Steps to reproduce
- Navigate via Chrome to https://cloud.example.de
- Log-In with correct credentials
Expected behaviour
The Login succeeds and I get to my files.
Actual behaviour
The webpage reloads, without any warning or error. Just the URL has changed from https://cloud.example.de/index.php/login
to https://cloud.example.de/index.php/login?redirect_url=%252Findex.php%252Fapps%252Ffiles%252F
and I am promted to login again.
If I use Firefox this problem does not occure. I already tried to clear cache and cookies.
However, when I use the URL https://example.de/owncloud I donât have issues with Chrome. See vhost config at the bottom.
Server configuration
Operating system: Debian 10
Web server: Apache/2.4.38
Database: 10.3.27-MariaDB-0+deb10u1 Debian 10
PHP version: PHP 7.3.27-1~deb10u1
ownCloud version: (see ownCloud admin page) 10.7.0.4
Updated from an older ownCloud or fresh install: Fresh install
Where did you install ownCloud from: Original sources (no apt package)
Signing status (ownCloud 9.0 and above): No errors have been found.
The content of config/config.php:
https://pastebin.com/KSakkGF4
List of activated apps:
https://pastebin.com/zLtRgDJt
Are you using external storage, if yes which one: No
Are you using encryption: yes
Are you using an external user-backend, if yes which one: No
Client configuration
Browser: Google-Chrome Version 91.0.4472.77 (Offizieller Build) (64-Bit)
Operating system: Windows 10
Logs
Web server error log
[Mon Jun 07 15:12:29.081996 2021] [ssl:warn] [pid 13097] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 15:12:29.185169 2021] [ssl:warn] [pid 13098] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 15:12:29.191612 2021] [mpm_prefork:notice] [pid 13098] AH00163: Apache/2.4.38 (Debian) OpenSSL/1.1.1d configured -- resuming normal operations
[Mon Jun 07 15:12:29.191665 2021] [core:notice] [pid 13098] AH00094: Command line: '/usr/sbin/apache2'
[Mon Jun 07 16:01:26.392560 2021] [mpm_prefork:notice] [pid 13098] AH00169: caught SIGTERM, shutting down
[Mon Jun 07 16:01:26.502306 2021] [ssl:warn] [pid 13454] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 16:01:26.602136 2021] [ssl:warn] [pid 13455] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 16:01:26.608672 2021] [mpm_prefork:notice] [pid 13455] AH00163: Apache/2.4.38 (Debian) OpenSSL/1.1.1d configured -- resuming normal operations
[Mon Jun 07 16:01:26.608732 2021] [core:notice] [pid 13455] AH00094: Command line: '/usr/sbin/apache2'
[Mon Jun 07 16:25:40.331635 2021] [mpm_prefork:notice] [pid 13455] AH00169: caught SIGTERM, shutting down
[Mon Jun 07 16:25:40.437770 2021] [ssl:warn] [pid 14042] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 16:25:40.540968 2021] [ssl:warn] [pid 14044] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 16:25:40.547175 2021] [mpm_prefork:notice] [pid 14044] AH00163: Apache/2.4.38 (Debian) OpenSSL/1.1.1d configured -- resuming normal operations
[Mon Jun 07 16:25:40.547226 2021] [core:notice] [pid 14044] AH00094: Command line: '/usr/sbin/apache2'
[Mon Jun 07 16:28:32.020254 2021] [mpm_prefork:notice] [pid 14044] AH00169: caught SIGTERM, shutting down
[Mon Jun 07 16:28:32.118025 2021] [ssl:warn] [pid 14089] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 16:28:32.213198 2021] [ssl:warn] [pid 14090] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 16:28:32.220638 2021] [mpm_prefork:notice] [pid 14090] AH00163: Apache/2.4.38 (Debian) OpenSSL/1.1.1d configured -- resuming normal operations
[Mon Jun 07 16:28:32.220682 2021] [core:notice] [pid 14090] AH00094: Command line: '/usr/sbin/apache2'
[Mon Jun 07 16:40:43.964676 2021] [mpm_prefork:notice] [pid 14090] AH00169: caught SIGTERM, shutting down
[Mon Jun 07 16:40:44.063677 2021] [ssl:warn] [pid 14250] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 16:40:44.155973 2021] [ssl:warn] [pid 14252] AH01909: 127.0.0.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Jun 07 16:40:44.162249 2021] [mpm_prefork:notice] [pid 14252] AH00163: Apache/2.4.38 (Debian) OpenSSL/1.1.1d configured -- resuming normal operations
