NethServer Version: 7.3.1611
Module: nethserver-nextcloud
After an update to the nextcloud version 12 module, a couple new errors show up in the nextcloud admin page.
The first is a warning that the X-Frame-Options is not set to “SAMEORIGIN” in the .htaccess file, yet if I check the file, I can see that the setting is correctly set. Both the admin panel and the scan tool at scan.nextcloud.com report this issue.
cat /usr/share/nextcloud/.htaccess
<IfModule mod_env.c>
# Add security and privacy related headers
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header set X-Robots-Tag "none"
Header set X-Frame-Options "SAMEORIGIN"
Header set X-Download-Options "noopen"
Header set X-Permitted-Cross-Domain-Policies "none"
SetEnv modHeadersAvailable true
</IfModule>
There are also the following opcache warnings. I tried to set them in /etc/php.ini, but they had no effect (possibly the wrong php file i need to edit?)
The PHP Opcache is not properly configured. For better performance we recommend ↗ to use following settings in the php.ini:
opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
Note that none of this issues were ever present in 11.0.0.3 or other nextcloud versions.