Hello all,
Im running into the Issue of “Unauthorized WOPI host” When opening a document.
I searched the Forums, all solutions didnt apply to my Config.
Im running NGINXProxyManager, Cloudflare DDNS, Nextcloud Container and a Collabra Container.
Nextcloud Config looks like this:
Log:
This seems to be my Public IP? Though im Running the Cloudflare Proxy.
I would just add the IP, but its different every time.
Allowlist: 192.168.178.10(Server),192.168.178.1(Router),172.18.0.8(Collabra Docker),172.18.0.4(NPM),172.18.0.5(NC),docsrv.domain.com(collabra),nextcloud.domain.com.
Im running this on Unraid.
What am i missing, what needs to be changed?
Cloudflare uses the ASN AS13335 with 1,715,200 IPv4 and 8.11 Ă— 10^29 IPv6. The problem is that Cloudflare uses different ranges see here.
I found the list of the ips:
start page: Cloudflare IPs | Cloudflare Learning Paths
details: IP Ranges
173.245.48.0/20
103.21.244.0/22
103.22.200.0/22
103.31.4.0/22
141.101.64.0/18
108.162.192.0/18
190.93.240.0/20
188.114.96.0/20
197.234.240.0/22
198.41.128.0/17
162.158.0.0/15
104.16.0.0/13
104.24.0.0/14
172.64.0.0/13
131.0.72.0/22
Unfortunately, I don’t know whether you can enter this in Nextcloud “Allow List for WOPI Requests”.
173.245.48.0/20, 103.21.244.0/22, 103.22.200.0/22, 103.31.4.0/22, 141.101.64.0/18, 108.162.192.0/18, 190.93.240.0/20, 188.114.96.0/20, 197.234.240.0/22, 198.41.128.0/17, 162.158.0.0/15, 104.16.0.0/13, 104.24.0.0/14, 172.64.0.0/13, 131.0.72.0/22
Perhaps 172.64.0.0/13
solves your problem for a while.
2 Likes
Thanks for your help.
Question, would 0.0.0.0/0 be a good Idea since ive got my Proxies?
Actually, i added the IPS your provided from Cloudflare. It seems to be working now!
173.245.48.0/20
103.21.244.0/22
103.22.200.0/22
103.31.4.0/22
141.101.64.0/18
108.162.192.0/18
190.93.240.0/20
188.114.96.0/20
197.234.240.0/22
198.41.128.0/17
162.158.0.0/15
104.16.0.0/13
104.24.0.0/14
172.64.0.0/13
131.0.72.0/22
1 Like
That would probably have worked. But at the end of the day, it’s a safety function. So it’s probably better to use a fairly long whitelist than to allow it in principle.
1 Like