Reverse-Proxy-Header-Configuration error

Question

Reverse-Proxy-Header-Configuration error

MarcelFranken opened this issue 6 years ago · 6 comments

Hello,
after updating to NC 16 i get this message on my nextcloud instance:
The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud. Further information can be found in the documentation.

Any ideas?

Best regards

Answer 1 · 2019-04-25T06:08:35.000Z

Check trusted_proxies and forwarded_for_headers in your config.

Answer 2 · 2019-04-25T06:15:23.000Z

Hi crazy-max, yeah i know about this. But i didnt found anything in your docker container.

Answer 3 · 2019-04-25T06:20:28.000Z

in your docker container.

Nothing to do with the container, it concerns the Nextcloud configuration I think. Can you display your configuration (without secret, crendentials) pls ?
Or docker-compose exec nextcloud occ config:list system

Answer 4 · 2019-04-25T07:04:41.000Z

ok, maybe you can add this to your documentation :-)
Here is the output of the command:
{ "system": { "datadirectory": "***REMOVED SENSITIVE VALUE***", "tempdirectory": "\/data\/tmp", "supportedDatabases": [ "sqlite", "mysql", "pgsql" ], "logtimezone": "Europe\/Berlin", "logdateformat": "Y-m-d H:i:s", "memcache.local": "\\OC\\Memcache\\Redis", "apps_paths": [ { "path": "\/var\/www\/apps", "url": "\/apps", "writable": false }, { "path": "\/data\/userapps", "url": "\/userapps", "writable": true } ], "mail_smtpmode": "smtp", "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "cloud.localhost" ], "dbtype": "mysql", "version": "16.0.0.9", "overwrite.cli.url": "http:\/\/cloud.localhost", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "", "dbtableprefix": "", "mysql.utf8mb4": true, "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "loglevel": 2, "maintenance": false, "overwriteprotocol": "https", "updatechecker": false, "filelocking.enabled": true, "memcache.distributed": "\\OC\\Memcache\\Redis", "memcache.locking": "\\OC\\Memcache\\Redis", "redis": { "host": "***REMOVED SENSITIVE VALUE***", "port": 6379, "timeout": 0 } } }

Answer 5 · 2019-04-25T09:02:56.000Z

i added the specific line into my config.php, now it works perfect.

Answer 6 · 2019-04-25T12:01:27.000Z

@MarcelFranken Nice and thx a lot for your donation ❤️