Ocs-provider doesn't resolve 29.0.7 but no ocm-provider error

example

longer
example
here

Nextcloud version (eg, 29.0.5): 29.0.7
Operating system and version (eg, Ubuntu 24.04): installatron on cloudlinux shared hosting
Apache or nginx version (eg, Apache 2.4.25): LiteSpeed
PHP version (eg, 8.3): 8.3

The issue you are facing: Your web server is not properly set up to resolve “/ocs-provider/”

Is this the first time you’ve seen this error? (Y/N): N

Steps to replicate it:

I don’t know how to replicate the error.

The output of your Nextcloud log in Admin > Logging:

there is no error output

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'instanceid' => '*****',
  'passwordsalt' => '*****',
  'secret' => '*****',
  'trusted_domains' => 
  array (
    0 => 'subdomain.domain.com',
  ),
  'datadirectory' => '*****',
  'dbtype' => 'mysql',
  'version' => '29.0.7.1',
  'overwrite.cli.url' => 'https://subdomain.domain.com/',
  'dbname' => '*****',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'nc_',
  'mysql.utf8mb4' => true,
  'dbuser' => '*****',
  'dbpassword' => '*****',
  'installed' => true,
  'memcache.local' => '\\OC\\Memcache\\Redis',
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => '/home/*****/.redis/redis.sock',
    'port' => 0,
    'dbindex' => 0,
  ),
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'htaccess.RewriteBase' => '/',
  'preview_max_memory' => 2048,
  'enable_previews' => true,
  'enabledPreviewProviders' => 
  array (
    0 => 'OC\\Preview\\PNG',
    1 => 'OC\\Preview\\JPEG',
    2 => 'OC\\Preview\\GIF',
    3 => 'OC\\Preview\\BMP',
    4 => 'OC\\Preview\\XBitmap',
    5 => 'OC\\Preview\\PDF',
    6 => 'OC\\Preview\\MP3',
    7 => 'OC\\Preview\\TXT',
    8 => 'OC\\Preview\\MarkDown',
    9 => 'OC\\Preview\\HEIC',
    10 => 'OC\\Preview\\MKV',
    11 => 'OC\\Preview\\MP4',
    12 => 'OC\\Preview\\AVI',
    13 => 'OC\\Preview\\Movie',
  ),
  'preview_max_x' => '2048',
  'preview_max_y' => '2048',
  'mail_from_address' => 'info',
  'mail_domain' => '*****.com',
  'mail_smtpauth' => 1,
  'mail_smtpauthtype' => 'PLAIN',
  'mail_smtphost' => '*****',
  'mail_smtpport' => '587',
  'mail_smtpsecure' => 'tls',
  'mail_smtpname' => '*****@*****.com',
  'mail_smtppassword' => '*****',
  'maintenance' => false,
  'default_phone_region' => 'CA',
  'theme' => '',
  'log_type' => 'file',
  'logfile' => '*****.log',
  'logtimezone' => 'America/Toronto',
  'loglevel' => 2,
  'jpeg_quality' => '80',
  'session_relaxed_expiry' => false,
  'maintenance_window_start' => 1,
);

The output of your Apache/nginx/system log in /var/log/____:

there is no output in either usage or error logs

Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

I have an error

• Your web server is not properly set up to resolve “/ocs-provider/”. This is most likely related to a web server configuration that was not updated to deliver this folder directly. Please compare your configuration against the shipped rewrite rules in “.htaccess” for Apache or the provided one in the documentation for Nginx. On Nginx those are typically the lines starting with “location ~” that need an update. For more details see the documentation .

That I can’t resolve on the dashboard. I can’t access the server config because I’m on shared hosting installed using installatron. I haven’t found a solution in the .htaccess after trying to modify rules so I cannot be sure this is the issue.

I am hosting with a provider, so I don’t seem to have direct access to the nextcloud.conf file that the link mentions to review.

I’ve seen many forum posts where there is both an ocm and ocs error, however I am correctly returned a json response when I try and open the ocm-provider in my browser, so that part seems to be working fine. Further, many posts are outdated and as NC has evolved over time with updates applied to fix issues to the shipped .htaccess file, so I’m creating a new post to try and get up-to-date information.

Certainly, I must contact my hosting provider about this, but I’m trying to determine what I must request they do or check.

Should I be able to access ocs-provider through a web browser ?

I do have pretty url’s set up and they are working for me, so this must imply that the .htaccess file is working ? As well I have

The only other error at the moment seems to be related to the tasks app, which uninstalling and reinstalling didn’t fix

image1384×71 3.22 KB

here is what my .htaccess file looks like now. I tried comparing to the shipped one and it seems to be very similar in terms of the re-write rules. However perhaps I’m missing something.

