Please help to fix the 2 warnings on overview page

Hi! I am trying to fix all errors on the administration overview page and i can’t seem to fix these two that are showing up yellow… Please help me fixt thease errors / recomendations.

Here is the copy of the overview page:

Security & setup warnings

It’s important for the security and performance of your instance that everything is configured correctly. To help you with that we are doing some automatic checks. Please see the linked documentation for more information.

There are some warnings regarding your setup.

Here is the copy of the overview page

* 9 errors in the logs since May 23, 2024, 4:27:35 PM
* Some headers are not set correctly on your instance - The `X-Content-Type-Options` HTTP header is not set to `nosniff`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly. - The `X-Robots-Tag` HTTP header is not set to `noindex,nofollow`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly. - The `X-Permitted-Cross-Domain-Policies` HTTP header is not set to `none`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly. - The `X-XSS-Protection` HTTP header does not contain `1; mode=block`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly. - The `Referrer-Policy` HTTP header is not set to `no-referrer`, `no-referrer-when-downgrade`, `strict-origin`, `strict-origin-when-cross-origin` or `same-origin`. This can leak referer information. See the [W3C Recommendation](https://www.w3.org/TR/referrer-policy/). - The `Strict-Transport-Security` HTTP header is not set (should be at least `15552000` seconds). For enhanced security, it is recommended to enable HSTS. For more details see the [documentation ↗](https://docs.nextcloud.com/server/29/go.php?to=admin-security).

The logging page shows this:

