Difference between revisions of "Owncloud"

From Alessandro's Wiki
 
Line 22: Line 22:
 
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
 
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
 
</IfModule>
 
</IfModule>
  +
  +
* moreover, if you're using ModSecurity, it will block some weird encoded files:
  +
  +
[id "200002"] [msg "Failed to parse request body."]
  +
  +
* /etc/modsecurity/modsecurity.conf
  +
SecRule REQUEST_URI /PATH/GIVING/ERROR "phase:1,id:12346,nolog,chain"
  +
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"

Latest revision as of 07:36, 13 October 2020


Testing

DAV

srv:# cadaver https://example.com/cloud/remote.php/webdav/
Authentication required for ownCloud on server `example.com':
Username: abcd
Password:
dav:/cloud/remote.php/webdav/> ls
...
  • fix the DAV client connection problem with php-fpm
OPTIONS /index.php/login HTTP/1.1" 405
owncloud PROPFIND /remote.php/webdav/ HTTP/1.1" 401
  • setting the following in the VH solved the problem
 <IfModule setenvif_module>
   SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
 </IfModule>
  • moreover, if you're using ModSecurity, it will block some weird encoded files:
[id "200002"] [msg "Failed to parse request body."]
  • /etc/modsecurity/modsecurity.conf
SecRule REQUEST_URI /PATH/GIVING/ERROR "phase:1,id:12346,nolog,chain"
  SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"