Hey guys, I’m absolutely new here and not yet very experienced with Nextcloud. I just installed Nextcloud 15.0.5 on the webspace of our external provider. What I recognized is, that user and password of the Nextcloud database is stored in plaintext in the config.php file.
Well, I’m not a IT security expert - but this seems to be strange to me…
Even if access to this file is restricted, I’m pretty sure, the admin of the provider will habe access to read this file.
I really used the search function in this board but did not get useful results for me. If this topic was discussed before, I’m sorry to open a new thread…
- Is this a security issue?
- Is this a bad configuration issue from my side?
- What is your suggestion to deal with this point?
Thanks a lot!