I’ve set up the protection as described in the tutorials. “Additional extension patterns” first line contains “.enc”. So I uploaded a file called “test.enc” using the owncloud client on OSX and the file wasn’t rejected. Does this work if only non-admins upload stuff?
BTW I’ve recently switched to the nextcloud client on OSX since the weak cipher issue was gladly fixed. So it’s not a client problem either I guess and narrows down to the protection algorithm itself.
I just tested that on my server (NC 12.0.4 and Ransomware Protection v1.0.5) and can confirm this issue. I uploaded files with file extension .enc and .ykcol (added as blocked extension since version 1.0.4) as a non-admin user via WebDav client, which I use for file synchronization. The files were successfully uploaded.
I even uploaded six files of type .ykcol at once, to see if the protection is triggered by a higher file number first, but still the upload is successful.
I see no entries in the logs.
Actually you don’t need to copy anything from anywhere.
The include/exclude are only for exceptions and additional entries.
The only important thing to note is, that it only blocks the clients (mobile and desktop). You can still upload problematic files manually via the web UI. I just tested this and it still works here:
Well I know about the difference between browser uploading but like I stated I’ve tried the desktop clients using local file copy actions, not the browser in an way. BTW: You’re using nextcloud 13, I’m using version 12. Maybe it’s just a bug in the current stable version. Since another user here reported the same issues I think it’s not an issues just with my configuration.