What changed on the login page?

My company is overly cautious when it comes to websites and the proxy will block anything that looks suspicious.

While I can go to the login page, the entire login form is being blocked, possibly as suspect javascript? The link to register is still displayed.

I need to way to login to my cloud environment that’s not likely to get blocked. Does any such mechanism exist? If something was changed in the forms between versions, I only noticed this on the latest, then I’d like to work with someone to see if we can get the functionality back.

I would double check if your login works from “plain” internet - if this is the case and the issue only exists within your corporate network I would recommend you to get in touch with your proxy admin - they can “whitelist” known-good websites. Often the reason is so called SSL inspection which breaks TLS connections sometimes…

Yes, it works fine at home. It also worked fine before I upgraded to the latest version, so I may restore from my backups and see if it still works. Have you ever tried to get any sites white listed in a corporation that wont even let its employees login to youtube so they can bookmark their files. Everything is pretty much locked down. I picked nextcloud because I could login and connect it to my imap server and get some sort of webmail. Yes, any webmail platform is forbidden. If I cannot even get a simple login, then I might as well trash the platform.

Maybe the message there is they don’t want you on YouTube or your personal email while you’re on the clock. It’s also a major security risk because corporate computers are often infected by viruses from employees’ personal email. You’re going to an awful lot of trouble to get around it.

If they are blocking part of Nextcloud’s login page, there probably isn’t much that can be done about it.

1 Like

There is a lot of stuff the company puts on youtube. Training materials, promotional videos. Working in a technical field, I often find videos to assist with issues I have to resolve and it’d be good to keep them for later.

What I do with my time is my business and my manager’s business.

We had a similar problem a few days ago and it was caused by an outdated version of firefox on the client.

I’m pretty sure I’m up to date but I’ll check in the morning and see before rolling back to see if the issue happens with the previous version. Thanks for the suggestion.

So you’re saying they both block YouTube, and put employee training videos on it? Sounds like they’ve got their wires crossed somewhere.

Please use browser dev tools (F12) and there network analysis. Can you find objects they are rejected? If you only use one Nextcloud servername cloud.server.tld and SSL it must be a problem with SSL inspection. You can see it with the wrong SSL certificates in your browser. Compare with the SSL certificate for your Nextcloud at home. If the certificate is correct it is maybe a browser problem (adblocker, javascript restriction, …).

Nice when you solve the symptom and not the cause. Nextcloud is not the cause.

So you picked Nextcloud to bypass your company’s proxy and now we should help you violating company policy.

Also, I hope you’re aware that if the company uses a proxy with SSL inspection, all connections running through this proxy, are no longer end-to-end encrypted. Therefore the company will not only be able to see where you connect to, but depending on the effort they put in, they could also see the type of data you’re transmitting or even passwords and other content. For this reason alone, I would never use my work computer to log into my personal accounts. But even if they don’t log anything and no packet sniffing is going on it would probably still violate company policy.

I know you think you can do whatever you want during your work hours and you only have to answer to your manager. This might be true, but it’s quite unlikely that this also applies to company infrastructure. There are good reasons why companies are blocking access to cloud services, especially to file sharing platforms and web mail services. One of them is to prevent employees from loading malware onto their computers or clicking on phishing links. So in the end they do it also for YOUR own protection. You don’t want to be the one that is responsible for a successful ransomware attack against your company, do you?

Beside of that, it’s very unlikely that someone here will be able to offer real help with this anyways, because the only way you could ever be sure that it will work properly, is when your company would whitelist your site. Everything else will always be a hit and miss.

Or to put it simply: This is not a Nextcloud issue. :wink:

1 Like