Nextcloud w/ISPC3

Discussion in 'General' started by Turbanator, Jan 2, 2017.

  1. Turbanator

    Turbanator Member HowtoForge Supporter

    Has anyone installed Nextcloud on an ISPC3 domain and would like to share experiences/tips?
     
  2. parkerj

    parkerj Member HowtoForge Supporter

    Yes, but I installed it on a server with Nginx. If that is what you need, let me know, and I will share my Nginx Directive.
     
  3. Turbanator

    Turbanator Member HowtoForge Supporter

    I was going to use my existing Apache2 server. Is the directive the only "issue" that you can think of?
    Also, are you able to integrate with ISPC3 users, or is it a separate userbase within Nextcloud?
     
  4. parkerj

    parkerj Member HowtoForge Supporter

    It is a separate installation and userbase with it's own vhost. I haven't tried integrating it with ISPConfig3.
     
  5. Turbanator

    Turbanator Member HowtoForge Supporter

    ok thank you. So I should have no problem at least installing it, I just need to watch the vhost and see if I can integrate with ISPC3 users.
     
  6. onastvar

    onastvar Member

    I installed nextcloud under subfolder of a website. I am getting following errors. Is there a setting in php.ini or apache directive that you guys used to get rid of these errors/warning?

    Security & setup warnings
    • The "Strict-Transport-Security" HTTP header is not configured to at least "15552000" seconds. For enhanced security we recommend enabling HSTS as described in our security tips.
    • No memory cache has been configured. To enhance your performance please configure a memcache if available.
     
    Last edited: Jan 14, 2017
  7. pheron

    pheron New Member

    Click the "security tips" link and you should find instructions for where to set the HSTS HTTP header value.
     
  8. onastvar

    onastvar Member

    Can this code be added directly within ISPConfig Apache Directive for a website where nextcloud is installed to enable HSTS?

    <VirtualHost *:443>
    ServerName cloud.nextcloud.com
    <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
    </IfModule>
    </VirtualHost>
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    The code from apache directives field gets inserted into the vhost f a website, what you posted above us a complete vhost, apache does not support nesting of vhost entres, so you can not use the above snippet in the ispconfig apache directives field.
     
  10. Jesse Norell

    Jesse Norell Well-Known Member

    This is a tested/working snippet I've used:
    Code:
    <If "%{HTTPS} == 'on'">
        <IfModule mod_headers.c>
            Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
            Header always set Content-Security-Policy: upgrade-insecure-requests
        </IfModule>
    </If>
    
     
    onastvar and till like this.
  11. Nemis

    Nemis Member

  12. planet_fox

    planet_fox Member

  13. onastvar

    onastvar Member

  14. mmdollar

    mmdollar Member

    I am on the same boat, I have nginx/ISPConfig installed php7.1 on Debian Jessie from the same guide with memcache but sadly cannot remove this warning from nextcloud. If someone has ideas please share. :)
     

Share This Page