I have managed to install owncloud 9.1.0 on an old laptop that is running Ubuntu server 14.04 LTS. Installed from PPA. As a database I am using MySQL and as server I am using Apache.
Owncloud is up and running. I followed the Owncloud 9 Administrator Manual to configure Apache and set up MySQL as well as the owncloud install.
I have also setup a free account with "no-ip.com" and forwarded port 80 on my router to my server's static IP Port 80.
I can access owncloud fine from within my network and also over http from outside my network using both either "http://mystaticIP/owncloud" from within the network or "http://mydomain(from no-ip)/owncloud" from outside my network. I followed the hardening and security tips. I have IPtables running as a firewall (all necessary ports are configured correctly: 80, 443) and within my network https works with a self signed certificate that I have created in Ubuntu as well as with the Ubuntu default self signed certificate. Outside of my network https is not working even if I forward port 443. I think it has to do with the self signed certificate.
I also have fail2ban up and running configured for Owncloud 9 according to the guide here in the forum.
I have a couple of questions due to being relatively new to Owncloud and Apache.
- Is this correct:
In the virtual host configuration files I have entered
Virtualhost my server's static ip :80
Virtualhost my server's static ip :443
ServerName my domain(from no-ip)
Do I need a server Alias?
(should it be /var/www/owncloud for owncloud only use?)
- How do I get https to run from outside of my network?
How do I redirect all traffic to https?
Right now I have a redirect that is uncommented due to ssl not working from outside my network that looks like this in Virtualhost file for port 80:
"#redirect all unencrypted traffic to https
"#Redirect permanent / https:/mydomain(from no-ip)/
Is this correct or should I use their server's static IP here?
If I enter "http://mydomain(from no-ip)" I am directed to a blank index file that is located under /var/www/ can I somehow redirect that to also directly got to "http://mydomain(from no-ip)/owncloud (sub directory)"
I also have a parked domain with a domain registrar that is only used for email hosting at this point. Maybe it could be used as well?!
What other things do I need to do to secure my server?
Anything Apache related in fail2ban. Any .htaccess file changes or better in the Apache config files? Block certain IPs?
I would very much appreciate any help possible. I know this is a lot of different questions. Let me know if you need additional information.