Nextcloud server error using WebDAV

What type of hardware are you using: VPS bought online
What YunoHost version are you running: 12.0.17
What app is this about: Nextcloud

Describe your issue

Hi all,
I’m getting error notifications from mobile apps (Davx5 for syncing contacts and calendar) accessing Nextcloud files via WebDAV saying error 500 internal server error.
On my Nextcloud profile, hitting “Verwaltungseinstellungen” (~ “admin settings”) yields some errors and warnings in my own translation from German (~“security and setup warnings”), see below, and please excuse any translation errors.

This seems a huge collection of issues, although Nextcloud seems to work well on first sight.

Any hints will be welcome. If more logs are needed, please tell me how.

Kind regards

Share relevant logs or error messages

1. error: ~“the web server is not yet sufficiently configured for file synchronisation, since the WebDAV interface presumably does not work probably. In order to run this check properly, it must be made sure that the webserver can connect to itself. Therefore, it should be able to resolve at least one of its ‘trusted domains’ or ‘override.cli.url’ and make a connection to it. This error might be the result of a server-side DNS non-congruence or an out-going firewall rule.”

2. error: OCRmyPDF CLI is not installed, see documentation

3. warning: ROW_FORMAT=Dynamic bietet die beste Datenbankleistung für Nextcloud. Bitte aktualisiere das Zeilenformat in der folgenden Liste: oc_calendar_reminders, oc_cookbook_keywords, oc_music_cache, oc_phonetrack_devices, oc_deck_assigned_labels, oc_comments_read_markers, oc_group_user, oc_carnet_metadata, oc_deck_cards, oc_group_folders_groups, oc_calendar_appt_bookings, oc_deck_attachment, oc_richdocuments_assets, oc_polls_options, oc_deck_labels, oc_calendarchanges, oc_recent_contact, oc_vcategory_to_object, oc_analytics_dataload, oc_music_playlists, oc_user_status, oc_ldap_user_mapping, oc_authorized_groups, oc_bookmarks_shares, oc_filecache, oc_groups, oc_circle_tokens, oc_calendarobjects, oc_group_folders_manage, oc_external_config, oc_direct_edit, oc_login_flow_v2, oc_circle_circles, oc_collres_collections, oc_eidlogin_eid_attributes, oc_calendar_rooms, oc_storages_credentials, oc_deck_assigned_users, oc_richdocuments_template, oc_eidlogin_eid_responsedata, oc_comments, oc_bookmarks_root_folders, oc_bbb_restrictions, oc_gpxpod_pictures, oc_news_feeds, oc_twofactor_backupcodes, oc_maps_apikeys, oc_mimetypes, oc_circle_links, oc_passwords_folder, oc_passwords_tag, oc_cookbook_categories, oc_bookmarks_shared_to_shares, oc_user_transfer_owner, oc_deck_board_acl, oc_analytics_share, oc_cms_pico_websites, oc_bbb_room_shares, oc_share, oc_news_folders, oc_circle_gsshares, oc_music_ampache_users, oc_calendar_rooms_md, oc_preferences, oc_authtoken, oc_ratelimit_entries, oc_circle_clouds, oc_notifications_pushhash, oc_flow_checks, oc_activity_mq, oc_music_bookmarks, oc_text_sessions, oc_bookmarks_folders, oc_polls_watch, oc_richdocuments_wopi, oc_dav_cal_proxy, oc_passwords_pw_tag_rel, oc_profile_config, oc_users, oc_passwords_challenge, oc_passwords_folder_rv, oc_phonetrack_tileserver, oc_files_trash, oc_calendars, oc_migrations, oc_addressbooks, oc_gpxpod_tile_servers, oc_phonetrack_points, oc_systemtag, oc_circle_gsshares_mp, oc_external_mounts, oc_text_steps, oc_passwords_share, oc_eidlogin_eid_users, oc_calendarobjects_props, oc_maps_favorite_shares, oc_maps_favorites, oc_privacy_admins, oc_accounts, oc_bbb_rooms, oc_bookmarks_folders_public, oc_polls_preferences, oc_systemtag_object_mapping, oc_maps_photos, oc_calendar_appt_configs, oc_circle_members, oc_music_podcast_channels, oc_passwords_session, oc_notifications, oc_oauth2_access_tokens, oc_phonetrack_geofences, oc_analytics_dataset, oc_polls_notif, oc_polls_votes, oc_file_locks, oc_text_documents, oc_schedulingobjects, oc_music_artists, oc_bookmarks_shared_folders, oc_gpxpod_tracks, oc_external_applicable, oc_maps_tracks, oc_calendar_resources, oc_passwords_keychain, oc_eidlogin_eid_continuedata, oc_music_ampache_sessions, oc_richdocuments_direct, oc_maps_devices, oc_notes_meta, oc_bookmarks_tags, oc_maps_device_points, oc_circle_shares, oc_analytics_threshold, oc_polls_comments, oc_collres_resources, oc_trusted_servers, oc_bookmarks_tree, oc_dav_shares, oc_deck_boards, oc_group_folders, oc_known_users, oc_calendar_resources_md, oc_music_podcast_episodes, oc_oauth2_clients, oc_analytics_whats_new, oc_accounts_data, oc_passwords_tag_rv, oc_passwords_registration, oc_phonetrack_shares, oc_mounts, oc_circle_groups, oc_federated_reshares, oc_storages, oc_webauthn, oc_phonetrack_proxims, oc_deck_stacks, oc_polls_log, oc_calendar_invitations, oc_passwords_password_rv, oc_music_genres, oc_share_external, oc_properties, oc_phonetrack_pubshares, oc_collres_accesscache, oc_group_folders_trash, oc_phonetrack_filtersb, oc_appconfig, oc_music_tracks, oc_bruteforce_attempts, oc_cards_properties, oc_gpxpod_directories, oc_twofactor_providers, oc_circle_gsevents, oc_notifications_settings, oc_music_radio_stations, oc_phonetrack_sessions, oc_passwords_password, oc_cards, oc_polls_share, oc_vcategory, oc_maps_address_geo, oc_ldap_group_mapping, oc_filecache_extended, oc_addressbookchanges, oc_bookmarks, oc_flow_operations, oc_news_items, oc_group_admin, oc_jobs, oc_analytics_report, oc_music_albums, oc_polls_polls, oc_whats_new, oc_flow_operations_scope, oc_systemtag_group, oc_cookbook_names, oc_calendarsubscriptions, oc_analytics_facts, oc_directlink, oc_external_options, oc_activity, oc_group_folders_acl. Weitere Informationen findest du in der Dokumentation .