{"reqId":"iaxQ2OsKCtttiE8KBuHz","level":3,"time":"2024-05-29T19:07:16+00:00","remoteAddr":"192.168.8.220","user":"admin","app":"text","method":"PUT","url":"/index.php/apps/text/session/9/create","message":"No permission to access this file","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36","version":"29.0.1.1","exception":{"Exception":"OCP\\Files\\NotFoundException","Message":"","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/apps/text/lib/Service/ApiService.php","line":92,"function":"getFileById","class":"OCA\\Text\\Service\\DocumentService","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/text/lib/Controller/SessionController.php","line":62,"function":"create","class":"OCA\\Text\\Service\\ApiService","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/Http/Dispatcher.php","line":232,"function":"create","class":"OCA\\Text\\Controller\\SessionController","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/Http/Dispatcher.php","line":138,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/App.php","line":184,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Route/Router.php","line":338,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1050,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/cloud.ozotech.cc/index.php","line":49,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/cloud.ozotech.cc/apps/text/lib/Service/DocumentService.php","Line":506,"message":"No permission to access this file","exception":{},"CustomMessage":"No permission to access this file"}}
{"reqId":"6MwvPH7M86IWBioaKcOc","level":3,"time":"2024-05-29T19:19:55+00:00","remoteAddr":"192.168.8.223","user":"eduards","app":"no app in context","method":"POST","url":"/ocs/v2.php/apps/notifications/api/v2/push","message":"/appdata_oca9rx0wzhts/identityproof/user-eduards","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"OCP\\Files\\NotFoundException","Message":"/appdata_oca9rx0wzhts/identityproof/user-eduards","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Files/Node/LazyFolder.php","line":161,"function":"get","class":"OC\\Files\\Node\\Root","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Files/AppData/AppData.php","line":132,"function":"get","class":"OC\\Files\\Node\\LazyFolder","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/IdentityProof/Manager.php","line":115,"function":"getFolder","class":"OC\\Files\\AppData\\AppData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/IdentityProof/Manager.php","line":133,"function":"retrieveKey","class":"OC\\Security\\IdentityProof\\Manager","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/notifications/lib/Controller/PushController.php","line":134,"function":"getKey","class":"OC\\Security\\IdentityProof\\Manager","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/Http/Dispatcher.php","line":232,"function":"registerDevice","class":"OCA\\Notifications\\Controller\\PushController","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/Http/Dispatcher.php","line":138,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/App.php","line":184,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Route/Router.php","line":338,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/cloud.ozotech.cc/ocs/v1.php","line":66,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/cloud.ozotech.cc/ocs/v2.php","line":23,"args":["/var/www/cloud.ozotech.cc/ocs/v1.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Files/Node/Root.php","Line":212,"message":"/appdata_oca9rx0wzhts/identityproof/user-eduards","exception":{},"CustomMessage":"/appdata_oca9rx0wzhts/identityproof/user-eduards"}}
{"reqId":"oWfFmECDx9NlkeLZOy6P","level":3,"time":"2024-05-30T06:21:11+00:00","remoteAddr":"192.168.8.223","user":"eduards","app":"no app in context","method":"PUT","url":"/remote.php/dav/uploads/eduards/F4A92ED4-658D-48BA-9188-E1555B259F6F/2","message":"Expected filesize of 49144555 bytes but read (from Nextcloud client) and wrote (to Nextcloud storage) 19382272 bytes. Could either be a network problem on the sending side or a problem writing to the storage on the server side.","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Sabre\\DAV\\Exception\\BadRequest","Message":"Expected filesize of 49144555 bytes but read (from Nextcloud client) and wrote (to Nextcloud storage) 19382272 bytes. Could either be a network problem on the sending side or a problem writing to the storage on the server side.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/apps/dav/lib/Connector/Sabre/Directory.php","line":148,"function":"put","class":"OCA\\DAV\\Connector\\Sabre\\File","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/dav/lib/Upload/UploadFolder.php","line":51,"function":"createFile","class":"OCA\\DAV\\Connector\\Sabre\\Directory","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/Server.php","line":1098,"function":"createFile","class":"OCA\\DAV\\Upload\\UploadFolder","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/CorePlugin.php","line":504,"function":"createFile","class":"Sabre\\DAV\\Server","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/event/lib/WildcardEmitterTrait.php","line":89,"function":"httpPut","class":"Sabre\\DAV\\CorePlugin","type":"->"},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/Server.php","line":472,"function":"emit","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/Server.php","line":253,"function":"invokeMethod","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/Server.php","line":321,"function":"start","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/dav/lib/Server.php","line":374,"function":"exec","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/dav/appinfo/v2/remote.php","line":35,"function":"exec","class":"OCA\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/remote.php","line":172,"args":["/var/www/cloud.ozotech.cc/apps/dav/appinfo/v2/remote.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/apps/dav/lib/Connector/Sabre/File.php","Line":301,"message":"Expected filesize of 49144555 bytes but read (from Nextcloud client) and wrote (to Nextcloud storage) 19382272 bytes. Could either be a network problem on the sending side or a problem writing to the storage on the server side.","exception":{},"CustomMessage":"Expected filesize of 49144555 bytes but read (from Nextcloud client) and wrote (to Nextcloud storage) 19382272 bytes. Could either be a network problem on the sending side or a problem writing to the storage on the server side."}}
{"reqId":"8mZDBN2ArY4Vy2fPAiu7","level":3,"time":"2024-05-30T07:48:54+00:00","remoteAddr":"192.168.8.51","user":"--","app":"no app in context","method":"GET","url":"/index.php/avatar/eduards/384","message":"Could not decrypt or decode encrypted session data","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Exception","Message":"HMAC does not match.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","line":119,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":91,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":68,"function":"initializeSession","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoWrapper.php","line":112,"function":"__construct","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":455,"function":"wrapSession","class":"OC\\Session\\CryptoWrapper","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":711,"function":"initSession","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1181,"function":"init","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/index.php","line":47,"args":["/var/www/cloud.ozotech.cc/lib/base.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","Line":158,"message":"Could not decrypt or decode encrypted session data","exception":{},"CustomMessage":"Could not decrypt or decode encrypted session data"}}
