Hi, i'm planning to install Nextcloud on an Ubuntu 20.04 with Apache. But the recommendations from Nextcloud to configure Apache don't appeal to me. 1. https://docs.nextcloud.com/server/19/admin_manual/installation/source_installation.html#installation-wizard The recommendation is to change the owner of the DocumentRoot of the Nextcloud installation to www-data, the user the apache2 process is running. "chown -R www-data:www-data /var/www/nextcloud/" This is weird, isn't it ? I remember http://httpd.apache.org/docs/2.4/misc/security_tips.html "Permissions on ServerRoot Directories" which is contradictory to that. 2. The second recommendation is even stranger: https://docs.nextcloud.com/server/19/admin_manual/installation/source_installation.html#pretty-urls "mod_env and mod_rewrite must be installed on your webserver and the .htaccess must be writable by the HTTP user. Then you can set in the config.php two variables:" .htaccess writeable by the HTTP User !?! I'm no Webserver expert, but i get pain in my stomach reading this. What do you think ? Has anyone experience in installing nextcloud ? Would it be a good idea to install nextcloud via snap, which seems to be more secure ? Bernd -- Bernd Lentes Systemadministration Institute for Metabolism and Cell Death (MCD) Building 25 - office 122 HelmholtzZentrum München bernd.lentes@xxxxxxxxxxxxxxxxxxxxx phone: +49 89 3187 1241 phone: +49 89 3187 3827 fax: +49 89 3187 2294 http://www.helmholtz-muenchen.de/mcd stay healthy Helmholtz Zentrum München Helmholtz Zentrum München --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|