[Mon Jun 07 16:40:44.162286 2021] [core:notice] [pid 14252] AH00094: Command line: '/usr/sbin/apache2'
[Mon Jun 07 17:08:14.973740 2021] [authz_core:error] [pid 14256] [client ***REMOVED***:1032] AH01630: client denied by server configuration: /var/www/owncloud/data/htaccesstest.txt
[Mon Jun 07 17:10:34.457405 2021] [authz_core:error] [pid 14346] [client ***REMOVED***:1028] AH01630: client denied by server configuration: /var/www/owncloud/data/htaccesstest.txt
ownCloud log (data/owncloud.log)
{"reqId":"L0gev0ah9G99ayB2zsqn","level":3,"time":"2021-06-01T13:30:46+00:00","remoteAddr":"***myclient***","user":"--","app":"PHP","method":"POST","url":"\/owncloud\/index.php","message":"Undefined index: dbconnectionstring at \/var\/www\/owncloud\/lib\/private\/Setup\/AbstractDatabase.php#82"}
{"reqId":"L0gev0ah9G99ayB2zsqn","level":3,"time":"2021-06-01T13:30:46+00:00","remoteAddr":"***myclient***","user":"--","app":"mysql.setup","method":"POST","url":"\/owncloud\/index.php","message":"Specific user creation failed: An exception occurred while executing 'SELECT user FROM mysql.user WHERE user=?' with params [\"oc_jkleefeld\"]:\n\nSQLSTATE[42000]: Syntax error or access violation: 1142 SELECT command denied to user 'owncloud'@'localhost' for table 'user'"}
{"reqId":"oD7JoPEQHy5UclE9nMOX","level":2,"time":"2021-06-01T20:49:51+00:00","remoteAddr":"***myclient***","user":"jkleefeld","app":"files_antivirus","method":"PUT","url":"\/owncloud\/remote.php\/dav\/files\/jkleefeld\/eicar_com.zip","message":"Infected file deleted. Win.Test.EICAR_HDB-1 Account: jkleefeld Path: files\/eicar_com.zip.ocTransferId1080783043.part"}
{"reqId":"oD7JoPEQHy5UclE9nMOX","level":2,"time":"2021-06-01T20:49:51+00:00","remoteAddr":"***myclient***","user":"jkleefeld","app":"core","method":"PUT","url":"\/owncloud\/remote.php\/dav\/files\/jkleefeld\/eicar_com.zip","message":"ignoring lock release with type 1 for files\/ba11e692cb6efdb72726036db22e84fc. Lock hasn't been acquired before"}
{"reqId":"7e91e573-be0e-4555-a2c0-255ce0616608","level":2,"time":"2021-06-07T12:10:04+00:00","remoteAddr":"***REMOVED***","user":"--","app":"core","method":"PROPFIND","url":"\/remote.php\/dav\/files\/jan.kleefeld\/","message":"Login failed: 'jan.kleefeld' (Remote IP: '***REMOVED***')"}
{"reqId":"7d0bed04-aeaa-4d4f-8657-40579a7c18b3","level":2,"time":"2021-06-07T12:11:23+00:00","remoteAddr":"***REMOVED***","user":"--","app":"core","method":"PROPFIND","url":"\/owncloud\/remote.php\/webdav\/","message":"Login failed: 'Jan.Kleefeld' (Remote IP: '***REMOVED***')"}
Browser log
a) The javascript console log: https://www.bilder-upload.eu/upload/05bd3c-1623081260.png
b) The network log https://www.bilder-upload.eu/upload/773189-1623081296.png
Apache vHosts
/sites-enabled/owncloud.conf
<VirtualHost *:80>
ServerName cloud.example.de
ServerAdmin webmaster@example.de
DocumentRoot /var/www/owncloud/
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
<Directory /var/www/owncloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/owncloud
SetEnv HTTP_HOME /var/www/owncloud
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName cloud.example.de
ServerAdmin webmaster@example.de
DocumentRoot /var/www/owncloud/
## Custom config {
SSLProtocol -ALL +TLSv1.2 +TLSv1.3
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
##}
<Directory /var/www/owncloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/owncloud
SetEnv HTTP_HOME /var/www/owncloud
</Directory>
</VirtualHost>
/sites-enabled/000-default.conf
<VirtualHost *:80>
ServerName example.de
ServerAdmin webmaster@example.de
DocumentRoot /var/www/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
/sites-enabled/default-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName example.de
ServerAdmin webmaster@example.de
DocumentRoot /var/www/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.de/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.de/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.de/fullchain.pem
SSLProtocol -ALL +TLSv1.2 +TLSv1.3
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Thank you in advance.