{"reqId":"iabCqHccJ0aUz6YyQQ4G","level":2,"time":"2024-05-30T09:45:48+00:00","remoteAddr":"192.168.8.51","user":"--","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/eduards","message":"Login failed: 'eduards' (Remote IP: '192.168.8.51')","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","data":{"app":"core"}}
{"reqId":"B4z33ctjR3OSr3bVehj5","level":3,"time":"2024-05-30T09:46:04+00:00","remoteAddr":"192.168.8.51","user":"--","app":"no app in context","method":"GET","url":"/index.php/avatar/eduards/384","message":"Could not decrypt or decode encrypted session data","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Exception","Message":"HMAC does not match.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","line":119,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":91,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":68,"function":"initializeSession","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoWrapper.php","line":112,"function":"__construct","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":455,"function":"wrapSession","class":"OC\\Session\\CryptoWrapper","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":711,"function":"initSession","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1181,"function":"init","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/index.php","line":47,"args":["/var/www/cloud.ozotech.cc/lib/base.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","Line":158,"message":"Could not decrypt or decode encrypted session data","exception":{},"CustomMessage":"Could not decrypt or decode encrypted session data"}}
{"reqId":"QHuHcqhyVCUVjAT4Y3Wl","level":3,"time":"2024-05-30T12:09:53+00:00","remoteAddr":"192.168.8.223","user":"--","app":"no app in context","method":"GET","url":"/ocs/v1.php/cloud/capabilities","message":"Could not decrypt or decode encrypted session data","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Exception","Message":"HMAC does not match.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","line":119,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":91,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":68,"function":"initializeSession","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoWrapper.php","line":112,"function":"__construct","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":455,"function":"wrapSession","class":"OC\\Session\\CryptoWrapper","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":711,"function":"initSession","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1181,"function":"init","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/ocs/v1.php","line":31,"args":["/var/www/cloud.ozotech.cc/lib/base.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","Line":158,"message":"Could not decrypt or decode encrypted session data","exception":{},"CustomMessage":"Could not decrypt or decode encrypted session data"}}
{"reqId":"tkBowlw5UDfLL19DhDoD","level":3,"time":"2024-05-30T13:48:37+00:00","remoteAddr":"192.168.8.223","user":"--","app":"no app in context","method":"GET","url":"/ocs/v1.php/cloud/capabilities","message":"Could not decrypt or decode encrypted session data","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Exception","Message":"HMAC does not match.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","line":119,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":91,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":68,"function":"initializeSession","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoWrapper.php","line":112,"function":"__construct","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":455,"function":"wrapSession","class":"OC\\Session\\CryptoWrapper","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":711,"function":"initSession","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1181,"function":"init","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/ocs/v1.php","line":31,"args":["/var/www/cloud.ozotech.cc/lib/base.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","Line":158,"message":"Could not decrypt or decode encrypted session data","exception":{},"CustomMessage":"Could not decrypt or decode encrypted session data"}}
{"reqId":"mDikolFHG2AJBGDPbYbl","level":3,"time":"2024-05-30T13:48:37+00:00","remoteAddr":"192.168.8.223","user":"--","app":"no app in context","method":"GET","url":"/ocs/v2.php/apps/dashboard/api/v1/widgets","message":"Could not decrypt or decode encrypted session data","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Exception","Message":"HMAC does not match.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","line":119,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":91,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":68,"function":"initializeSession","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoWrapper.php","line":112,"function":"__construct","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":455,"function":"wrapSession","class":"OC\\Session\\CryptoWrapper","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":711,"function":"initSession","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1181,"function":"init","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/ocs/v1.php","line":31,"args":["/var/www/cloud.ozotech.cc/lib/base.php"],"function":"require_once"},{"file":"/var/www/cloud.ozotech.cc/ocs/v2.php","line":23,"args":["/var/www/cloud.ozotech.cc/ocs/v1.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","Line":158,"message":"Could not decrypt or decode encrypted session data","exception":{},"CustomMessage":"Could not decrypt or decode encrypted session data"}}
{"reqId":"4VqrJIPqnKV8ONwjSv8k","level":3,"time":"2024-05-30T13:48:37+00:00","remoteAddr":"192.168.8.223","user":"--","app":"no app in context","method":"REPORT","url":"/remote.php/dav/files/admin","message":"Could not decrypt or decode encrypted session data","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Exception","Message":"HMAC does not match.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","line":119,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":91,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":68,"function":"initializeSession","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoWrapper.php","line":112,"function":"__construct","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":455,"function":"wrapSession","class":"OC\\Session\\CryptoWrapper","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":711,"function":"initSession","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1181,"function":"init","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/remote.php","line":119,"args":["/var/www/cloud.ozotech.cc/lib/base.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","Line":158,"message":"Could not decrypt or decode encrypted session data","exception":{},"CustomMessage":"Could not decrypt or decode encrypted session data"}}

