Untrusted domain when accessing from local network

Hello there,

I’m facing problems reaching my nextcloud instance through my local network. The nextcloud folder is located at /var/www/example.com/public/nextcloud and reachable through cloud.example.com.
Now when I’m trying to reach my instance through the local IP I’m getting the “Untrusted Domains” message.

I tried adding the local IP in the config.php, which now looks like this:

$CONFIG = array (
'passwordsalt' => 'XXX',
'secret' => 'XXX',
'trusted_domains' => 
array (
  0 => '',
  1 => 'example.com',
  2 => 'cloud.example.com',
  3 => 'example.info',
  4 => 'localhost'
'datadirectory' => '/mnt/user/nextcloud_data',
'dbtype' => 'mysql',
'version' => '',
'memcache.local' => '\\OC\\Memcache\\APCu',
'filelocking.enabled' => true,
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' => 
array (
  'host' => '/var/run/redis/redis-server.sock',
  'port' => 0,
'overwrite.cli.url' => '',
'htaccess.RewriteBase' => '/',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'oc_admin',
'dbpassword' => 'XXX',
'installed' => true,
'instanceid' => 'ocpofaewdg0n',
'maintenance' => false,
'mail_smtpmode' => 'smtp',
'mail_smtpsecure' => 'ssl',
'mail_sendmailmode' => 'smtp',
'mail_from_address' => 'cloud',
'mail_domain' => 'example.com',
'mail_smtpauthtype' => 'LOGIN',
'mail_smtpauth' => 1,
'mail_smtphost' => 'mail.example.com',
'mail_smtpport' => '465',
'mail_smtpname' => 'cloud@example.com',
'mail_smtppassword' => 'XXX',
'theme' => '',
'loglevel' => 2,
'logfile' => '/var/log/nextcloud.log',


So as you can see the local IP is added in the trusted domains array but still I’m getting the Untrusted Domains message.

The VirtualHost file for cloud.example.com looks like this, if this is any help:

<VirtualHost *:80>
DocumentRoot "/var/www/example.com/public/nextcloud/"
ServerName cloud.example.com

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]

Can you test or have you tested:

0 => '',

Yes, tested that. But just gives me my regular webpage not the nextcloud.

What is interesting is, when I set 0 => '', and then navigate to in my browser I don’t get the untrusted domains message but instead a “Not Found” message:

Not Found
The requested URL was not found on this server.

Apache/2.4.25 (Debian) Server at Port 443

Do you need (not for other services?
Do you use with accessing from the internet /nextcloud or not?

at a static site is hosted so in var/www/example.com/public/ there is a index.html which is served when visiting and then in the same directory there is my nextcloud folder at /var/www/example.com/public/nextcloud/.

I guess it has something to do with port 443

have you enabled the ssl site?

In the config.php you must not include https or Port 443.

Please post your “Untrusted Domains” message (screenshot).
Is it a Nextcloud message or a browser message?
Also posts logs from webserver and nextcloud.

Thats a good suggestion @moboter although I don’t think it has anything to do with the solution. The Apache “Not Found” message changes to port 80 if I type http:// instead of https://.

@devnull I’ve tried adding and/or to the trusted domain array, without success.

This is the page I get when I visit in my browser:

22 or 42 ???
Also i think /nextcloud is not needed. Test both.

I agree just tested it and you dont need it
as your vhost is pointing to the root

I found no hint in the documentation that there is a need for configure subdir. It is a “trusted domain” and not a “trusted folder”. @eikes delete /nextcloud .

The trusted_domains array is to contain a list of trusted domains. Not URLs or ports. Just the domain portion of what you may put in the address bar when accessing the site.

You should remove the junk entries also.

22 or 42 ???

22, I’m sorry I mistyped. Its 22. :smiley:

It is a “trusted domain” and not a “trusted folder”

That actually makes sense, yeah.
So I deleted /nextcloud, then the trusted domains array looks like this:

$CONFIG = array (
'passwordsalt' => 'XXX',
'secret' => 'XXX',
'trusted_domains' => 
array (
  0 => '',
  1 => 'example.com',
  2 => 'cloud.example.com',
  3 => 'example.info',
  4 => 'localhost',

Now it issue is that when I type into my browser I get redirected to and this error/message comes up.

If I manually change https to http the same message comes up except its port 80 instead of 443 in at the bottom.

When trying from my phone at I dont get redirected to https:// but still get the same “Not Found” message

In your first post you write about a virtual host.
Please post all virtual hosts and the configuration. E.g. DocumentRoot

For your ip it must maped to

and the configuration. E.g. DocumentRoot

Not really sure what you mean by this.

I looked into /etc/apache2/sites-enabled and realized that that the issue might be there.

I found a 000-default.conf file enabled which points to the web root at /var/www/example.info/public_html/ (nextcloud is in /var/www/example.info/public_html/nextcloud/) :

<VirtualHost *:80>
ServerName www.example.info
ServerAdmin webmaster@localhost
ServerAlias example.info
DocumentRoot /var/www/example.info/public_html

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.info [OR]
RewriteCond %{SERVER_NAME} =www.example.info
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Also there is another Virtual Host I set up for application stuff :smiley: at /etc/apache2/sites-enabled/application.example.com.conf:

<VirtualHost *:80>
    ServerName application.example.com
    RedirectPermanent / https://example.com/nextcloud/index.php/s/WXcW3wKpKMsKxXQ

and my main site at /etc/apache2/sites-enabled/example.com.conf:

<VirtualHost *:80>
    ServerName www.example.com
    ServerAdmin webmaster@localhost
    ServerAlias example.info
    DocumentRoot /var/www/example.info/public_html

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/example.info/public_html>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted

I did an a2dissite for the 000-default.conf and the application.example.com.conf so they don’t stand get served first when accessing the local IP (because they are starting with a 000 and an A) and now I’m able to see my nextcloud and login.

So to be clear: When typing the IP I get redirected to and the login window appears :+1:

This is good but not quite perfect, as I’m not not able to access the static page (/var/www/example.com/public_html/index.html) anymore when typing the local IP.

Why have you set this?

It’s a share I’ve set up to provide potential employers with easy access to some work samples of mine.
So instead of providing the entire link I could tell them to visit application.example.com

Perhaps you create all configs new from a tutorial. First internal and then external and then other. Use for each virtual host two configs (http and https).