Problems with the .htaccess file after updating to 29.0.0

Nextcloud version _29.0.0
Operating system and version _DietPi v9.3.0
Apache or nginx version _ Apache/2.4.59 (Debian)

PHP version _PHP 8.2.18

The issue you are facing:
After updating nextcloud to 29.0.0 i see this error message

Your web server is not properly set up to resolve `.well-known` URLs, failed on: `/.well-known/webfinger`

Is this the first time you’ve seen this error? (Y/N): Yes

After following the documentation and paste these lines to my .htaccess file

If your Nextcloud instance is installed in a subfolder called nextcloud and you’re running Apache, create or edit the .htaccess file within the document root of your Web server and add the following lines:

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav [R=301,L]
  RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav [R=301,L]
  RewriteRule ^\.well-known/webfinger /nextcloud/index.php/.well-known/webfinger [R=301,L]
  RewriteRule ^\.well-known/nodeinfo /nextcloud/index.php/.well-known/nodeinfo [R=301,L]
</IfModule>

there still is the error message

thank you in advance

i have the same error too

I am running Nextcloud App in Truenas Scale, and I am seeing a similary .htaccess error in the Overview tab when I login into Nextcloud.

" * Your data directory and files are probably accessible from the internet. The .htaccess file is not working. It is strongly recommended that you configure your web server so that the data directory is no longer accessible, or move the data directory outside the web server document root."

This has only occurred since updating to Nextcloud 29.0.0.
I looked at some forums about having to edit the apache2.conf to resolve the issue, but since Nextcloud in running in Kubernates Docker container so that any changes I make would be lost when the service is restarted.

For reference the solution appears to be to edit /etc/apache2/apache2.conf and ensure the following lines:

I am running Nextcloud App in Truenas Scale, and I am seeing a similary .htaccess error in the Overview tab when I login into Nextcloud.

" * Your data directory and files are probably accessible from the internet. The .htaccess file is not working. It is strongly recommended that you configure your web server so that the data directory is no longer accessible, or move the data directory outside the web server document root."

This has only occurred since updating to Nextcloud 29.0.0.
I looked at some forums about having to edit the apache2.conf to resolve the issue, but since Nextcloud in running in Kubernates Docker container so that any changes I make would be lost when the service is restarted.

For reference the solution appears to be to edit /etc/apache2/apache2.conf and ensure the following lines:

<Directory /var/www/nextcloud>
      AllowOverride All
</Directory>

I have the same error and my data directory is not within the web server document root.
Edit: My problem seems to be related to #45087.

Archlinux just update Nextcloud to 29. I too am hit by this issue. I’ve tried configuring httpd.conf and the .htaccess file per the documentation link and the error persists.

note: caldav and carddav with similar rewrites are fine, it’s just webfinger.

The additions include the override all, e.g.

<Directory "/srv/http/htdocs/nextcloud">
  AllowOverride All
  <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav [R=301,L]
    RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav [R=301,L]
    RewriteRule ^\.well-known/webfinger /nextcloud/index.php/.well-known/webfinger [R=301,L]
    RewriteRule ^\.well-known/nodeinfo /nextcloud/index.php/.well-known/nodeinfo [R=301,L]
  </IfModule>
  Require all granted
</Directory>

In fact, caldav and carddav are handled fine in the default .htaccess, so adding or removing the directory config for nextcloud in httpd.conf makes no difference.

App versions:

  Nextcloud : Hub 8 (29.0.0)
  Archlinux : 6.9.1-arch1-1
  Apache    : 2.4.59 (Unix)
  OpenSSL   : 3.3.0
  PHP       : 8.2.19

How do we fix this?

Same problem here after update to 29.0.1
:face_with_diagonal_mouth:

1 Like

I have this in my apache conf and it is no longer working:

Redirect 301 /.well-known/carddav /cloud/remote.php/dav
Redirect 301 /.well-known/caldav /cloud/remote.php/dav
Redirect 301 /.well-known/webfinger /cloud/index.php/.well-known/webfinger
Redirect 301 /.well-known/nodeinfo /cloud/index.php/.well-known/nodeinfo

how to fix? I tried according to documentation in .htaccess and in conf but no change.

always: Your web server is not properly set up to resolve .well-known URLs, failed on: /.well-known/webfinger

Just updated to Nextcloud 29.0.2 and this problem remains. Adding or removing the setting per the post 2 above makes no difference. Following the troubleshooting documentation to the letter makes no difference.

