NethServer Version: 7.7
Module: Nextcloud
Hello Guys
thx for your help and support.
I like to exclude the Nextcloud Admin form the (dangeros) internet. I will config the Nextcloud only internal networks ?
Is tha possible ?
thx Axel
NethServer Version: 7.7
Module: Nextcloud
Hello Guys
thx for your help and support.
I like to exclude the Nextcloud Admin form the (dangeros) internet. I will config the Nextcloud only internal networks ?
Is tha possible ?
thx Axel
I don’t believe there’s a built-in way to do this. There’s a Nextcloud app to restrict login by IP address, but it doesn’t appear to discriminate between admin and other users. You could try enabling two-factor authentication for the admin as an additional security measure.
Thx Dan
hope it is poosible to hav two-factor only for the admin
2FA, IIRC, can be enabled user-by-user.
and use a strong password
P,=R7GI|i&lV*D}nz]gUWuQ9
Moin Axel,
i have solved the problem here as well and that by a strict password and 2FA. In the firewall I restricted the access to Nextcloud to IP’s from Germany.
Regards…
Uwe
That’s something you can also do in Nextcloud itself–but it affects everyone, not just the admin.
I didint understand the programers everybody deed a solution for this problem
Sometimes the Admin is located into internet… For an hosted Nextcloud installation.
Maybe as option can be activated on Nextcloud (so get in touch with Nextcloud)
thx pike i will try and report news
I do not find a solution now. But with a fault my Nextclud admin cant be conneted from Internet …
I want to do this
config setprop nextcloud TrustedDomains sub.domain.de
signal-event nethserver-nextcloud-update
but i am doing this
config setprop nextcloud sub.domain.de
signal-event nethserver-nextcloud-update
than i try
config setprop nextcloud TrustedDomains sub.domain.de
signal-event nethserver-nextcloud-update
again
now Nextcloud admin is excludes from login out of external networks
???
I dind know why but can be helpfull
config show nextcloud
nextcloud=configuration
TrustedDomains=sub.domain.de
VirtualHost=
Wellknown=disabled
Surprised Fail2ban hasn’t come up. I use it on everything even with 2fa as it can also shoot out an automated email when something is placed in a jail.
no fail2an now is one of the next steps
2fa is better like fido2
but was no time to try
Nextcloud let’s you login to trusted domains only. So if you only use an internal domain or IP address as TrustedDomain nobody can login from outside anymore. It’s not possible for a specific user like admin.
http://docs.nethserver.org/en/v7/nextcloud.html#trusted-domains
I found that you could block out admin with apache rewrite (didn’t test):