Steps to reproduce
- Start desktop client
- Add new account
- Insert selfhosted address (tested both IP and hostname)
- Click on open browser to login
Expected behaviour
Should be directed to login screen.
Actual behaviour
Browser opens page with “403 Forbidden openresty”.
Server configuration
Operating system: Ubuntu server 22
Web server: 8.0.5
Database:
PHP version:
ownCloud version: 5.0.7
Updated from an older ownCloud or fresh install:
Where did you install ownCloud from: Official link
The content of config/config.php:
OCIS_URL=https://ocis.my.domain
PROXY_HTTP_ADDR=192.168.1.206:9200
PROXY_TLS=false
OCIS_INSECURE=false
Are you using external storage, if yes which one: local/smb/sftp/…
No.
Are you using encryption: yes/no
No
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/…
No
Client configuration
Browser:
Chrome/Firefox/Edge, tested them all.
Operating system:
Windows 11 Pro
Logs
ownCloud log (data/owncloud.log)
{"level":"debug","service":"gateway","service":{"name":"com.owncloud.api.gateway","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server":"grpc","t>{"level":"debug","service":"storage-users","service":{"name":"com.owncloud.api.storage-users","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","serve>{"level":"debug","service":"storage-publiclink","service":{"name":"com.owncloud.api.storage-publiclink","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cac>{"level":"debug","service":"auth-machine","service":{"name":"com.owncloud.api.auth-machine","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server">{"level":"debug","service":"app-provider","service":{"name":"com.owncloud.api.app-provider","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server">{"level":"debug","service":"groups","service":{"name":"com.owncloud.api.groups","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server":"grpc","tra>{"level":"debug","service":"auth-service","service":{"name":"com.owncloud.api.auth-service","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server">{"level":"debug","service":"sharing","service":{"name":"com.owncloud.api.sharing","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server":"grpc","t>{"level":"debug","service":"app-registry","service":{"name":"com.owncloud.api.app-registry","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server">{"level":"debug","service":"ocm","service":{"name":"com.owncloud.api.ocm","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server":"grpc","transport>{"level":"debug","service":"users","service":{"name":"com.owncloud.api.users","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server":"grpc","trans>{"level":"debug","service":"storage-system","service":{"name":"com.owncloud.api.storage-system","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","ser>{"level":"debug","service":"storage-shares","service":{"name":"com.owncloud.api.storage-shares","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","ser>{"level":"debug","service":"auth-basic","service":{"name":"com.owncloud.api.auth-basic","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"grpc","registry":"cache","server":"gr>{"level":"debug","service":"storage-system","service":{"name":"com.owncloud.web.storage-system","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"http","registry":"cache","ser>{"level":"debug","service":"ocm","service":{"name":"com.owncloud.web.ocm","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"http","registry":"cache","server":"http","transport>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","method":"/cs3.gateway.v1beta1.GatewayAPI/Authenticate","time":"2024-09-13T12:03:07+02:00","line":"github>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","method":"/cs3.auth.registry.v1beta1.RegistryAPI/GetAuthProviders","time":"2024-09-13T12:03:07+02:00","li>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35614","uri":"/cs3.auth.registry.v1beta1.RegistryAP>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","method":"/cs3.auth.provider.v1beta1.ProviderAPI/Authenticate","time":"2024-09-13T12:03:07+02:00","line":>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","method":"/cs3.gateway.v1beta1.GatewayAPI/GetUserByClaim","time":"2024-09-13T12:03:07+02:00","line":"gith>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","method":"/cs3.identity.user.v1beta1.UserAPI/GetUserByClaim","time":"2024-09-13T12:03:07+02:00","line":"g>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35628","uri":"/cs3.identity.user.v1beta1.UserAPI/Ge>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35604","uri":"/cs3.gateway.v1beta1.GatewayAPI/GetUs>{"level":"info","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","time":"2024-09-13T12:03:07+02:00","line":"github.com/cs3org/reva/v2@v2.19.7/internal/grpc/services/authpr>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35624","uri":"/cs3.auth.provider.v1beta1.ProviderAP>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35604","uri":"/cs3.gateway.v1beta1.GatewayAPI/Authe>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35632","uri":"/cs3.permissions.v1beta1.PermissionsA>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"68c36b9ee3132ace018e78ed2909020f","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35598","uri":"/cs3.storage.provider.v1beta1.Provide>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","method":"/cs3.gateway.v1beta1.GatewayAPI/Authenticate","time":"2024-09-13T12:03:07+02:00","line":"github>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","method":"/cs3.auth.registry.v1beta1.RegistryAPI/GetAuthProviders","time":"2024-09-13T12:03:07+02:00","li>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35614","uri":"/cs3.auth.registry.v1beta1.RegistryAP>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","method":"/cs3.auth.provider.v1beta1.ProviderAPI/Authenticate","time":"2024-09-13T12:03:07+02:00","line":>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","method":"/cs3.gateway.v1beta1.GatewayAPI/GetUserByClaim","time":"2024-09-13T12:03:07+02:00","line":"gith>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","method":"/cs3.identity.user.v1beta1.UserAPI/GetUserByClaim","time":"2024-09-13T12:03:07+02:00","line":"g>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35628","uri":"/cs3.identity.user.v1beta1.UserAPI/Ge>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35604","uri":"/cs3.gateway.v1beta1.GatewayAPI/GetUs>{"level":"info","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","time":"2024-09-13T12:03:07+02:00","line":"github.com/cs3org/reva/v2@v2.19.7/internal/grpc/services/authpr>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35624","uri":"/cs3.auth.provider.v1beta1.ProviderAP>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35604","uri":"/cs3.gateway.v1beta1.GatewayAPI/Authe>{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"e85258ac2c24d8cb6ba5e5d62397063a","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:35598","uri":"/cs3.storage.provider.v1beta1.Provide>{"level":"debug","service":"frontend","service":{"name":"com.owncloud.web.frontend","version":"5.0.7","metadata":null,"endpoints":[],"nodes":[{"metadata":{"protocol":"http","registry":"cache","server":"http",>{"level":"debug","service":"gateway","pkg":"rgrpc","traceid":"7a8c1791a7d3a3416ddcce6b7b30ffef","method":"/cs3.gateway.v1beta1.GatewayAPI/AddAppProvider","time":"2024-09-13T12:03:09+02:00","line":"github.com/>{"level":"debug","service":"app-registry","pkg":"rgrpc","traceid":"7a8c1791a7d3a3416ddcce6b7b30ffef","method":"/cs3.app.registry.v1beta1.RegistryAPI/AddAppProvider","time":"2024-09-13T12:03:09+02:00","line":">{"level":"debug","service":"app-registry","pkg":"rgrpc","traceid":"7a8c1791a7d3a3416ddcce6b7b30ffef","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:39890","uri":"/cs3.app.registry.v1beta1.RegistryAPI/A>{"level":"debug","service":"gateway","pkg":"rgrpc","traceid":"7a8c1791a7d3a3416ddcce6b7b30ffef","user-agent":"grpc-go/1.62.0","from":"tcp://127.0.0.1:48910","uri":"/cs3.gateway.v1beta1.GatewayAPI/AddAppProvid>
I’ve found this topic (Desktop Client 403 Forbidden - Web and mobile are working) but their solution with adding “proxy_set_header Host $host;” to Nginx Proxy Manager’s Custom Nginx Configuration doesn’t work for me.