Same here, just updated to 29.0.2

What is your htaccess.rewritebase in your config.php? (see Configuration Parameters — Nextcloud latest Administration Manual latest documentation)

There is no rewritebase in config.php. Was that supposed to be added by the update??

I’ve frankly just gotten used to the Nextcloud dev team messing up these settings every few updates. It’s pretty obvious they don’t test this stuff at all, so I just ignore it as I have no real use for webfinger at all. I frankly wish they had a setting to ignore settings, especially ones like this that the Nextcloud dev team clearly don’t give a shit about.

kesselb
Please double-check your configuration if the redirects are configured with a trailing slash

ref link

1 Like

And if they do end with trailing slash? Or if they don’t? Not much to go from by that statement. Just check them and get back to you? Will you be waiting here for us?

If you have something to add, go ahead and say it.

As kesselb wrote in his reply

Your redirect goes to /remote.php/dav without a trailing slash.

All of the above code snippets in this thread do not have trailing slashes, which I believe results in the corresponding Nextcloud warning.

1 Like

I have the same problem with Nextcloud 29 on Ubuntu 22 and Apache. Anyone manage to get rid of the warning?

Updated to 29.0.3 and the same error remains:

Administration Settings - reports:

Your web server is not properly set up to resolve `.well-known` URLs, failed 
on: `/.well-known/webfinger` For more details see the documentation ↗

Following the link to the documentation and applying the updated verbatim for the install under /nextcloud, I have added the following to .htaccess:

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteRule ^\.well-known/webfinger /nextcloud/index.php/.well-known/webfinger [R=301,L]
</IfModule>

Same error. Guessing that the config.php setting of 'htaccess.RewriteBase' => '/nextcloud', may be causing problems, I have also tried:

  RewriteRule ^\.well-known/webfinger /index.php/.well-known/webfinger [R=301,L]

Same problem.

How do we make this error go away in nextcloud 29.0.x?

1 Like

I have the exact same issue, except that it mentions caldav instead of webfinger:

Your web server is not properly set up to resolve `.well-known` URLs, failed on: `/.well-known/caldav` 

I am running nextcloud(29.0.3) in a TrueNAS Core iocage jail, with Apache 2.4.

In config.php on my nextcloud server, I have this:

'htaccess.RewriteBase' => '/',

And in my .htaccess I find this:

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{HTTP_USER_AGENT} DavClnt
  RewriteRule ^$ /remote.php/webdav/ [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/carddav /remote.php/dav [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
  RewriteRule ^ocm-provider/?$ index.php [QSA,L]
  RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>

Originally there was a traling slash at the end of the caldav and carddav redirects, removing them made no difference.

In front of my Nextcloud server, I also have an nginx reverse proxy. The conf file for the vdomain looks like this:

server {
        listen 443 ssl http2;

        server_name cloud.example.com;
        access_log /var/log/nginx/cloud.access.log;
        error_log /var/log/nginx/cloud.error.log;

        include snippets/cloud.example.com.cert.conf;
        include snippets/ssl-params.conf;

        location / {
                include snippets/proxy-params.conf;
                client_max_body_size 0;
                proxy_pass http://192.168.1.10;
        }

        location = /.well-known/carddav {
                return 301 https://cloud.example.com/remote.php/dav;
        }
        location = /.well-known/caldav {
                return 301 https://cloud.example.com/remote.php/dav;
        }
}

Also, browsing to https://cloud.example.com/.well-known/caldav I get this in the browser:

This is the WebDAV interface. It can only be accessed by WebDAV clients such as the Nextcloud desktop sync client.

Isn´t that a sign that the redirects work? Does anyone know what is wrong here and / or how to correct it?

I found a solution over here: https://github.com/nextcloud/server/issues/45033

After editing my vdomain conf file on my reverse proxy, adding the trailing slash to the redirects, the error disappeared.

Like so:

location = /.well-known/carddav {
                return 301 https://cloud.example.com/remote.php/dav/;
        }
        location = /.well-known/caldav {
                return 301 https://cloud.example.com/remote.php/dav/;
        }

1 Like

Thanks you ! It work !