If you use Nextcloud (Owncloud) and you login into the Admin Panel the Updater display you that your Setup is outdated, you MUST handle as follows to PREVENT System Problems: Do FULL-BACKUP the Server Setup before you CHANGE something! Pre-Check Nextcloud Version dependency‘s of PHP-Version and MYSQL Version! Cause Nextcloud offers NO System PRECHECK or Auto-Stop! Login into the Server via SSH Console and go to the /var/www/nextcloud folder. Run: sudo -u www-data php /var/www/nextcloud/updater/updater.phar Read Upgrade Echos on Console Advantage the Console-Version is mostly faster and more stable than the browser! Relogin as Admin to the Nextcloud Panel! In 99% of Problems the […]
Category: Cloud Office
Amazon AWS Howtos
Here some Bookmarks if you want to try Amazon AWS Cloud Services like S3 (Cloud File Storage), EC2 (VM Instances..) Howtos / Basics : https://github.com/open-guides/og-aws#aws-data-transfer-costs Remark: AWS Services mostly priced by data transfers and online time! Checkout daily “Billing Monitor” ! Amazon AWS: https://aws.amazon.com/ Remark: S3 is the Standard Cloud Storage, cheaper is S3-IA or long term Backups use “Glacier” where you first upload files to S3 and set a “Rule” on a “Bucket” move files to Glacier Long Term Backup! Amazon Admin Console: https://aws.amazon.com/de/console/ Security: Howto Create ENCRYPTED Containers for AWS on Linux? Klick At the End.. don’t forget […]
NEXTCLOUD OWNCLOUD BUG FAIL2BAN
FAIL2BAN blocks access to “.ocdata” file! Apache Error Log: ..AH01630: client denied by server configuration: … cloud/data/.ocdata create with a Custom Rule for FAIL2BAN do: $sudo nano /etc/fail2ban/filter.d/apache-auth.local insert: [apache-auth] ignoreregex = nextcloud/data/.ocdata do: $sudo service fail2ban restart Check Log: tail -f n50 /var/log/apache2/error.log Remark: Sometimes the Login take long time after Enter the Password this indicates a filled up “oc_bruteforce_attempts” Table!! login into mysql: $mysql -u user -p select database: USE Nextcloud; show all values from the oc_bruteforce_attempts table, use: SELECT * FROM oc_bruteforce_attempts; remove “ALL” IP’s from the table, do step by step: DELETE FROM oc_bruteforce_attempts WHERE IP="xxx.xxx.xxx.xxx"; […]
Nextcloud Owncloud Calling Home
I did a deeper firewall test on my fresh installed OpenWRT Router and activated a “Ads Blacklist” after this my owncloud Share Login loops! Result: Seems that some IP’s of the “Update Check Tool” Servers, which is installed inside the PHP-Kit is blacklisted. So it seems the Code calls home! With this option its possible to count and collect IPs of Setups! Perhaps checkout unpatched Versions! I didn’t check deeper, but the behavior was clear without viewing the codes. After publish this Info via Twitter: REMARKS: No Company / Developer works for “free” After Setup of PHP-Kits do a […]
Nextcloud Owncloud Opensource Risk’s
If you are current using Nextcloud / Owncloud or other PHP-Kits for File Handling you should know these remarks: Based on this Article You must know: Details of Security about your current used PHP Versions (7.X) Details of your used Database Version (MySQL..) Details of hardened OS and Webserver Version (Apache,Firewall,fail2ban,file policys, selinux, apparmor filter) See ALWAYS PHP-Kits of opensource with the trust of NON HARDENED SOFTWARE (prefer NON-PUBLIC ACCESS) You can ACCESS this Software thru SSH TUNNELS with a local running non-caching PROXY (privoxy) Use the SSH Tunnels on unknown Ports and Login via Key Files which must be […]
Amazon: Cloud Drive Sharing with NFS on Local Network as Photo Uploader Backup
Current the acd_cli tool for amazon drive mount offers no “fsid” (device /dev) point, that you cant export and share the amazon drive at your home local network. On the latest raspberry pi OS (jessie) you can use a small workaround to get a NFS Shared Amazon Cloud Backup Uploader (needs python3.4 !) install acd_cli tools, create the auth file (read) and run $ sudo acd_cli mount /amazoncloud now create a second Folder /sendtoamazon install nfs-kernel-Server and share this Folder with NFS exports to your LAN on the raspberrypi you can use a cron “move” Job running every 10 Minutes: #crontab -e */10 * […]