Nextcloud Server version: 22.2.3
Operating system and version: 5.10.61-gentoo-x86_64
Apache or nginx version: Apache 2.4.51
PHP version : 8.0
After updating Onlyoffice or Nextcloud, Nextcloud stopped opening documents in Onlyoffice. In Chrome browser it says “This content is blocked. Contact the site owner to fix the issue.”
Blank screen in firefox browser
Hello,
I am facing the same problem - did you find any solution to this?
Thanks & cheers,
Georg
When I try to open a onlyoffice file in nextcloud I Get this error,
“This content is blocked. Contact the site owner to fix the issue.”
both of my services nextcloud and onlyoffice run in docker behind a reverse proxy all of that is hosted on my QNAP nas
I dont see any error log in portainer.
I’ve Install nextcloud and onlyoffice with docker
both sit behind a reverse proxy
open the document with the onlyoffice editor
Official Docker image
Other
PHP 8.0
Apache (supported)
SQlite
Fresh Nextcloud Server install
config.php
<?php
$CONFIG = array (
'htaccess.RewriteBase' => '/',
'memcache.local' => '\\OC\\Memcache\\APCu',
'apps_paths' =>
array (
0 =>
array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'instanceid' => 'XXXXXXXXXXXXX',
'passwordsalt' => 'XXXXXXXXXXXXXXXXXXXXXX',
'secret' => 'XXXXXXXXXXXXXXXXXXX',
'trusted_domains' =>
array (
0 => 'localhost:8085',
),
'datadirectory' => '/var/www/html/data',
'dbtype' => 'sqlite3',
'version' => '23.0.1.2',
'overwrite.cli.url' => 'http://localhost:8085',
'overwrite.cli.url' => 'http://nextcloud.XXX.fr',
'installed' => true,
'trusted_proxies' => ['10.0.3.1'],
'overwritehost' => 'nextcloud.XXX.fr',
'overwriteprotocol' => 'https',
'overwritewebroot' => '/',
'overwritecondaddr' => '^10\.0\.3\.1$',
);
Hi,
Same problem here.
NC 22.2.5 (Non Docker install)
OnlyOffice on a different VM server (Docker install)
PHP 7.4
DB: MariaDB
All 2 behind SSL connection, access from web are ok
When I insert server adress (https://docs.xxx.xx/) in the OnlyOffice Section in NC Parameters, got a green message that said version 7.xxx are ok
RP Nginx
Only Office Connector are up to date (7.3.2)
Tested on Chrome, Firefox and Edge
Same Error on all web nav
Ditto same issue!
Yes, i did. Still it shows “This content is blocked. Contact the site owner to fix the issue.” on Edge and Google Chrome.
On Opera it shows blank screen.
I have the same problem on Chrome. On my Mac‘s Safari everything is good. On Firefox just blank white page.
Ok solved by myself today. Just time to prepare the explanation and post it here to help you.
So, hi to all,
1st sorry for my english but I’m french speaking.
The problem comes from the xxx.conf file assigned to your documentserver. It does the job of accessing your docserver.youradress.xyz, so that Nextcloud recognizes it in the Nextcloud OnlyOffice settings but does not allow access to OnlyOffice itself. So here is my 3 step solution.
Behind Nginx Reverse Proxy
1st) Your .conf file without Letsencrypt at /etc/nginx/conf.d (for exemple: docs.conf)
upstream stream-docs {
server local.ip.adress.here;
}
server {
server_name docs.yoursite.xyz;
access_log /var/log/nginx/docs.access.log;
error_log /var/log/nginx/docs.error.log;
location / {
proxy_pass http://stream-docs;
proxy_redirect default;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
}
}
2nd) After save push it to SSL with letsencrypt on your Nginx RP
sudo certbot --nginx
3rd) Your .conf file should look like this
upstream stream-docs {
server local.ip.adress.here;
}
server {
server_name docs.yoursite.xyz;
access_log /var/log/nginx/docs.access.log;
error_log /var/log/nginx/docs.error.log;
location / {
proxy_pass http://stream-docs;
proxy_redirect default;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/docs.yoursite.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/docs.yoursite.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = docs.yoursite.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name docs.yoursite.xyz;
listen 80;
return 404; # managed by Certbot
}
4th) add the commented lines to your .conf file without forgetting to uncomment them (remove the #)
upstream stream-docs {
server local.ip.adress.here;
}
# map $http_host $this_host {
# "" $host;
# default $http_host;
# }
# map $http_x_forwarded_proto $the_scheme {
# default $http_x_forwarded_proto;
# "" $scheme;
# }
# map $http_x_forwarded_host $the_host {
# default $http_x_forwarded_host;
# "" $this_host;
# }
# map $http_upgrade $proxy_connection {
# default upgrade;
# "" close;
# }
server {
# listen 0.0.0.0:80;
server_name docs.yoursite.xyz;
# server_tokens off;
access_log /var/log/nginx/docs.access.log;
error_log /var/log/nginx/docs.error.log;
location / {
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection $proxy_connection;
# proxy_set_header X-Forwarded-Host $the_host;
# proxy_set_header X-Forwarded-Proto $the_scheme;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://stream-docs;
proxy_redirect default;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/docs.yoursite.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/docs.yoursite.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = docs.yoursite.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name docs.yoursite.xyz;
listen 80;
return 404; # managed by Certbot
}
5th) Reload Nginx RP
sudo systemctl reload Nginx
Then go to your nextcloud instance as admin. Go to settings → Only Office and add the documentserver adress, no need to use advanced parameters.