Thanks in advance!
Best Regards,
Eduards

Hi! I am trying to fix all errors on the administration overview page and i can’t seem to fix these two that are showing up yellow… Please help me fixt thease errors / recomendations.

Here is the copy of the overview page:

Security & setup warnings

It’s important for the security and performance of your instance that everything is configured correctly. To help you with that we are doing some automatic checks. Please see the linked documentation for more information.

There are some warnings regarding your setup.

Here is the copy of the overview page

* 6 errors in the logs since May 23, 2024, 4:27:35 PM
* Some headers are not set correctly on your instance - The `X-Content-Type-Options` HTTP header is not set to `nosniff`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly. - The `X-Robots-Tag` HTTP header is not set to `noindex,nofollow`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly. - The `X-Permitted-Cross-Domain-Policies` HTTP header is not set to `none`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly. - The `X-XSS-Protection` HTTP header does not contain `1; mode=block`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly. - The `Referrer-Policy` HTTP header is not set to `no-referrer`, `no-referrer-when-downgrade`, `strict-origin`, `strict-origin-when-cross-origin` or `same-origin`. This can leak referer information. See the [W3C Recommendation](https://www.w3.org/TR/referrer-policy/). - The `Strict-Transport-Security` HTTP header is not set (should be at least `15552000` seconds). For enhanced security, it is recommended to enable HSTS. For more details see the [documentation ↗](https://docs.nextcloud.com/server/29/go.php?to=admin-security).

The logging page shows this:

