Nginx: ocs-provider / ocm-provider not properly resolved despite correct settings?


Nextcloud version (eg, 20.0.5): 27.0.0
Operating system and version (eg, Ubuntu 20.04): openSUSE Tumbleweed
Apache or nginx version (eg, Apache 2.4.25): nginx 1.25.1
PHP version (eg, 7.4): 8.2.7
LEMP installed via OpenSUSE repos, Nextcloud manually downloaded latest archive version.

The issue you are facing:
The old ocm-provider/ocs-provider error in the admin overview. “Your web server is not properly set up…”.
The Nextcloud instance is hosted on, the nginx vhost config is pretty much identical to the one in the official help files, and everything else works just fine.
Now the funny thing is, when I manually navigate to, it gets redirected to, and I have no idea where this redirection rule would be located, because it certainly isn’t in my nginx/vhost config.

Grateful for any help/idea! :slight_smile:

The output of your Nextcloud log in Admin > Logging:

nothing of interest in the Nextcloud log

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

$CONFIG = array (
  'instanceid' => 'xxxx',
  'passwordsalt' => 'xxxx',
  'secret' => 'xxxx',
  'trusted_domains' =>
  array (
    0 => '',
    1 => '',
  'datadirectory' => '/srv/nextcloud_data',
  'dbtype' => 'mysql',
  'version' => '',
  'overwrite.cli.url' => '',
  'dbname' => 'dbname',
  'dbhost' => 'localhost:1234',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'dbuser',
  'dbpassword' => 'xxxx',
  'installed' => true,
  'default_phone_region' => 'xx',

nginx access log (first entry is my manual attempt to navigate to

11.22.333.444 - - [29/Jun/2023:23:16:11 +0200] "GET /nextcloud/ocs-provider/index.php/csrftoken HTTP/2.0" 404 4016 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36"
11.22.333.444 - - [29/Jun/2023:23:16:12 +0200] "GET /ocs/v2.php/apps/serverinfo/api/v1//basicdata?format=json HTTP/2.0" 200 284 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36"
11.22.333.444 - - [29/Jun/2023:23:16:12 +0200] "GET /apps/serverinfo/update HTTP/2.0" 200 267 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36"

Finally, my nginx.conf

user  nginx nginx;
worker_processes  1;

events {
    worker_connections  1024;
    use epoll;

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    include conf.d/*.conf;
    include vhosts.d/*.conf;

…and my vhost:

upstream php-handler {
    server unix:/var/run/php-fpm/nc.sock;

map $arg_v $asset_immutable {
    "" "";
    default "immutable";

server {
    listen 80;
    listen [::]:80;
    server_tokens off;
    return 301 https://$server_name$request_uri;

server {
    listen 443      ssl;
    listen [::]:443 ssl;
    http2 on;
    root /srv/www/htdocs/nextcloud/;

    ssl_certificate         /etc/letsencrypt/live/;
	ssl_certificate_key     /etc/letsencrypt/live/;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    server_tokens off;

    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;

    client_max_body_size 512M;
    client_body_timeout 300s;
    fastcgi_buffers 64 4K;

    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types application/atom+xml text/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/ application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

    client_body_buffer_size 512k;

    add_header Referrer-Policy                   "no-referrer"       always;
    add_header X-Content-Type-Options            "nosniff"           always;
    add_header X-Download-Options                "noopen"            always;
    add_header X-Frame-Options                   "SAMEORIGIN"        always;
    add_header X-Permitted-Cross-Domain-Policies "none"              always;
    add_header X-Robots-Tag                      "noindex, nofollow" always;
    add_header X-XSS-Protection                  "1; mode=block"     always;

    fastcgi_hide_header X-Powered-By;

    include mime.types;
    types {
        text/javascript mjs;

    index index.php index.html /index.php$request_uri;

    location = / {
        if ( $http_user_agent ~ ^DavClnt ) {
            return 302 /remote.php/webdav/$is_args$args;

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;

    location ^~ /.well-known {

        location = /.well-known/carddav { return 301 /remote.php/dav/; }
        location = /.well-known/caldav  { return 301 /remote.php/dav/; }
        location /.well-known/acme-challenge    { try_files $uri $uri/ =404; }
        location /.well-known/pki-validation    { try_files $uri $uri/ =404; }
        return 301 /index.php$request_uri;

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)  { return 404; }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console)                { return 404; }

    location ~ \.php(?:$|/) {
        rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        set $path_info $fastcgi_path_info;
        try_files $fastcgi_script_name =404;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param HTTPS on;
        fastcgi_param modHeadersAvailable true;        
        fastcgi_param front_controller_active true;
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
        fastcgi_max_temp_file_size 0;

    location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
        try_files $uri /index.php$request_uri;
        add_header Cache-Control "public, max-age=15778463, $asset_immutable";
        access_log off;
        location ~ \.wasm$ {
            default_type application/wasm;
    location ~ \.woff2?$ {
        try_files $uri /index.php$request_uri;
        expires 7d;
        access_log off;

    location /remote {
        return 301 /remote.php$request_uri;

    location / {
        try_files $uri $uri/ /index.php$request_uri;

So you can see, “nextcloud” isn’t even mentioned in the nginx config files (except in the root definition), so I’m really at a loss where this redirect to /nextcloud/ocs-provider would be coming from!

If you haven’t done it yet: Reload nginx with nginx -s reload and check, if it still redirects to nextcloud/ocs-provider…

After that check the entire nginx config with

nginx -T | grep nextcloud

for more occurrences of nextcloud in your nginx config.

1 Like

Thanks! I had restarted nginx and the server a couple of times already, but did it once again for good measure. Didn’t help :frowning:

cloud:/ # nginx -T | grep nextcloud
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
    root /srv/www/htdocs/nextcloud/;

I had an epiphany while falling asleep last night… it was a browser cache issue. I had assumed the system check would run on the server only, but apparently it doesn’t. The /nextcloud/ was still in the cache from my previous installation where it was installed in a server subdir.

In case you have a similar issue: Double-check with a different browser or with private/anonymous mode.

1 Like