For exemple : https:/docs.youradress.xyz/ (don’t forget the / at end)
that’s all Folks
NOTE: The #Manage by Certbot lines must stay commented ofc 
Hi Irvin,
thanks for posting your solution!
I have the same issue and nearly the same setup(nextcloud non-dockerized and apache reverse proxy). I do not understand what you mean by "…does not allow access OnlyOffice itself. So I’m not able to figure out a solution for apache.
Can you/someone explain it more detailed?
I accessed the outside docserver-https-url from within the docker-container and this seems to work fine.
I found the fix for me.
Since my docker-instance is running on plain http and running on port 80(within the docker container) and the reverse-proxy is handling the SSL, I had to specify the following 2 config options for the reverse proxy:
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
The full apache2 virtual host section is:
<VirtualHost *:443>
ServerName server.domain.tld
SSLCertificateFile /etc/letsencrypt/live/server.domain.tld/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server.domain.tld/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/server.domain.tld/chain.pem
ErrorLog ${APACHE_LOG_DIR}/onlyoffice_error.log
CustomLog ${APACHE_LOG_DIR}/onlyoffice_access.log combined
ServerAdmin webmaster@localhost
DocumentRoot /var/www/empty
<Location />
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
ProxyPass http://localhost:10080/
ProxyPassReverse http://localhost:10080
</Location>
</VirtualHost>
I have the same issue, my document server is install in docker. I post here just for this issue come back again and hope could help others.
my case in using hosting web panel (Centos webpanel: nginx → apache → proxy → (custom-port))
This content is blocked. Contact the site owner to fix the issue is because the webserver domain config doesn’t right. then I place the new config for Apache as below and it does the work
–Don’t forget to replace your real user name path and domain in production
<VirtualHost 192.168.123.120:8443>
ServerName onlyoffice.domain.com
ServerAlias www.onlyoffice.domain.com
ServerAdmin webmaster@onlyoffice.domain.com
DocumentRoot /home/username/onlyoffice.domain.com
UseCanonicalName Off
ScriptAlias /cgi-bin/ /home/username/onlyoffice.domain.com/cgi-bin/
#CustomLog /usr/local/apache/domlogs/onlyoffice.domain.com.bytes bytes
#CustomLog /usr/local/apache/domlogs/onlyoffice.domain.com.log combined
ErrorLog /usr/local/apache/domlogs/onlyoffice.domain.com.error.log
# Custom settings are loaded below this line (if any exist)
# IncludeOptional "/usr/local/apache/conf/userdata/username/onlyoffice.domain.com/*.conf"
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/onlyoffice.domain.com.cert
SSLCertificateKeyFile /etc/pki/tls/private/onlyoffice.domain.com.key
SSLCertificateChainFile /etc/pki/tls/certs/onlyoffice.domain.com.bundle
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
SetEnvIf Host "^(.*)$" THE_HOST=$1
RequestHeader setifempty X-Forwarded-Proto https
RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
ProxyAddHeaders Off
ProxyPassMatch (.*)(\/websocket)$ "ws://127.0.0.1:8478/$1$2"
ProxyPass / "http://127.0.0.1:8478/"
ProxyPassReverse / "http://127.0.0.1:8478/"
</VirtualHost>