New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cannot disable webdav #90
Comments
Well if you only want to allow webdav from browsers, you can do this via a regex. You just need to put all browsers you want to allow into it. |
finally got it working with Meanwhile this app suggests |
Can you create a nee issue for that? Thanks! |
Fixed in nextcloud/server#8297 |
Nice! thanks! tested |
Would it be possible to have a clear distinction between browser-based requests and those via WebDAV/sync-clients? White-listing certain user-agents is kind of a "hack". How about an option that notes in the login-session if you logged in via browser or WebDAV/sync-client? |
... And today I discovered that the user agent hack is not enough to stop nextcloud client usage :( because acts like a browser (nginx access.log when I start a configured nextcloud client)
|
So it is possible do disable WebDAV usage or not? |
Well If you disable all webdav usage, the normal web interface will also not work anymore, because it also uses the same endpoint. But as mentioned above, you can simply define a rule which only allows the browsers you want to allow and then webdav clients are blocked while the web UI still works. |
Im sorry but, with Nextcloud 16 it is still not possible to disable webdav access. Does anybody has a solution to "just" hide the settings-bar at the left bottom ? |
Steps to reproduce
Expected behaviour
I cannot access files via webdav (davs://) which is great.
But...! I cannot access files via nextcloud.com file's app. This is because new nextcloud (12) uses webdav always. I don't know if there is a way to distinguish web vs other clients. I tried the following but I can use (davs://) with [caja] so I think is not restricting too much
previously (old nextcloud versions) I succeeded using nginx reverse proxy with
Actual behaviour
Tell us what happens instead
Server configuration
Operating system: Debian 9
Web server: apache
Database: mariadb
PHP version: 7.0
Nextcloud version: (see Nextcloud admin page) 12.0.5
Where did you install Nextcloud from: nextcloud.com
Signing status:
No errors have been found.
List of activated apps:
Enabled:
Disabled:
Nextcloud configuration:
{
"system": {
"default_language": "es",
"instanceid": "occ3ad5ad6d8",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_proxies": masked,
"forwarded_for_headers": [
"HTTP_X_FORWARDED",
"HTTP_FORWARDED_FOR"
],
"trusted_domains": [
"masked",
"masked"
],
"datadirectory": "/media/data",
"overwrite.cli.url": "http://masked/owncloud",
"dbtype": "mysql",
"version": "12.0.5.3",
"appstoreenabled": false,
"apps_paths": [
{
"path": "/var/www/html/nextcloud/apps",
"url": "/apps",
"writable": false
}
],
"dbname": "masked",
"dbhost": "localhost",
"dbtableprefix": "oc_",
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"installed": true,
"ldapIgnoreNamingRules": false,
"loglevel": 0,
"maintenance": false,
"theme": "",
"singleuser": false,
"trashbin_retention_obligation": "auto",
"updater.secret": "REMOVED SENSITIVE VALUE",
"ldapProviderFactory": "\OCA\User_LDAP\LDAPProviderFactory"
}
}
Are you using external storage, if yes which one: local/smb/sftp/...
local
Are you using encryption: yes/no
no
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
yes (see config.php)
Client configuration
Browser:
firefox (debian 9)
Operating system:
debian 9
The text was updated successfully, but these errors were encountered: