CSRF check failed on login


#21

I looked little bit in the internet. It seems mod_php was abandoned in favour of php-fpm because of http/2 support and other reasons. There were higher reasons for the apache2 to employ php-fpm instead of mod_php. As for that: No, i will not fumble around in my nicely working Raspbian 9.0 stretch apart from what is suggested by the dependency manager of the apt package manager. I think the policy of replacing mod_php by php-fpm is a platform and distribution independent strategical decision and i would not mess up with that unless it turns out to be a major mistake of the community to migrate from mod_php to php-fpm.


#22

If i'm checking the ownCloud requirements the "official" supported way running ownCloud on Apache is mod_php:

https://doc.owncloud.org/server/latest/admin_manual/installation/system_requirements.html

php-fpm is only listed in relation with nginx and i think it might be possible that there is a reason for this.

Running php-fpm on Apache could explain as well why you're seeing this issue with ownCloud and Nextcloud.


#23

I agree with @tom42, try the mod_php and check if the problems still happen.

you can change later to php_fpm, but the recommended configuration is with mod_php.

Additionally: block your phpmyadmin to only local ips, you could be hacked from that side.


#24

I tried to do apt install libapache2-mod-php, but it was already installed, only there seems to be no configuration for that in conf-enabled folder of /etc/apache2 directory. Thus i suspect, owncloud should have already found a working installation of libapache2-mod-php before and the problem could be a different one.


#25

to solve I changed the configuration of the webserver from default to php-cgi. The problem is solved.