{"reqId":"iaxQ2OsKCtttiE8KBuHz","level":3,"time":"2024-05-29T19:07:16+00:00","remoteAddr":"192.168.8.220","user":"admin","app":"text","method":"PUT","url":"/index.php/apps/text/session/9/create","message":"No permission to access this file","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36","version":"29.0.1.1","exception":{"Exception":"OCP\\Files\\NotFoundException","Message":"","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/apps/text/lib/Service/ApiService.php","line":92,"function":"getFileById","class":"OCA\\Text\\Service\\DocumentService","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/text/lib/Controller/SessionController.php","line":62,"function":"create","class":"OCA\\Text\\Service\\ApiService","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/Http/Dispatcher.php","line":232,"function":"create","class":"OCA\\Text\\Controller\\SessionController","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/Http/Dispatcher.php","line":138,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/App.php","line":184,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Route/Router.php","line":338,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1050,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/cloud.ozotech.cc/index.php","line":49,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/cloud.ozotech.cc/apps/text/lib/Service/DocumentService.php","Line":506,"message":"No permission to access this file","exception":{},"CustomMessage":"No permission to access this file"}}
{"reqId":"6MwvPH7M86IWBioaKcOc","level":3,"time":"2024-05-29T19:19:55+00:00","remoteAddr":"192.168.8.223","user":"eduards","app":"no app in context","method":"POST","url":"/ocs/v2.php/apps/notifications/api/v2/push","message":"/appdata_oca9rx0wzhts/identityproof/user-eduards","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"OCP\\Files\\NotFoundException","Message":"/appdata_oca9rx0wzhts/identityproof/user-eduards","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Files/Node/LazyFolder.php","line":161,"function":"get","class":"OC\\Files\\Node\\Root","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Files/AppData/AppData.php","line":132,"function":"get","class":"OC\\Files\\Node\\LazyFolder","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/IdentityProof/Manager.php","line":115,"function":"getFolder","class":"OC\\Files\\AppData\\AppData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/IdentityProof/Manager.php","line":133,"function":"retrieveKey","class":"OC\\Security\\IdentityProof\\Manager","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/notifications/lib/Controller/PushController.php","line":134,"function":"getKey","class":"OC\\Security\\IdentityProof\\Manager","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/Http/Dispatcher.php","line":232,"function":"registerDevice","class":"OCA\\Notifications\\Controller\\PushController","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/Http/Dispatcher.php","line":138,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/AppFramework/App.php","line":184,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Route/Router.php","line":338,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/cloud.ozotech.cc/ocs/v1.php","line":66,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/cloud.ozotech.cc/ocs/v2.php","line":23,"args":["/var/www/cloud.ozotech.cc/ocs/v1.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Files/Node/Root.php","Line":212,"message":"/appdata_oca9rx0wzhts/identityproof/user-eduards","exception":{},"CustomMessage":"/appdata_oca9rx0wzhts/identityproof/user-eduards"}}
{"reqId":"oWfFmECDx9NlkeLZOy6P","level":3,"time":"2024-05-30T06:21:11+00:00","remoteAddr":"192.168.8.223","user":"eduards","app":"no app in context","method":"PUT","url":"/remote.php/dav/uploads/eduards/F4A92ED4-658D-48BA-9188-E1555B259F6F/2","message":"Expected filesize of 49144555 bytes but read (from Nextcloud client) and wrote (to Nextcloud storage) 19382272 bytes. Could either be a network problem on the sending side or a problem writing to the storage on the server side.","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Sabre\\DAV\\Exception\\BadRequest","Message":"Expected filesize of 49144555 bytes but read (from Nextcloud client) and wrote (to Nextcloud storage) 19382272 bytes. Could either be a network problem on the sending side or a problem writing to the storage on the server side.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/apps/dav/lib/Connector/Sabre/Directory.php","line":148,"function":"put","class":"OCA\\DAV\\Connector\\Sabre\\File","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/dav/lib/Upload/UploadFolder.php","line":51,"function":"createFile","class":"OCA\\DAV\\Connector\\Sabre\\Directory","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/Server.php","line":1098,"function":"createFile","class":"OCA\\DAV\\Upload\\UploadFolder","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/CorePlugin.php","line":504,"function":"createFile","class":"Sabre\\DAV\\Server","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/event/lib/WildcardEmitterTrait.php","line":89,"function":"httpPut","class":"Sabre\\DAV\\CorePlugin","type":"->"},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/Server.php","line":472,"function":"emit","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/Server.php","line":253,"function":"invokeMethod","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/3rdparty/sabre/dav/lib/DAV/Server.php","line":321,"function":"start","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/dav/lib/Server.php","line":374,"function":"exec","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/apps/dav/appinfo/v2/remote.php","line":35,"function":"exec","class":"OCA\\DAV\\Server","type":"->"},{"file":"/var/www/cloud.ozotech.cc/remote.php","line":172,"args":["/var/www/cloud.ozotech.cc/apps/dav/appinfo/v2/remote.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/apps/dav/lib/Connector/Sabre/File.php","Line":301,"message":"Expected filesize of 49144555 bytes but read (from Nextcloud client) and wrote (to Nextcloud storage) 19382272 bytes. Could either be a network problem on the sending side or a problem writing to the storage on the server side.","exception":{},"CustomMessage":"Expected filesize of 49144555 bytes but read (from Nextcloud client) and wrote (to Nextcloud storage) 19382272 bytes. Could either be a network problem on the sending side or a problem writing to the storage on the server side."}}