4. The webserver is not properly configured for resolution of ‘.well-known’ URLs. Error at ‘.well-known/caldav’. More information you find at the documentation.

Salut @matalb

Est-ce que tu retrouves bien l’adresse de ton serveur dans ton fichier config.php ?

So far, I managed Nextcloud using web admin. I will try to find config.php and analyse it.

To read this file: sudo cat /var/www/nextcloud/config/config.php
Check these lines:

  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => '...'
   [...]
  'overwrite.cli.url' => '...'

Thank you for this hint.

The interesting lines are:

'trusted_domains' =>
array (
  0 => 'localhost',
  1 => 'mydomain.tld'
),
...
'overwrite.cli.url' => 'https://mydomain.tld/nextcloud',
...

mydomain.tld being the correct domain and the latter is my nextcloud url indeed.

Does that seem reasonable?

What does nslookup mondomain.tld return?

Your nextcloud is installed on a path. If you can, create a dedicated subdomain and move it to the root of the subdomain.

Then recheck the nextcloud admin for errors.

Fix db using :

sudo yunohost app shell nextcloud 
php occ maintenance:repair --include-expensive

Is there anything in the yunohost diagnosis?

nslookup returns (using mydomain.tld):

Server:      127.0.0.1
Address:   127.0.0.1#53

Name:       mydomain.tld
Address:    127.0.0.1
Name:   mydomain.tld
Address:    ::1
Name:    mydomain.tld
Address:   (my server's ipv6 address)

What do you mean with "move it to the root of the subdomain?

The yunohost diagnosis does not tell any problems. At first, ports not reachable from outside were reported (4443 and 10000). Those don’t show up after deinstallation of Jitsi Meet.

Install it on mydomain.tld and not mydomain.tld/nextcloud

Uh… Try this

curl -vk https://mydomain.tld/remote.php/webdav/

Did it work before ?

It did work before and still works. Those error notifications came from the Nextcloud Services app which is not very reliable as I now know.

I deleted my Nextcloud account from Davx5 and reconnected it, this time with a Nextcloud App password: again, it works fine, this time without any error messages.

This morning, the state of my Nextcloud instance is bad: on web, it changes between Timeout, Too many requests and unspecified error. So I cannot access Nextcloud settings anymore.

Davx5 reports many connection errors.

I might try what @jarod5001 suggest: change to a dedicated subdomain. I discovered the setting in Yunohost web Armin.

Check mydomain.tld/nextcloud logs in webmin > tools > services.

I might try what @jarod5001 suggest: change to a dedicated subdomain. I discovered the setting in Yunohost web Armin.

Changing to a subdomain had no positive effect. I changed it back to mydomain.tld/nextcloud

The problems I reported are present mostly on mobile (Android). On my smartphone, many apps connected to Nextcloud are extremely slow or timed out.
On my computer, I can view the admin settings and all of Nextcloud with the web browser without problems.

