[solved] .well-known/caldav check in 13.0.7 explained

What do we do for a nginx server?
Do I modify my /etc/nginx/sites-available/nextcloud file?

Solution for Plesk /Apache Nginx.
add in the plesks apache $ nginx settings of your domain under
Additional nginx directives

rewrite ^/.well-known/carddav$ https://yourdomain.tld/remote.php/dav redirect;

rewrite ^/.well-known/caldav$ https://yourdomain.tld/remote.php/dav redirect;
1 Like

I’m a bit confused by that warning, as everything seems to work, but I have to admit, that I’m not using carddav or caldav anyway. This is my setup:

I’m running nextcloud 14.0.3 in a subfolder behind an apache reverse-proxy, thus, on proxy side:
https://cloud.xxxxx.xx ----> 192.168.x.x/nextcloud (no https on the internal host).
This works fine, I get an A+ rating on the security scanner and everything is working.
When I try https://cloud.xxxxx.xx/.well-known/carddav I get redirected to https://cloud.xxxxx.xx/remote.php/dav/ and can see the “Nodes” page from sabre/dav in my browser, so this works too.

I tried:

Redirect 301 /.well-known/carddav https://cloud.xxxxx.xx/remote.php/dav
Redirect 301 /.well-known/caldav https://cloud.xxxxx.xx/remote.php/dav

on both, the proxy and the internal nextcloud server, as well as:

Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav
Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav

on the internal nextcloud server.
In every combination I get redirected correctly, but I still get the warning in my settings.

Any idea?

Hi,
Hoping this helps someone out. After researching and looking for answers. Finally found what I needed to fix and where. After upgrading to 13.0.7 received the same error as several others.

Your web server is not properly set up to resolve “/.well-known/caldav”.
Your web server is not properly set up to resolve “/.well-known/carddav”

Trying to find where to place the redirect was an interesting challenge. I am just learning so it took me awhile. Every install is different. I have a Manual install with Ubuntu 16.04 with LAMP. NextCould is in root and Let’s Encrypt is installed. So figuring out where to put the exception took me awhile. Thanks to this post I finally tried and found the solution that worked for me.
Here it goes.

The redirect had to be placed under sites-available in the 000-default-le-ssl.conf file. Thanks to blackcrack and all the other posts. It has cleared the error, though I think it needs to be a fix.

    <IfModule mod_dav.c>
    Dav off
  </IfModule>
</Directory>
    Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav
    Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav

Cheers.

2 Likes

Hello,

thank you for you Post. I soved it with you Post.

Many thanks

It seems we have a similar setup, as only your solution worked for me. Thanks!

It took me ages to crack the obvious code. Galder56 has the right answer, and the reason is that the instance of Nextcloud running at Galder56 has a ROOT password of something like /var/www/html and has a folder called nextcloud under the root. And so the caldav path that must be used is:

root/nextcloud

DO NOT SPELL OUT THE ENTIRE ROOT in your configuration. You must just use a path relative to the root shown in your apache or nginx configuration.

I spent ages trying to figure out why me entry:

Redirect 301 /.well-known/carddav /var/www/html/nextcloud/remote.php/dav

…just didn’t work. Well I finally got the penny to drop, and THIS worked for me:

Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav

Happy Nextcloud’ing y’all.

1 Like

This guide is not very detailed. And your comment is not understandable for the beginners.
Could you, please, explain:
what directory part you are talking about?
where it is specified, which path/file?
where is this .htaccess file located?
how you made apache use this .htaccess file?

Hi,

I installed v15 of nextcloud and had the same issue. I constantly got this “your webserver is not configured properly to resolve…” thing. Actually galder56’s explanation brought me to the right conclusion to solve it for my system. Before I describe it: I use Debian 9, Apache, MariaDB SQL and PHP7.2. The description will probably only work for non ssl connections. I am still working on the SSL part of my server.

  1. go to the folder /etc/apache/sites-availalbe
  2. edit the file 000-default.conf
  3. Underneath “/</VirtualHost/>” enter the lines
    Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav
    Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav
  4. save and restart apache.
  5. go back into nextclouds admin section and check out your Overview. the lines above in galder56’s post should have disappeared.

That is how it worked for me.
Good luck.

4 Likes

Your solution worked for me, thanks man!

