 
  array (
    0 => '10.4.1.2:444',
    1 => 'nextcloud.mydomain.com',
    2 => 'cloud.mydomain.com',
    3 => '*.mydomain.com',
  ),
  'default_phone_region' => 'us',
  'dbtype' => 'mysql',
  'version' => '27.1.3.2',
  'overwrite.cli.url' => 'https://10.4.1.2:444',
  'dbname' => 'nextcloud',
  'dbhost' => '10.4.1.2:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => '-----',
  'installed' => true,
'memcache.local' => '\\OC\\Memcache\\APCu',
  'filelocking.enabled' => true,
  'memcache.locking' => '\\OC\\Memcache\\APCu',
  'maintenance' => false,
  'filesystem_check_changes' => 1,
  'mail_from_address' => 'myemail',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => 'gmail.com',
  'mail_smtphost' => 'smtp.gmail.com',
  'mail_smtpport' => '465',
  'mail_smtpauth' => '1',
  'mail_smtpname' => 'myemail@gmail.com',
  'mail_smtppassword' => '-----',
  'app_install_overwrite' => 
  array (
    0 => 'backup',
    1 => 'apporder',
    2 => 'google_synchronization',
    3 => 'ehr',
    4 => 'files_frommail',
    5 => 'ocdownloader',
    6 => 'workflow_kitinerary',
    7 => 'files_staticmimecontrol',
    8 => 'webhooks',
  ),
  'loglevel' => 0,
  'memories.exiftool' => '/config/www/nextcloud/apps/memories/exiftool-bin/exiftool-amd64-musl',
  'memories.vod.path' => '/config/www/nextcloud/apps/memories/exiftool-bin/go-vod-amd64',
  'memories.vod.ffmpeg' => '/usr/bin/ffmpeg',
  'memories.vod.ffprobe' => '/usr/bin/ffprobe',
  'enabledPreviewProviders' => 
  array (
    0 => 'OC\\Preview\\Image',
    1 => 'OC\\Preview\\HEIC',
    2 => 'OC\\Preview\\TIFF',
    3 => 'OC\\Preview\\Movie',
  ),
  'preview_max_memory' => 256,
  'memories.vod.disable' => false,
  'memories.vod.vaapi.low_power' => true,
  'memories.gis_type' => 1,
  'memories.vod.vaapi' => true,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'upgrade.disable-web' => true,
);

Any insight into what is creating the error or how to fix is much appreciated!

tflidd · October 31, 2023, 12:56pm

The upload via web-interface is ok?
Is that with any file, or just larger ones (small than 5 MB? larger than 20MB?)?

This is normal local storage of the user? Or external/shared storage?

ajamesm819 · November 1, 2023, 8:54pm

Uploads of larger files fail via web interface or with client. Only have issues with larger files. Several 20-50kb files uploaded without issue. This is all on local storage of the user.

ajamesm819 · November 1, 2023, 9:40pm

I reviewed this article. I have deleted the {username}/uploads folder. I’m new to linux permissions, but I am running nextcloud in docker which is set up with PUID 99, PGID 100. Owner for all folders in data and config directories for nextcloud is set as nobody

ajamesm819 · November 6, 2023, 8:50pm

For the benefit of anyone with the same error, I finally was able to resolve on my end. I believe I had a couple issues.

#1: cloudflare chunking at 100MB limits, and desktop client not chunking appropriately. This error was fixed thanks to a client-side settings change in %appdata%/nextcloud/nextcloud.cfg as described here "Connection closed" message when syncing files larger then +- 100Mb · Issue #4278 · nextcloud/desktop · GitHub

#2: some server-side configuration that I still do not yet completely understand. I think it has to do with some old encryption token or some other settings. I “fixed” this by deleting my whole nextcloud appdata folder and am currently re-configuring from near-scratch. For posterity’s sake, I will try to update this thread if I discover the root cause after adding my apps and settings back in one-by-one.