Nextcloud version (eg, 20.0.5): 27.0.0
Operating system and version (eg, Ubuntu 20.04): 13.2-RELEASE-p3
Apache or nginx version (eg, Apache 2.4.25): 2.4.57
PHP version (eg, 7.4): 8.1.20
The issue you are facing:
I am being signed out of Nextcloud automatically approximately every 12 - 48 hours. I have been unable to determine what is causing that.
On my Windows desktop, I noticed the icon change, then I have to manually log in again. The session appears to be cached since I am not prompted for a password.
On my Android device, I need to re-enter the URL, and re-enter my username and password.
The only recent change was upgrading to version 27.0.0
Is this the first time you’ve seen this error? (Y/N): Y
Steps to replicate it:
- Update to 27.0.0
- Log into devices
- Wait a day or two, notice you have been logged out
Logs shows a lot of failed logins coming from my devices. It’s almost as if the clients themselves are “forgetting” the credentials.
The output of your Nextcloud log in Admin > Logging:
Info no app in context IP address throttled because it reached the attempts limit in the last 30 minutes [action: login, delay: 200, ip: 192.168.0.85]
2023-10-01T13:19:44-0400
Info core Bruteforce attempt from "192.168.0.85" detected for action "login".
2023-10-01T13:19:43-0400
Warning core Login failed: 'daniel' (Remote IP: '192.168.0.85')
2023-10-01T13:19:43-0400
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'instanceid' => 'xxxxxxxxxxxxxxxxxxxx',
'passwordsalt' => 'xxxxxxxxxxxxxxxxxx',
'datadirectory' => '/media/cloud/data',
'dbtype' => 'mysql',
'version' => '27.0.0.8',
'dbname' => 'nextcloud',
'dbhost' => 'mysql.xxxxxxxxxxxxx.tld',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud',
'dbpassword' => 'xxxxxxxxxxxxxxxxxxxxx',
'installed' => true,
'forcessl' => true,
'theme' => '',
'maintenance' => false,
'trusted_domains' =>
array (
0 => 'cloud.xxxxxxxxxxxxxxx.tld',
),
'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
'forceSSLforSubdomains' => false,
'loglevel' => 0,
'trashbin_retention_obligation' => 'auto',
'overwrite.cli.url' => 'https://cloud.xxxxxxx.tld/',
'htaccess.RewriteBase' => '/',
'apps_paths' =>
array (
0 =>
array (
'path' => '/usr/local/www/nextcloud/apps',
'url' => '/apps',
'writable' => true,
),
1 =>
array (
'path' => '/usr/local/www/nextcloud/apps-pkg',
'url' => '/apps-pkg',
'writable' => false,
),
),
'logfile' => '/media/cloud/data/nextcloud.log',
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.distributed' => '\\OC\\Memcache\\Memcached',
'memcached_servers' =>
array (
0 =>
array (
0 => 'memcache.xxxxxxxxxx.tld',
1 => 11211,
),
),
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => 'redis.xxxxxxxxxxx.tld',
'port' => 6379,
),
'app_install_overwrite' =>
array (
0 => 'user_pwauth',
),
);
The output of your Apache/nginx/system log in /var/log/____
:
192.168.0.85 - daniel [01/Oct/2023:12:17:11 -0400] "HEAD /remote.php/dav/files/daniel/InstantUpload/20230922_152149.jpg HTTP/1.1" 401 -
192.168.0.85 - daniel [01/Oct/2023:12:17:11 -0400] "MKCOL /remote.php/dav/uploads/daniel/bd28e244b453264fdf8f80177c0dd841 HTTP/1.1" 401 415
192.168.0.85 - daniel [01/Oct/2023:12:17:12 -0400] "PROPFIND /remote.php/dav/uploads/daniel/bd28e244b453264fdf8f80177c0dd841 HTTP/1.1" 401 415
192.168.0.85 - daniel [01/Oct/2023:12:17:12 -0400] "HEAD /remote.php/dav/files/daniel/InstantUpload/20230922_152151.jpg HTTP/1.1" 401 -
192.168.0.85 - daniel [01/Oct/2023:12:17:12 -0400] "MKCOL /remote.php/dav/uploads/daniel/b40eba491d7b9e353f3d4cce9c95ba0e HTTP/1.1" 401 415
192.168.0.85 - daniel [01/Oct/2023:12:17:12 -0400] "PROPFIND /remote.php/dav/uploads/daniel/b40eba491d7b9e353f3d4cce9c95ba0e HTTP/1.1" 401 415
192.168.0.85 - daniel [01/Oct/2023:12:17:12 -0400] "HEAD /remote.php/dav/files/daniel/InstantUpload/20230922_152152.jpg HTTP/1.1" 401 -
192.168.0.85 - daniel [01/Oct/2023:12:17:13 -0400] "MKCOL /remote.php/dav/uploads/daniel/dca39db776b3a557314a6e7453b6e120 HTTP/1.1" 401 415
192.168.0.85 - daniel [01/Oct/2023:12:17:13 -0400] "PROPFIND /remote.php/dav/uploads/daniel/dca39db776b3a557314a6e7453b6e120 HTTP/1.1" 401 415
192.168.0.85 - daniel [01/Oct/2023:12:17:13 -0400] "HEAD /remote.php/dav/files/daniel/InstantUpload/20230922_152144.jpg HTTP/1.1" 401 -
The nextcloud.log
{"reqId":"yr7x26pYORud9vUhVpvp","level":0,"time":"2023-10-01T00:45:03+00:00","remoteAddr":"192.168.0.85","user":"--","app":"webdav","method":"MKCOL","url":"/remote.php/dav/uploads/daniel/a146bc92b8bc6173dd6be2a5d0115817","message":"No public access to this resource., Username or password was incorrect, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured, Username or password was incorrect","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.25.0","version":"27.0.0.8","exception":{"Exception":"Sabre\\DAV\\Exception\\NotAuthenticated","Message":"No public access to this resource., Username or password was incorrect, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured, Username or password was incorrect","Code":0,"Trace":[{"file":"/usr/local/www/nextcloud/3rdparty/sabre/event/lib/WildcardEmitterTrait.php","line":89,"function":"beforeMethod","class":"Sabre\\DAV\\Auth\\Plugin","type":"->"},{"file":"/usr/local/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":456,"function":"emit","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/usr/local/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":253,"function":"invokeMethod","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/usr/local/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":321,"function":"start","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/usr/local/www/nextcloud/apps-pkg/dav/lib/Server.php","line":364,"function":"exec","class":"Sabre\\DAV\\Server","type":"->"},{"file":"/usr/local/www/nextcloud/apps-pkg/dav/appinfo/v2/remote.php","line":35,"function":"exec","class":"OCA\\DAV\\Server","type":"->"},{"file":"/usr/local/www/nextcloud/remote.php","line":172,"args":["/usr/local/www/nextcloud/apps-pkg/dav/appinfo/v2/remote.php"],"function":"require_once"}],"File":"/usr/local/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Auth/Plugin.php","Line":152,"message":"No public access to this resource., Username or password was incorrect, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured, Username or password was incorrect","exception":{},"CustomMessage":"No public access to this resource., Username or password was incorrect, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured, Username or password was incorrect"}}