I am glad I could help. :slight_smile:

Hello, i have also the Same issue with this…can someone help…

here is my nextcloud.con from apache 2

    Alias /nextcloud "/var/www/html/nextcloud/"
<Directory /var/www/html/nextcloud/>
  Options +FollowSymlinks
  AllowOverride All
 <IfModule mod_dav.c>
  Dav off
 </IfModule>
 SetEnv HOME /var/www/html/nextcloud
 SetEnv HTTP_HOME /var/www/html/nextcloud
</Directory>

and my .htaccess file

<IfModule mod_headers.c>
  <IfModule mod_setenvif.c>
    <IfModule mod_fcgid.c>
       SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
       RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
    </IfModule>
    <IfModule mod_proxy_fcgi.c>
       SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
    </IfModule>
  </IfModule>

  <IfModule mod_env.c>
    # Add security and privacy related headers
    Header set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Robots-Tag "none"
    Header set X-Download-Options "noopen"
    Header set X-Permitted-Cross-Domain-Policies "none"
    Header set Referrer-Policy "no-referrer"
    SetEnv modHeadersAvailable true
  </IfModule>

  # Add cache control for static resources
  <FilesMatch "\.(css|js|svg|gif)$">
    Header set Cache-Control "max-age=15778463"
  </FilesMatch>

  # Let browsers cache WOFF files for a week
  <FilesMatch "\.woff2?$">
    Header set Cache-Control "max-age=604800"
  </FilesMatch>
</IfModule>
<IfModule mod_php5.c>
  php_value upload_max_filesize 511M
  php_value post_max_size 511M
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value always_populate_raw_post_data -1
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_php7.c>
  php_value upload_max_filesize 511M
  php_value post_max_size 511M
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{HTTP_USER_AGENT}  DavClnt
  RewriteRule ^$         /remote.php/webdav/          [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
  RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
  RewriteRule ^\.well-known/webfinger /public.php?service=webfinger [QSA,L]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.*
  RewriteRule ^(?:\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
<IfModule mod_mime.c>
  AddType image/svg+xml svg svgz
  AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
  DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
  ModPagespeed Off
</IfModule>
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####

ErrorDocument 403 /nextcloud/
ErrorDocument 404 /nextcloud/

Yup! I confirm! I also have the 15.0.2 and with the suggestion of realshadow it works! :slight_smile:

Many thanks galder56,

I,ve got Nextcloud 15.02 with following nextcloud.conf

Alias /nextcloud “/var/www/html/nextcloud”

<Directory /var/www/html/nextcloud/>
Options +FollowSymlinks
AllowOverride All

Dav off

SetEnv HOME /var/www/html/nextcloud
SetEnv HTTP_HOME /var/www/html/nextcloud

Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav
Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav

And the the error message vanished

Hello
Its not a good idea to have nextcloud inside the html folder, and its highly recommended to install it outside the apache folders.
You must install it in a different path, like /var/www/nextcloud or /opt/nextcloud.
BR

Ver 15.0.11 Debian 10, Apache2 in php-fpm way.
It was OK for a couple of days, but don’t know what happened. I checked the .htaccess file, which includes the two important lines of redirect, and it still shows msg Your web server is not yet properly set up to allow file synchronization, because the WebDAV interface seems to be broken.

Also tried solutions mentioned by people here, but without any improvement. Normally, the shipped .htaccess will do the job for Apache2, which has been indicated by the official instruction.


OK, guys, now the real menu for the dinner.

I finally addressed the issue accidentally.

I tried all the solutions provided by prev posts and replies, but all in vain, so my last resort was to dig the log file, which is at Debian’s /var/log/apache2 dir.

[Thu Sep 19 11:48:24.226295 2019] [proxy_fcgi:error] [pid redacted] [client redacted] AH01071: Got error 'Access to the script 'redirect:/index.php/files/redacted/' has been denied (see security.limit_extensions)'

I’ve never seen such error info (proxy_fcgi & security.limit_ext), and I’ve tried severy times in the earlier time modifying PHP-FPM, from socks to localhost/:9000 way. Now it seems that the fcgi is the key point. I googled and found this URL, in which someone mentioned cgi.fix_pathinfo=0 as this is related to that var security.limit_ext. I tried to restore pathinfo=1 which has been discouraged by many online instructions.

Restart PHP-FPM, say systemctl restart php7.3-fpm, and revisit the Nextcloud Overview page, the Security & setup warnings now says (with a green check)

All checks passed

instead of

Your web server is not yet properly set up to allow file synchronization, because the WebDAV interface seems to be broken.
Your web server is not properly set up to resolve "/.well-known/caldav". Further information can be found in the documentation.
Your web server is not properly set up to resolve "/.well-known/carddav". Further information can be found in the documentation.

Maybe, cgi.fix_pathinfo is to Setting this to 1 will cause PHP CGI to fix its paths to conform to the spec?

Hi Guys we are running on shared on hostinger, couldnt fine .conf file.

And .htacess file we edit all possible way that posted here, but neither of them work

Any suggestion for shared hosting ?

Appreciate your reply

Yes this worked. Replace nextcloud with the name of the folder that your nc installation lives in.
(the folder that contains the index.php and the occ file, among many others.)
Thank you. This should be explained or linked to together with the error message on the nextcloud “config-test”

This did it for me too!