Warning after updating nextcloud-aio to latest hub 8 v29 "Your data directory and files are probably accessible from the internet. The .htaccess file is not working...."

ℹ️ Support
, , ,
1

Nextcloud version (eg, 29.0.5): Netxcloud-AIO / Nextcloud Hub 8 (29.0.2)
Operating system and version (eg, Ubuntu 29.04): Nextcloud-AIO
Apache or nginx version (eg, Apache 2.4.25): replace me
PHP version (eg, 8.3): replace me

The issue you are facing:

After updating containers to latest version, when I go to Administration → Overview, I get the following error:

There are some errors regarding your setup.

Your data directory and files are probably accessible from the internet. The .htaccess file is not working. It is strongly recommended that you configure your web server so that the data directory is no longer accessible, or move the data directory outside the web server document root.

Is this the first time you’ve seen this error? (Y/N): Yes

Steps to replicate it:

  1. Update nextcloud-aio master container to latest hub 8

The output of your Nextcloud log in Admin > Logging:

PASTE HERE

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'one-click-instance' => true,
  'one-click-instance.user-limit' => 100,
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'check_data_directory_permissions' => false,
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'nextcloud-aio-redis',
    'password' => '#removed',
    'port' => 6379,
  ),
  'overwritehost' => 'nextcloud.#removed.com',
  'overwriteprotocol' => 'https',
  'passwordsalt' => '#removed',
  'secret' => '#removed',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => 'nextcloud.#removed.com',
  ),
  'datadirectory' => '/mnt/ncdata',
  'dbtype' => 'pgsql',
  'version' => '29.0.2.2',
  'overwrite.cli.url' => 'https://nextcloud.#removed.com/',
  'dbname' => 'nextcloud_database',
  'dbhost' => 'nextcloud-aio-database',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'oc_nextcloud',
  'dbpassword' => '#removed',
  'installed' => true,
  'instanceid' => '#removed',
  'maintenance' => false,
  'loglevel' => '2',
  'log_type' => 'file',
  'logfile' => '/var/www/html/data/nextcloud.log',
  'log_rotate_size' => '10485760',
  'log.condition' => 
  array (
    'apps' => 
    array (
      0 => 'admin_audit',
    ),
  ),
  'preview_max_x' => 2048,
  'preview_max_y' => 2048,
  'jpeg_quality' => 60,
  'enabledPreviewProviders' => 
  array (
    1 => 'OC\\Preview\\Image',
    2 => 'OC\\Preview\\MarkDown',
    3 => 'OC\\Preview\\MP3',
    4 => 'OC\\Preview\\TXT',
    5 => 'OC\\Preview\\OpenDocument',
    6 => 'OC\\Preview\\Movie',
    7 => 'OC\\Preview\\Krita',
    0 => 'OC\\Preview\\Imaginary',
  ),
  'enable_previews' => true,
  'upgrade.disable-web' => true,
  'mail_smtpmode' => 'smtp',
  'trashbin_retention_obligation' => 'auto, 30',
  'versions_retention_obligation' => 'auto, 30',
  'activity_expire_days' => '30',
  'simpleSignUpLink.shown' => false,
  'share_folder' => '/Shared',
  'one-click-instance.link' => 'https://nextcloud.com/all-in-one/',
  'upgrade.cli-upgrade-link' => 'https://github.com/nextcloud/all-in-one/discussions/2726',
  'updatedirectory' => '/nc-updater',
  'davstorage.request_timeout' => 3600,
  'htaccess.RewriteBase' => '/',
  'dbpersistent' => false,
  'files_external_allow_create_new_local' => false,
  'trusted_proxies' => 
  array (
    0 => '127.0.0.1',
    1 => '::1',
    10 => '172.23.0.1/32',
  ),
  'preview_imaginary_url' => 'http://nextcloud-aio-imaginary:9000',
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'mail_from_address' => 'notifications',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => '#removed.com',
  'mail_smtphost' => 'mail.#removed.com',
  'mail_smtpport' => '465',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 'notifications@#removed.com',
  'mail_smtppassword' => '#removed',
  'mail_smtpsecure' => 'ssl',
  'allow_local_remote_servers' => true,
  'default_phone_region' => 'US',
  'appsallowlist' => false,
  'session_lifetime' => '172800',
  'remember_login_cookie_lifetime' => '0',
  'session_keepalive' => 'false',
  'auto_logout' => 'true',
  'maintenance_window_start' => 100,
  'preview_imaginary_key' => '#removed',
  'auth.bruteforce.protection.enabled' => true,
  'ratelimit.protection.enabled' => true,
  'memories.db.triggers.fcu' => true,
  'memories.exiftool' => '/var/www/html/custom_apps/memories/bin-ext/exiftool-amd64-musl',
  'memories.vod.path' => '/var/www/html/custom_apps/memories/bin-ext/go-vod-amd64',
  'memories.vod.ffmpeg' => '/usr/bin/ffmpeg',
  'memories.vod.ffprobe' => '/usr/bin/ffprobe',
);

The output of your Apache/nginx/system log in /var/log/____:

PASTE HERE

Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

PASTE HERE
2

Hi, have you updated to AIO v9.0.1 already?

3

Hello @szaimen
Yes, I updated today, and this warning shows for the 1st time, immediately after updating.