The first two error messages in the admin settings are (the second is new):

1. Your web server is not yet properly set up to allow file synchronization, because the WebDAV interface seems to be broken. To allow this check to run you have to make sure that your Web server can connect to itself. Therefore it must be able to resolve and connect to at least one of its trusted_domains or the overwrite.cli.url. This failure may be the result of a server-side DNS mismatch or outbound firewall rule.
2. [new] Your remote address was identified as “2003:f6:…” (some ipv6 address) and is brute-force throttled at the moment slowing down the performance of various requests. If the remote address is not your address this can be an indication that a proxy is not configured correctly.

Point 2. is new and might coincide with the extreme slowness on mobile clients. The ipv6 address indicated is not the address shown on the web admin of my router. But why is this address throttled?

After reconnecting the internet router, the error 2. now reported a ipv4 remote address which isn’t my router’s address either.

In my config/config.php which I posted earlier, the trusted_domains don’t contain a ipv4 address. Is that a potental problem?

The logs under administration settings / Logging contain this error multiple times:

[PHP] Error: Declaration of Psr\Log\AbstractLogger::emergency(Stringable|string $message, array $context = []) must be compatible with Psr\Log\LoggerInterface::emergency(Stringable|string $message, array $context = []): void at /var/www/nextcloud/apps/workflow_kitinerary/vendor/psr/log/src/LoggerTrait.php#23
	OPTIONS /nextcloud/remote.php/webdav
	from (MYIPV4ADDRESS) by -- at May 28, 2025, 9:24:51 AM

These log entries refer to throttled ip address:

[core] Warning: Login failed: 'admin' (Remote IP: MYREMOTEIPV4ADDRESS)
	GET /nextcloud/index.php/apps/files/preview-service-worker.js
	from MYREMOTEIPV4ADDRESS by -- at May 28, 2025, 9:08:51 AM

[core] Info: Bruteforce attempt from MYREMOTEIPV4ADDRESS detected for action "login".
	GET /nextcloud/index.php/apps/files/preview-service-worker.js
	from MYREMOTEIPV4ADDRESS by -- at May 28, 2025, 9:08:51 AM

...

[no app in context] Info: IP address throttled because it reached the attempts limit in the last 30 minutes [action: login, delay: 25000, ip: MYREMOTEIPV4ADDRESS]
	GET /nextcloud/index.php/apps/files/preview-service-worker.js
	from MYREMOTEIPV4ADDRESS by -- at May 28, 2025, 9:27:34 AM

[no app in context] Info: IP address blocked because it reached the maximum failed attempts in the last 30 minutes [action: login, ip: MYREMOTEIPV4ADDRESS]
	GET /nextcloud/index.php/apps/files/preview-service-worker.js
	from MYREMOTEIPV4ADDRESS by -- at May 28, 2025, 9:28:09 AM

No idea why there are ‘admin’ login attempts from my ip address.
And why is there a severe performance delay from my Android Smartphone? Maybe one uses ipv4 and the other ipv6 address?
This and the computer are on the same Wifi network connected to the internet router.

Normally, no — as long as name resolution is working correctly. Have you recently switched from IPv4 to IPv6 on your machines?
You need to find out which machines correspond to the suspected brute-force IPv4 and IPv6 addresses that are being banned by Nextcloud.
To start debugging, gradually add to Nextcloud’s whitelist the IP addresses you know to be trusted (nextcloud >admin >security) (You might also need to unban some of those IPs from Fail2Ban).
Then, you’ll see whether it’s necessary and useful to modify the trusted_domains list.

I did the following:

• uninstalled the “Automated kitinerary parsing” Nextcloud app because it was mentioned in the Logging errors. This seems to prevent the corresponding logging errors
• In the Nextcloud sync settings, there was a red error block indicating the sync folder connected to two accounts. The recommendation was to remove old .sync*.db folders, which I did by moving it outside of my local Nextcloud folder on the computer disk. This seems to prevent the Webdav error on the administrator settings, but I am not sure of that.

Now I try to find the remaining problems.

One day later, the errors in the security and setup administrator settings seem to have vanished. I’ll observe them further.

The remaining “minor” issues are:

• Incorrect row format found in your database. ROW_FORMAT=Dynamic offers the best database performances for Nextcloud. Please update row format on the following list: oc_calendar_reminders, oc_cookbook_keywords, … and many more …
• There is an inactive LDAP configuration: s01
• 1 warning in the logs since May 22, 2025, 1:06:11 PM
• Integrity checker has been disabled. Integrity cannot be verified.
• Your installation has no default phone region set. This is required to validate phone numbers in the profile settings without a country code. To allow numbers without a country code, please add “default_phone_region” with the respective ISO 3166-1 code of the region to your config file. For more details see the documentation