Windows desktop client fails to connect, "500 internal server error", other clients work fine

Expected behaviour

Desktop client connection wizard should connect to my owncloud. It has worked fine for years.

Actual behaviour

On typing in the information in the wizard, it returns an error: "Server replied “500 Internal Server Error” to “PROPFIND <deleted…>/owncloud/remote.php/webdav/”
It fails to connect.

Hi,
I’m using Windows 10.0.19043. I am using owncloud desktop client 2.8.2 build 4246. Owncloud version 10.3.2 hosted on DreamHost.

After many years of working perfectly, the desktop sync client no longer connects: the connection wizard returns a "Server replied “500 Internal Server Error” to “PROPFIND <deleted…>/owncloud/remote.php/webdav/”

This suddenly began happening sometime in July. I am able to log in to owncloud fine from a browser. The iOS client app works fine; I am able to connect via webdav using windows Explorer on this same computer. Every other webdav client I’ve tried is able to connect. However, I have duplicated this failure using the Linux desktop client on a Linux VM on this same Windows host (with the same error).

I would appreciate any help on next steps, or a resource that I can use to troubleshoot…I’d also gladly provide additional information…I’m rather in the dark as to the inner workings of the server, so have no idea what to look for in terms of log files, etc. (The log files are extremely long, and contain a lot of information I’d rather not share in an insecure format).

Best regards

Steps to reproduce

  1. Install, reinstall Windows client
  2. type in server address, username, pw.
  3. Does not connect, with above error. 100% of time.

Server configuration

Operating system: Don’t know (DreamHost)

Web server: Don’t know (hosted on DreamHost)

Database:

PHP version: 7.3

ownCloud version: 10.3.2

Storage backend (external storage):

Client configuration

Client version: 2.8.2 build 4246

Operating system: Windows 10.0.19043

OS language: English

Qt version used by client package (Linux only, see also Settings dialog):

Client package (From ownCloud or distro) (Linux only):

Installation path of client: C:\Program Files\ownCloud

Logs

Please use Gist (https://gist.github.com/) or a similar code paster for longer
logs.

Template for output < 10 lines

  1. Client logfile: Output of owncloud --logwindow or owncloud --logfile log.txt
    (On Windows using cmd.exe, you might need to first cd into the ownCloud directory)
    (See also http://doc.owncloud.org/desktop/2.2/troubleshooting.html#client-logfile )

  2. Web server error log:

  3. Server logfile: ownCloud log (data/owncloud.log):

“500 Internal Server Error” needs investigation on the server, but you can start your research in the desktop logs.

Here you can find more information how to capture the desktop client debug log:

I’d recommend to clear the directory, before you reproduce the issue, then you don’t have that big log files.

Find the response with in the desktop log with the server 500 error. There you should als see the X-REQUEST-ID that looks like this: 75e3ea94-345a-4ee5-a33b-b550d1ae8dd0

Then you can grep the owncloud.log on the server for this X-REQUEST-ID to find our what happened.

Here you can find more information how to access the server owncloud.log:

Additional information:

Thank you very much…your instructions on the basics of how to trace will pay me, and I’m sure others, many dividends over the years.

As to my problem, on the client side, the last X-REQUEST-ID just before the server 500 error was 13cc1c2e-7b49-49a6-9c1b-3a634c833075.

I think went to the server’s log file and found the block of code where this request was located, and it is pasted below. I do see that there are references to certain “tokens” “does not exist” or “not found”…any idea what this means?