<IfModule mod_headers.c>
  <IfModule mod_setenvif.c>
    <IfModule mod_fcgid.c>
       SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
       RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
    </IfModule>
    <IfModule mod_proxy_fcgi.c>
       SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
    </IfModule>
    <IfModule mod_lsapi.c>
      SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
      RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
    </IfModule>
  </IfModule>

  <IfModule mod_env.c>
    # Add security and privacy related headers
    <IfModule mod_headers.c>
        Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
    </IfModule>
    # Avoid doubled headers by unsetting headers in "onsuccess" table,
    # then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
    Header onsuccess unset Referrer-Policy
    Header always set Referrer-Policy "no-referrer"

    Header onsuccess unset X-Content-Type-Options
    Header always set X-Content-Type-Options "nosniff"

    Header onsuccess unset X-Frame-Options
    Header always set X-Frame-Options "SAMEORIGIN"

    Header onsuccess unset X-Permitted-Cross-Domain-Policies
    Header always set X-Permitted-Cross-Domain-Policies "none"

    Header onsuccess unset X-Robots-Tag
    Header always set X-Robots-Tag "noindex, nofollow"

    Header onsuccess unset X-XSS-Protection
    Header always set X-XSS-Protection "1; mode=block"

    SetEnv modHeadersAvailable true
  </IfModule>

  # Add cache control for static resources
  <FilesMatch "\.(css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite)$">
    <If "%{QUERY_STRING} =~ /(^|&)v=/">
      Header set Cache-Control "max-age=15778463, immutable"
    </If>
    <Else>
      Header set Cache-Control "max-age=15778463"
    </Else>
  </FilesMatch>

  # Let browsers cache WOFF files for a week
  <FilesMatch "\.woff2?$">
    Header set Cache-Control "max-age=604800"
  </FilesMatch>
</IfModule>

<IfModule mod_php.c>
  php_value mbstring.func_overload 0
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>

<IfModule mod_mime.c>
  AddType image/svg+xml svg svgz
  AddType application/wasm wasm
  AddEncoding gzip svgz
  # Serve ESM javascript files (.mjs) with correct mime type
  AddType text/javascript js mjs
</IfModule>

<IfModule mod_dir.c>
  DirectoryIndex index.php index.html
</IfModule>

<IfModule pagespeed_module>
  ModPagespeed Off
</IfModule>

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{HTTP_USER_AGENT} DavClnt
  RewriteRule ^$ /remote.php/webdav/ [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
  RewriteRule ^ocm-provider/?$ index.php [QSA,L]
  RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>

# Clients like xDavv5 on Android, or Cyberduck, use chunked requests.
# When FastCGI or FPM is used with apache, requests arrive to Nextcloud without any content.
# This leads to the creation of empty files.
# The following directive will force the problematic requests to be buffered before being forwarded to Nextcloud.
# This way, the "Transfer-Encoding" header is removed, the "Content-Length" header is set, and the request content is proxied to Nextcloud.
# Here are more information about the issue:
#  - https://docs.cyberduck.io/mountainduck/issues/fastcgi/
#  - https://docs.nextcloud.com/server/latest/admin_manual/issues/general_troubleshooting.html#troubleshooting-webdav
<IfModule mod_setenvif.c>
  SetEnvIf Transfer-Encoding "chunked" proxy-sendcl=1
</IfModule>

# Apache disabled the sending of the server-side content-length header 
# in their 2.4.59 patch updated which breaks some use-cases in Nextcloud.
# Setting ap_trust_cgilike_cl allows to bring back the usual behaviour.
# See https://bz.apache.org/bugzilla/show_bug.cgi?id=68973
<IfModule mod_env.c>
  SetEnv ap_trust_cgilike_cl
</IfModule>

AddDefaultCharset utf-8
Options -Indexes
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####

ErrorDocument 403 //index.php/error/403
ErrorDocument 404 //index.php/error/404
<IfModule mod_rewrite.c>
  Options -MultiViews
  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
  RewriteCond %{REQUEST_FILENAME} !\.(css|js|mjs|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg|map|webm|mp4|mp3|ogg|wav|flac|wasm|tflite)$
  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update\.php
  RewriteCond %{REQUEST_FILENAME} !/core/img/(favicon\.ico|manifest\.json)$
  RewriteCond %{REQUEST_FILENAME} !/(cron|public|remote|status)\.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v(1|2)\.php
  RewriteCond %{REQUEST_FILENAME} !/robots\.txt
  RewriteCond %{REQUEST_FILENAME} !/(ocs-provider|updater)/
  RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.*
  RewriteCond %{REQUEST_FILENAME} !/richdocumentscode(_arm64)?/proxy.php$
  RewriteRule . index.php [PT,E=PATH_INFO:$1]
  RewriteBase /
  <IfModule mod_env.c>
    SetEnv front_controller_active true
    <IfModule mod_dir.c>
      DirectorySlash off
    </IfModule>
  </IfModule>
</IfModule>

Any help or suggestions to debug would be appreciated.

