Unable to sync .htaccess and web.config files (tried several fixes already)

Hey guys! I have a bunch of web projects that I’d like to sync between my two computers, which is why I set up a Nextcloud on shared hosting.

It refuses to sync .htaccess and web.config files. Also, a random smattering (but not all) of my .sql files, but I asked my web host to turn off the WAF and the server says it’ll try again in 16 (!) hours, so fingers crossed for those.

So, things I tried:

  • Adding ‘blacklisted_files’ => array(), to config.php on the server (in /config)
  • Removing blacklisting rules from \apps\files\lib\Capabilities.php, \config\config.sample.php, \lib\private\Files\Filesystem.php

Is there anything else I could try? My web hosting company’s tech support is out of ideas, and so am I. I just know I need those files synced, because they are part of my web projects :-/

What am I missing?

Any help would be greatly appreciated!

Maybe it is more a webserver configuartion thing? Or have the www-data no access?

The creation of a .htaccess file is server side forbidden. Just try to create or upload in the webfrontend … not possible. A PHP and web application like Nextcloud can’t allow a .htaccess file to exist.

You should not allow or upload .htaccess throught nextcloud because it is used e.g. for authentication and rewrite. Why do you want to upload them in in which folder?

Thanks for your replies, guys! In fact, after waiting for one night, now the .htaccess files do get synced. I presume it’s because of the blacklisting rules I removed from the files I listed in my initial post.

Why do I want to sync them?

They are part of a number of WordPress installations I have on my PC. I am running XAMPP on Linux Mint and I use that to develop a few WordPress projects locally. The .htaccess files are in the subdirectories of several projects. This is where they are on my PC:

Where do they go on the server?

I have set up my Nextcloud to keep the user data outside of the Nextcloud folder. So, on my webspace (which is on a shared hosting plan), the Nextcloud itself is in /nextcloud according to FileZilla, while my user data is in /nextcloud-data. Example:


Ths full server paths to both my nextcloud directories are:

Security concerns

I’ve done some more reading and I understand that putting extra .htaccess files on an Apache server creates security holes that might be exploited for attacks. Is that right? If so, I think I might put back the blacklisting and come up with bash scripts on my PCs that make renamed copies of those .htaccess so that only those get synced.

Thanks for your input! 2 more hours until the client tries again to sync those .sql and web.config files (“skipped to to earlier error”). Fingers crossed!