{“reqId”:“13cc1c2e-7b49-49a6-9c1b-3a634c833075”,“level”:0,“time”:“2021-08-26T01:58:30+00:00”,“remoteAddr”:“71.167.255.196”,“user”:"–",“app”:“OC\Authentication\Token\DefaultTokenProvider::invalidateToken”,“method”:“GET”,“url”:"/owncloud/ocs/v2.php/cloud/user?format=json",“message”:“invalidating token c2962fb35ef9019b1e455bd85f73d18380c278ce7406789200c7c6c7873b8ee389e9c3a5c7aee87fa74557093170c8066d9866d56f1405d73dc1b6c3d402a42f”}
{“reqId”:“13cc1c2e-7b49-49a6-9c1b-3a634c833075”,“level”:0,“time”:“2021-08-26T01:58:30+00:00”,“remoteAddr”:“71.167.255.196”,“user”:"–",“app”:“OC\Authentication\Token\DefaultTokenProvider::getToken”,“method”:“GET”,“url”:"/owncloud/ocs/v2.php/cloud/user?format=json",“message”:“token c2962fb35ef9019b1e455bd85f73d18380c278ce7406789200c7c6c7873b8ee389e9c3a5c7aee87fa74557093170c8066d9866d56f1405d73dc1b6c3d402a42f does not exist”}
{“reqId”:“13cc1c2e-7b49-49a6-9c1b-3a634c833075”,“level”:0,“time”:“2021-08-26T01:58:30+00:00”,“remoteAddr”:“71.167.255.196”,“user”:"–",“app”:“OC\Authentication\Token\DefaultTokenProvider::getToken”,“method”:“GET”,“url”:"/owncloud/ocs/v2.php/cloud/user?format=json",“message”:“token 60fdaf1c84e0691fe72182511a86e0345601fafe0c9a2fa949fad419232a5a6c72a0c988beab0d58afa8287b93521e45508fd59784ec24b09b2d780a3b6007ae does not exist”}
{“reqId”:“13cc1c2e-7b49-49a6-9c1b-3a634c833075”,“level”:0,“time”:“2021-08-26T01:58:30+00:00”,“remoteAddr”:“71.167.255.196”,“user”:"–",“app”:“OC\User\Session::login”,“method”:“GET”,“url”:"/owncloud/ocs/v2.php/cloud/user?format=json",“message”:“regenerating session id for uid , password set”}
{“reqId”:“13cc1c2e-7b49-49a6-9c1b-3a634c833075”,“level”:0,“time”:“2021-08-26T01:58:30+00:00”,“remoteAddr”:“71.167.255.196”,“user”:"–",“app”:“OC\Authentication\Token\DefaultTokenProvider::getToken”,“method”:“GET”,“url”:"/owncloud/ocs/v2.php/cloud/user?format=json",“message”:“token 60fdaf1c84e0691fe72182511a86e0345601fafe0c9a2fa949fad419232a5a6c72a0c988beab0d58afa8287b93521e45508fd59784ec24b09b2d780a3b6007ae does not exist”}
{“reqId”:“13cc1c2e-7b49-49a6-9c1b-3a634c833075”,“level”:0,“time”:“2021-08-26T01:58:30+00:00”,“remoteAddr”:“71.167.255.196”,“user”:"–",“app”:“OC\User\Session::validateToken”,“method”:“GET”,“url”:"/owncloud/ocs/v2.php/cloud/user?format=json",“message”:“token 60fdaf1c84e0691fe72182511a86e0345601fafe0c9a2fa949fad419232a5a6c72a0c988beab0d58afa8287b93521e45508fd59784ec24b09b2d780a3b6007ae, not found”}

Hey,

i did the following search Search · dreamhost · GitHub and found Mac OS desktop client triggers `mod_security` violations where web interface, Finder's WebDAV client, and mobile app don't · Issue #39109 · owncloud/core · GitHub. If i’m understanding this issue correctly the problem is originating from the mod_security rules installed / enabled on Dreamhost by default.

Thank you very much. Yes indeed, though the issue you found was for Mac, the issue described was exactly the same as my problem with Windows. Just as described in that thread for Mac, I fixed the problem by disabling mod_security as described in the DreamHost documentation.

https://help.dreamhost.com/hc/en-us/articles/215947927-How-do-I-enable-Extra-Web-Security-for-my-website-

As disabling a security feature is not an ideal solution, I’ll now turn to trying to figure out a more specific work-around. As I mentioned in the original post, I’ve used this hosting service and have been syncing with the desktop client for years. The problem started sometime in July 2021. Probably a change on the Dreamhost side…but hopefully something the owncloud developers might be able to address.

Hey,

i’m not sure if some one of the ownCloud developers are able to address this at all :slightly_frowning_face:. From what i can see it is unclear if this is even an issue in ownCloud and it seems there is also an open issue for the mod_security team:

I just wanted to send one last coda to completely close this issue. I contacted Dreamhost. They suggested two options that would give me root access to modify the mod_security settings myself, or they offered to do it for me with my existing level of service. Both of the root access options involved extra cost and functionality that I didn’t need. So Dreamhost quickly made the necessary modifications for me. Very easy. Good service.

So, for anyone else reading this thread with the same or a similar problem:

  1. first disable mod_security as described in Dreamhost’s documentation, linked above. Verify that the Owncloud client can connect with mod_security disabled.
  2. Assuming 1) holds true, contact Dreamhost customer support and ask them to modify the necessary exemption. In my case the whole process took 2 emails and about a day and a half.
2 Likes