Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stable28] Add details about outgoing connections #11832

Open
wants to merge 8 commits into
base: stable28
Choose a base branch
from
Open

[stable28] Add details about outgoing connections #11832

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
b080e06
Update harden_server.rst
Rello May 16, 2024
cabc42d
Update harden_server.rst
Rello May 16, 2024
7760e35
Update harden_server.rst
Rello May 16, 2024
94687a2
Update harden_server.rst
derigs May 16, 2024
44c8890
Update harden_server.rst
Rello May 17, 2024
32982e1
Update harden_server.rst
Rello May 17, 2024
6aa9163
Update harden_server.rst
derigs May 17, 2024
e767cf2
Update harden_server.rst
Rello May 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 35 additions & 12 deletions admin_manual/installation/harden_server.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -236,20 +236,43 @@ security headers are shipped.
Connections to remote servers
-----------------------------

Some Nextcloud functionalites require connecting to remote servers. Depending on
your server setup, these are the possible connections:

- www.nextcloud.com, www.startpage.com, www.eff.org, www.edri.org for checking the internet connection
- cloud.nextcloud.com (https) for validating the enterprise subscription
- updates.nextcloud.com (https) for Nextcloud server updates
- push-notifications.nextcloud.com (https) for sending push notifications to mobile clients
- pushfeed.nextcloud.com (https) for the Nextcloud announcements app
- lookup.nextcloud.com (https) for updating and lookups to the federated sharing addressbook
- surveyserver.nextcloud.com (https) if the admin has agreed to share anonymized data
- apps.nextcloud.com (https) for available apps and their updates
- github.com (https) for downloading Nextcloud standard apps
Some functionalites require the Nextcloud server to be able to connect remote systems via https/443.
This pragraph also includes the data which is being transmitted to the Nextcloud GmbH.
Depending on your server setup, these are the possible connections:

- nextcloud.com, startpage.com, eff.org, edri.org
- `optional (config)`_
- for checking the internet connection
- cloud.nextcloud.com
- used for enterprise license monitoring
- submitted data: subscription key, user count
- updates.nextcloud.com
- to check for available Nextcloud server updates
- submitted data: server version, subscription key, install time, instance id, instance size
- apps.nextcloud.com
- to check for available apps and their updates
- submitted data: subscription key
- github.com
- to download Nextcloud standard apps
- push-notifications.nextcloud.com
- sending push notifications to mobile clients
- submitted data: unique device identifier, public key, push token
- pushfeed.nextcloud.com
- optional
- checking for updates to be shown in the Nextcloud Announcements app
- lookup.nextcloud.com
- optional
- for updating and lookups to the federated sharing addressbook
- submitted data: *pending*
- surveyserver.nextcloud.com
- optional
- if the admin has agreed to share anonymized server data
- submitted data: instance id, server versions (incl. php & db), installed apps
- Any remote Nextcloud server that is connected with federated sharing

.. _optional (config): https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html#has-internet-connection


Setup fail2ban
--------------

Expand Down
Loading