After more tests, I can access mydomain.com/ocs-provider/test.html as well as /index.php contained within the ocs-provider folder.

However, trying to access mydomain.com/ocs-provider or mydomain.com/ocs-provider/ does not work.

I’m beginning to think that this might have to do with the differences between how Apache and Litespeed interpret flags.

The documentation explains that

There is a minor difference in the way LiteSpeed Web Server and Apache treat the [L] flag in rewrite rules. The [L] flag (“L” stands for “Last”) causes mod_rewrite to stop processing the rule set. There are two ways to interpret this:

1. In most contexts, including LiteSpeed Web Server, this means that if the rule matches, no further rules will be processed. LSWS exits from the rewrite completely to avoid looping.

2. In Apache, [L] means that if the rule matches, no further rules will be processed in the current iteration. Apache does not exit from the rewrite rule completely, and so there is a possibility of looping.

TL;DR: The ruleset after an [L] flag may still be processed by Apache on a subsequent iteration, but that is not true with LSWS and most other contexts.

In Apache 2.4 and above, an alternative flag, [END], has been introduced to terminate not only the current round of rewrite processing, but to prevent any subsequent rewrite processing from occurring in .htaccess. In other words, the [L] flag in LSWS is equivalent to [END] in Apache 2.4.

Perhaps LSWS does not like multiple blocks.

Perhaps it hits an ‘[L]’ flag and then doesn’t execute the lower block.

I am not sure about the impact of removing an L flag.

Also, Litespeed does not support DirectorySlash off, however I’m not sure that matters except that any directory URL will always end with a /

Maybe I could add an .htaccess file to the ocs-provider folder directly ?

The fact that #### DO NOT CHANGE ANYTHING ABOVE THIS LINE #### is posted in the shipped .htaccess makes me wonder if modifications done above this line will be overwritten on update, or interfere with some kind of integrity check.

In any event, this seems like an issue specific to litespeed, does anyone have a working configuration they are willing to share ?

What is the output of the following:

curl -I https://subdomain.domain.com/ocs-provider/

That setup check is looking for a 200 status code back.

@jtr I am seeing

HTTP/2 404
x-powered-by: PHP/8.3.12
set-cookie: oc_sessionPassphrase=……; path=/; secure; HttpOnly; SameSite=Lax
set-cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
set-cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
set-cookie: oc465sgp9lg……; path=/; secure; HttpOnly; SameSite=Lax
x-request-id: B2LdEnxSOQCAhOOmiBEN
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src ‘none’;base-uri ‘none’;manifest-src ‘self’;script-src ‘nonce-……=’ blob:;script-src-elem ‘strict-dynamic’ ‘nonce-….=’ blob:;style-src ‘self’ ‘unsafe-inline’;img-src ‘self’ data: blob: https://*.tile.openstreetmap.org;font-src ‘self’ data:;connect-src ‘self’ blob: stun.nextcloud.com:443;media-src ‘self’ blob:;frame-src ‘self’;child-src blob: ‘self’;frame-ancestors ‘self’;worker-src blob: ‘self’;form-action ‘self’
feature-policy: autoplay ‘self’;camera ‘self’;fullscreen ‘self’;geolocation ‘none’;microphone ‘self’;payment ‘none’
x-robots-tag: noindex, nofollow
content-type: text/html; charset=UTF-8
content-length: 4971
date: Tue, 22 Oct 2024 23:10:18 GMT
server: LiteSpeed
vary: User-Agent
strict-transport-security: max-age=15552000; includeSubDomains
onsuccess: unset Referrer-Policy
referrer-policy: no-referrer
onsuccess: unset X-Content-Type-Options
x-content-type-options: nosniff
onsuccess: unset X-Frame-Options
x-frame-options: SAMEORIGIN
onsuccess: unset X-Permitted-Cross-Domain-Policies
x-permitted-cross-domain-policies: none
onsuccess: unset X-Robots-Tag
onsuccess: unset X-XSS-Protection
x-xss-protection: 1; mode=block
alt-svc: h3=“:443”; ma=2592000, h3-29=“:443”; ma=2592000, h3-Q050=“:443”; ma=2592000, h3-Q046=“:443”; ma=2592000, h3-Q043=“:443”; ma=2592000, quic=“:443”; ma=2592000; v=“43,46”

I still have not found a solution. Leaving this here… hopefully someone from the community is able to provide a solution at some point. At least the issue seems relatively clear; how to correctly adapt rules in an .htaccess file for litespeed ?

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.