Hi again szaimen
to be honest I cannot remember whether these were “Out of the Box” or whether I was mucking about with apps. I am a “generalist” and I wear too many hats. Sorry - I didn’t take decent notes while doing this.
I saw:
Failed to fetch the Collabora capabilities endpoint: cURL error 28: Connection timed out after 45000 milliseconds
And started disabling apps.
"2023-10-04T19:44:12+00:00","remoteAddr":"a.b.c.d","user":"admin","app":"richdocuments","method":"POST","url":"/login/confirm","message":"Failed to fetch the Collabora capabilities endpoint: cURL error 28: Connection timed out after 45000 milliseconds (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://*** sensitive parameters replaced ***/hosting/capabilities","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36","version":"27.1.0.7","exception":{"Exception":"GuzzleHttp\\Exception\\ConnectException","Message":"cURL error 28: Connection timed out after 45000 milliseconds (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://*** sensitive parameters replaced ***/hosting/capabilities","Code":0,"Trace":[{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php","line":158,"function":"createRejection","class":"GuzzleHttp\\Handler\\CurlFactory","type":"::","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php","line":110,"function":"finishError","class":"GuzzleHttp\\Handler\\CurlFactory","type":"::","args":[["GuzzleHttp\\Handler\\CurlHandler"],"*** sensitive parameters replaced ***",["GuzzleHttp\\Handler\\CurlFactory"]]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlHandler.php","line":47,"function":"finish","class":"GuzzleHttp\\Handler\\CurlFactory","type":"::","args":[["GuzzleHttp\\Handler\\CurlHandler"],"*** sensitive parameters replaced ***",["GuzzleHttp\\Handler\\CurlFactory"]]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php","line":137,"function":"__invoke","class":"GuzzleHttp\\Handler\\CurlHandler","type":"->","args":["*** sensitive parameters replaced ***","*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/Http/Client/DnsPinMiddleware.php","line":114,"function":"GuzzleHttp\\{closure}","class":"GuzzleHttp\\Middleware","type":"::","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php","line":35,"function":"OC\\Http\\Client\\{closure}","class":"OC\\Http\\Client\\DnsPinMiddleware","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php","line":31,"function":"__invoke","class":"GuzzleHttp\\PrepareBodyMiddleware","type":"->","args":["*** sensitive parameters replaced ***","*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php","line":71,"function":"GuzzleHttp\\{closure}","class":"GuzzleHttp\\Middleware","type":"::","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php","line":63,"function":"__invoke","class":"GuzzleHttp\\RedirectMiddleware","type":"->","args":["*** sensitive parameters replaced ***","*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php","line":75,"function":"GuzzleHttp\\{closure}","class":"GuzzleHttp\\Middleware","type":"::","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php","line":331,"function":"__invoke","class":"GuzzleHttp\\HandlerStack","type":"->","args":["*** sensitive parameters replaced ***","*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php","line":168,"function":"transfer","class":"GuzzleHttp\\Client","type":"->","args":["*** sensitive parameters replaced ***","*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php","line":187,"function":"requestAsync","class":"GuzzleHttp\\Client","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/Http/Client/Client.php","line":230,"function":"request","class":"GuzzleHttp\\Client","type":"->","args":["*** sensitive parameters replaced ***","*** sensitive parameters replaced ***/hosting/capabilities",["/mnt/ncdata/files_external/rootcerts.crt",45,[true],["Nextcloud Server Crawler","gzip"],true]]},{"file":"/var/www/html/custom_apps/richdocuments/lib/Service/CapabilitiesService.php","line":135,"function":"get","class":"OC\\Http\\Client\\Client","type":"->","args":["https://*** sensitive parameters replaced ***/hosting/capabilities",[45,[true]]]},{"file":"/var/www/html/custom_apps/richdocuments/lib/Service/CapabilitiesService.php","line":73,"function":"refetch","class":"OCA\\Richdocuments\\Service\\CapabilitiesService","type":"->","args":[]},{"file":"/var/www/html/custom_apps/richdocuments/lib/AppInfo/Application.php","line":90,"function":"getCapabilities","class":"OCA\\Richdocuments\\Service\\CapabilitiesService","type":"->","args":[]},{"file":"/var/www/html/lib/private/AppFramework/Bootstrap/FunctionInjector.php","line":66,"function":"OCA\\Richdocuments\\AppInfo\\{closure}","class":"OCA\\Richdocuments\\AppInfo\\Application","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/AppFramework/Bootstrap/BootContext.php","line":50,"function":"injectFn","class":"OC\\AppFramework\\Bootstrap\\FunctionInjector","type":"->","args":[["Closure"]]},{"file":"/var/www/html/custom_apps/richdocuments/lib/AppInfo/Application.php","line":145,"function":"injectFn","class":"OC\\AppFramework\\Bootstrap\\BootContext","type":"->","args":[["Closure"]]},{"file":"/var/www/html/lib/private/AppFramework/Bootstrap/Coordinator.php","line":200,"function":"boot","class":"OCA\\Richdocuments\\AppInfo\\Application","type":"->","args":[["OC\\AppFramework\\Bootstrap\\BootContext"]]},{"file":"/var/www/html/lib/private/App/AppManager.php","line":437,"function":"bootApp","class":"OC\\AppFramework"nextcloud.log.1" 1456L, 10487937C
I disabled:
- Collabora Online - Built-in CODE Server
- Full text search
- Full text search - Elasticsearch Platform
- Full text search - Files
- Nextcloud Office
and figured I would run a process of elimination enabling them one at a time.
One thing I noticed, I re-enabled brute force detection using OCC and the command appears to have run successfully, see the output below, yet “Brute-force settings” is still in the apps list in the UI as needing to be enabled:
@nc-hub:~$ sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set uth.bruteforce.protection.enabled --type bool --value=true
System config value uth.bruteforce.protection.enabled set to boolean true
@nc-hub:~$ sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set ratelimit.protection.enabled --type bool --value=true
System config value ratelimit.protection.enabled set to boolean true
Are they not the same thing?
cheers