Wrong remote IP warning

I just installed NextCloud on a new server.

It runs Ubuntu 22.04.3 LTS and I simply followed the setup manual found in the NextCloud documentation.
If did previously an attempt with the snap package directly provided during Ubuntu installation, but I got the same problem (and much more).

My server IP is and it isn’t directly exposed to the internet.
I have a router ( public ip <=> ) that hosts a small VM with another Ubuntu 22.04.3.
This second VM’s ip is
All the incomming trafic from the router is forwarded to this second VM that acts as a DMZ.
This VM runs apache2 as a reverse proxy.

Here is my ssl configuration of the reverse proxy (all HTTP trafic is redirected to HTTPS so no ssl config is pointless).

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName cloud.*****.com
    ServerAlias cloud.*****.com
    ServerAdmin administrator@*****.com

    ProxyPreserveHost On
    ProxyPass "/"  ""
    ProxyPassReverse "/"  ""

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/cloud.*****.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cloud.*****.com/privkey.pem

    <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteRule ^/\.well-known/carddav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]
        RewriteRule ^/\.well-known/caldav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]

RequestHeader set X-Forwarded-Proto https
RequestHeader set X-Forwarded-SSL on

    <IfModule mod_headers.c>
      Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"


Now at the Nextcloud VM site, here are my config files :

<VirtualHost *:80>
        DocumentRoot /var/www/nextcloud/
        ServerName cloud.*****.com

        <Directory /var/www/nextcloud/>
                Require all granted
                AllowOverride All
                Options FollowSymLinks MultiViews

                <IfModule mod_dav.c>
                        Dav off

And the config.php

$CONFIG = array (
  'instanceid' => '*****',
  'overwrite.cli.url' => 'https://cloud.*****.com/',
  'htaccess.RewriteBase' => '/',
  'passwordsalt' => '*****',
  'secret' => '*****',
  'trusted_domains' =>
  array (
    0 => 'cloud.*****.com',
  'trusted_proxies' =>
  array (
    0 => '', // ip of my reverse proxy
    1 => '',                 // ?? (local ip of my router)
    2 => 'cloud.*****.com',  // ?? (public DNS record that point to my public router's ip)
  'datadirectory' => '/var/www/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '',
  'dbname' => '*****',
  'dbhost' => 'localhost',
  'dbport' => '*****',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => '*****',
  'dbpassword' => '*****',
  'installed' => true,
  'mail_from_address' => '*****',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => '*****',
  'mail_smtpauth' => 1,
  'mail_smtphost' => '*****',
  'mail_smtpport' => '*****',
  'mail_smtpname' => '*****',
  'mail_smtppassword' => '*****',
  'default_phone_region' => 'FR',
  'redis' => [
        'host' => 'localhost',
        'port' => 6379,
        'password' => '*****',
'filelocking.enabled' => true,
'memcache.locking' => '\OC\Memcache\Redis',
'memcache.local' => '\OC\Memcache\APCu',

Now the problem.
When I connect to my public address https://cloud.*****.com from internet, then of to the overview page, I see no warning (fine).
But when I connect to the same address from a computer that is in the local network (let’s say, I see this warning :

  • Votre adresse réseau a été identifiée comme « » et elle est bridée par le mécanisme anti-intrusion ce qui ralentit la performance de certaines requêtes. Si cette adresse réseau n’est pas la vôtre, cela peut signifier qu’il y a une erreur de configuration d’un proxy. Vous trouverez plus d’informations dans la documentation :arrow_upper_right:.
  • La configuration des entêtes du reverse proxy est incorrecte, ou vous accédez à Nextcloud depuis un proxy de confiance. Si ce n’est pas le cas, c’est un problème de sécurité, qui peut permettre à un attaquant d’usurper l’adresse IP affichée à Nextcloud. Plus d’information peuvent être trouvées dans la documentation :arrow_upper_right:.

I already set up the trusted_proxies entry, and I can’t figure what I miss.

Any suggestion?

At last! Found it!

I added two things:

  • my reverse proxy’s IPv6 address to the trusted_proxied (and removed the router public and local addresses)
  • ‘overwritecondaddr’ => ‘^192\.168\.0\.5$’ (my reverse proxy address)

Dunno which one fixed the problem, but now everything is ok.

1 Like