[SOLVED] ISPConfig 3.1.15p3 Config Templates only one Domain

Discussion in 'Installation/Configuration' started by piccolo, May 27, 2020.

  1. piccolo

    piccolo New Member

    Hi @all,
    i'm glad to find this forum!
    And i hope you guys can help me?
    I wanted to change these lines in the .vhost config:
    Code:
    location ~ /\. {
                            deny all;
            }
    to that:
    Code:
    location ~ /\.(?!file).* {
                            deny all;
            }
    So that the Nextcloud is able to create and move the chunk files.
    Here comes the tricky part i only want to change that on one domain, the othter domains should use the default template.
    Is it possible to set this in the custom-conf directory? I've created a custom conf in the directory:
    Code:
    /usr/local/ispconfig/server/conf-custom/nginx_nextcloud_vhost.conf.master
    But now i don't know how to get this as default template for one of my subdomains.
    Do you have a idea how to get this running?
    Thanks and regards,
    piccolo
     
    ahrasis likes this.
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Try to add this in the nginx directives field of the website:

    Code:
    location ~ /\. { ##delete##
    }
    location ~ /\.(?!file).* {
              deny all;
    }
    
    and remove that custom conf file that you created.
     
    Erih-Gres, piccolo and ahrasis like this.
  3. piccolo

    piccolo New Member

    Hi till,
    thanks for your fast reply.
    I did the changes as you said to the directive field and it changed the config to this:
    Code:
    location ~ /\. {
    }
    [... some other lines here...]
    location ~ /\.(?!file).* {
             deny all;
    }
    
    But the nextcloud is showing the error again, if i change the original line the error disappears.
    Maybe there is a Problem in my config. I've created this as a directive snippet or should i paste this in the directives of the domain?
    Thanks and regards,
    piccolo
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Paste it to the nginx directives field of the website, and the ##delete## is an important part, do not remove that. See page 160 of the ISPConfig manual.
     
    piccolo likes this.
  5. piccolo

    piccolo New Member

    Hi till,
    thanks the section is now gone and there is just the one section i need:
    Code:
    location ~ /\.(?!file).* {
             deny all;
    }
    But i still get the following error:
    Code:
    [error] 21785#0: *54 access forbidden by rule, client: *client ip*, server: *domain.tld*, request: "MOVE /remote.php/dav/uploads/<user>/1624551459/.file HTTP/1.1", host: "*domain.tld*"
    Is there something else i can check? It seems that nginx is now allowing to access the .file
    Thanks and regards,
    piccolo

    [EDIT]: I uploaded the config file generated by ISPConfig - I removed the sensitive data.
     

    Attached Files:

    Last edited: May 28, 2020
  6. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    piccolo likes this.
  7. piccolo

    piccolo New Member

    Thanks to till and ahrasis!
    @till : your suggestion with the ##delete## line was gold! - This removed the location line in the config that was created by the template.
    @ahrasis : thanks to your post i reviewed my config again and found, that the lines
    Code:
    location ~ /\.(?!well-known) {
           deny all;
    }
    AND!:
    Code:
    location ~ /\.(?!file).* {
             deny all;
    }
    were in the vhost config file!
    I removed my config and only have this one in the nginx config:
    Code:
    location ~ /\.(?!well-known)(?!file) {
           deny all;
    }
    Thanks to you all guys, you are great! - It works!
     
    till and ahrasis like this.
  8. tabatinga

    tabatinga New Member

    This snippet is working for Nextcloud 21.0.3 too
    Code:
         allow all;
            log_not_found off;
            access_log off;
        }
    
    # ............. code starts here  ...........
    
        location ~ /\. { ##delete##
        }
        location ~ /\.(?!well-known)(?!file) {
           deny all;
        }
    
    # ..........          code ends here    ..............
    
    location ~ \.php$ {
    docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html

     
    Last edited: Jul 8, 2021
    Slayer and ahrasis like this.

Share This Page