{"reqId":"8mZDBN2ArY4Vy2fPAiu7","level":3,"time":"2024-05-30T07:48:54+00:00","remoteAddr":"192.168.8.51","user":"--","app":"no app in context","method":"GET","url":"/index.php/avatar/eduards/384","message":"Could not decrypt or decode encrypted session data","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Exception","Message":"HMAC does not match.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","line":119,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":91,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":68,"function":"initializeSession","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoWrapper.php","line":112,"function":"__construct","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":455,"function":"wrapSession","class":"OC\\Session\\CryptoWrapper","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":711,"function":"initSession","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1181,"function":"init","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/index.php","line":47,"args":["/var/www/cloud.ozotech.cc/lib/base.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","Line":158,"message":"Could not decrypt or decode encrypted session data","exception":{},"CustomMessage":"Could not decrypt or decode encrypted session data"}}
{"reqId":"iabCqHccJ0aUz6YyQQ4G","level":2,"time":"2024-05-30T09:45:48+00:00","remoteAddr":"192.168.8.51","user":"--","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/eduards","message":"Login failed: 'eduards' (Remote IP: '192.168.8.51')","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","data":{"app":"core"}}
{"reqId":"B4z33ctjR3OSr3bVehj5","level":3,"time":"2024-05-30T09:46:04+00:00","remoteAddr":"192.168.8.51","user":"--","app":"no app in context","method":"GET","url":"/index.php/avatar/eduards/384","message":"Could not decrypt or decode encrypted session data","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Exception","Message":"HMAC does not match.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","line":119,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":91,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":68,"function":"initializeSession","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoWrapper.php","line":112,"function":"__construct","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":455,"function":"wrapSession","class":"OC\\Session\\CryptoWrapper","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":711,"function":"initSession","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1181,"function":"init","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/index.php","line":47,"args":["/var/www/cloud.ozotech.cc/lib/base.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","Line":158,"message":"Could not decrypt or decode encrypted session data","exception":{},"CustomMessage":"Could not decrypt or decode encrypted session data"}}
{"reqId":"QHuHcqhyVCUVjAT4Y3Wl","level":3,"time":"2024-05-30T12:09:53+00:00","remoteAddr":"192.168.8.223","user":"--","app":"no app in context","method":"GET","url":"/ocs/v1.php/cloud/capabilities","message":"Could not decrypt or decode encrypted session data","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/5.3.0","version":"29.0.1.1","exception":{"Exception":"Exception","Message":"HMAC does not match.","Code":0,"Trace":[{"file":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","line":119,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":91,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoSessionData.php","line":68,"function":"initializeSession","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/private/Session/CryptoWrapper.php","line":112,"function":"__construct","class":"OC\\Session\\CryptoSessionData","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":455,"function":"wrapSession","class":"OC\\Session\\CryptoWrapper","type":"->"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":711,"function":"initSession","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/lib/base.php","line":1181,"function":"init","class":"OC","type":"::"},{"file":"/var/www/cloud.ozotech.cc/ocs/v1.php","line":31,"args":["/var/www/cloud.ozotech.cc/lib/base.php"],"function":"require_once"}],"File":"/var/www/cloud.ozotech.cc/lib/private/Security/Crypto.php","Line":158,"message":"Could not decrypt or decode encrypted session data","exception":{},"CustomMessage":"Could not decrypt or decode encrypted session data"}}

Thanks in advance!
Best Regards,
Eduards

Please fill out the support template or provide more information about your environment. These headers are handled automatically in a properly installed environment.

What install method?
What are you running Nextcloud on?
What web server?
Reverse proxy?
etc.

https://docs.nextcloud.com/server/29/admin_manual/installation/harden_server.html#serve-security-related-headers-by-the-web-server

There is a link to the documentation, did you try this?

And there are a few more messages in the logs…

Yes, I did try this but it didn’t solve the issue… All other 5 errors the documentation helped me fix but it didn’t fix this issue.

I am using Ubuntu as the host system and I have Nextcloud installed with Apache from this blog post: https://www.learnlinux.tv/build-an-awesome-nextcloud-server-updated-for-ubuntu-22-04/
And yes I am using reverse proxy.