[Bug]: Your web server is not properly set up to resolve "/ocm-provider/" warning after update to 27.1.4

[ScrambleTheRamble]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

The following warning is displayed post update to 27.1.4 in my Admin Overview page:

Your web server is not properly set up to resolve "/ocm-provider/". This is most likely related to a web server configuration that was not updated to deliver this folder directly. Please compare your configuration against the shipped rewrite rules in ".htaccess" for Apache or the provided one in the documentation for Nginx at it's documentation page ↗. On Nginx those are typically the lines starting with "location ~" that need an update.

As far as I can tell everything still seems to work, so it seems unrelated to #39549

Steps to reproduce

1. Log into Ubuntu server
2. Start the updater: cd /var/www/html/nextcloud/updater/; sudo -u www-data php updater.phar

Expected behavior

No errors or warnings in overview

Installation method

Community Manual installation with Archive

Nextcloud Server version

27

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.1

Web server

Apache (supported)

Database engine version

MySQL

Is this bug present after an update or on a fresh install?

Updated from a MINOR version (ex. 22.1 to 22.2)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "files.metalheads.be"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "27.1.4.1",
        "overwrite.cli.url": "https:\/\/files.metalheads.be",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.local": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "default_phone_region": "BE",
        "maintenance": false,
        "theme": "",
        "loglevel": 2
    }
}

List of activated Apps

Enabled:
  - activity: 2.19.0
  - bruteforcesettings: 2.7.0
  - calendar: 4.5.3
  - circles: 27.0.1
  - cloud_federation_api: 1.10.0
  - comments: 1.17.0
  - contacts: 5.4.2
  - contactsinteraction: 1.8.0
  - dashboard: 7.7.0
  - dav: 1.27.0
  - deck: 1.11.1
  - encryption: 2.15.0
  - federatedfilesharing: 1.17.0
  - federation: 1.17.0
  - files: 1.22.0
  - files_pdfviewer: 2.8.0
  - files_reminders: 1.0.0
  - files_rightclick: 1.6.0
  - files_sharing: 1.19.0
  - files_trashbin: 1.17.0
  - files_versions: 1.20.0
  - firstrunwizard: 2.16.0
  - logreader: 2.12.0
  - lookup_server_connector: 1.15.0
  - news: 24.0.0
  - nextcloud_announcements: 1.16.0
  - notes: 4.8.1
  - notifications: 2.15.0
  - oauth2: 1.15.1
  - password_policy: 1.17.0
  - photos: 2.3.0
  - privacy: 1.11.0
  - provisioning_api: 1.17.0
  - recommendations: 1.6.0
  - related_resources: 1.2.0
  - richdocuments: 8.2.3
  - richdocumentscode: 23.5.503
  - serverinfo: 1.17.0
  - settings: 1.9.0
  - sharebymail: 1.17.0
  - spreed: 17.1.3
  - support: 1.10.0
  - survey_client: 1.15.0
  - systemtags: 1.17.0
  - tasks: 0.15.0
  - text: 3.8.0
  - theming: 2.2.0
  - twofactor_backupcodes: 1.16.0
  - updatenotification: 1.17.0
  - user_status: 1.7.0
  - viewer: 2.1.0
  - weather_status: 1.7.0
  - workflowengine: 2.9.0
Disabled:
  - admin_audit: 1.17.0
  - files_external: 1.19.0
  - suspicious_login: 5.0.0
  - twofactor_totp: 9.0.0
  - user_ldap: 1.17.0

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

No response

Additional info

No response

[ScrambleTheRamble]

Seems this is the cause:

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{HTTP_USER_AGENT} DavClnt
  RewriteRule ^$ /remote.php/webdav/ [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
  # RewriteRule ^ocm-provider/?$ index.php [QSA,L]
  RewriteRule ^ocm-provider /index.php [QSA,L]  
  RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>

Replacing that commmented rewriterule works for resolving the issue, if someone else can doublecheck I'd appreciate it.

[joshtrichards]

If you set your htaccess.rewritebase appropriately for "Pretty Urls" you should be able to use the original line as distributed:

https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html#htaccess-rewritebase

https://docs.nextcloud.com/server/latest/admin_manual/installation/source_installation.html#pretty-urls

For any further context, see #40803 (and others). But the above should be all you need.

[dd5fz]

After updating to Nextcloud Hub 7 (28.0.1), I'm still getting this error message (Your web server is not properly set up to resolve "/nextcloud/ocm-provider/" ) and the various suggested fixes do not appear to work, at least for me.

[luki508]

for me, also on 28.0.1 I'm getting this error message

[Superyorch]

If you set your htaccess.rewritebase appropriately for "Pretty Urls" you should be able to use the original line as distributed:

https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html#htaccess-rewritebase

https://docs.nextcloud.com/server/latest/admin_manual/installation/source_installation.html#pretty-urls

For any further context, see #40803 (and others). But the above should be all you need.

This changed nothing and the error is still there. I am not sure why this was closed when there are multiple reports of this still being an issue.

[egpgit]

I just upgraded my NextCloud to 28.0.1 and i get the same error witch ocm-provider

[thisiszeev]

I fixed ocm-provider and a bunch of other faults being reported by editing one entry in /etc/apache2/apache2.conf

<Directory /var/www/>
	Options Indexes FollowSymLinks
	#AllowOverride None
	AllowOverride All
	Require all granted
</Directory>

Replace AllowOverride None with AllowOverride All then restarted Apache2 and it worked.

[cliffordsnow]

@thisiszeev Changing AllowOverride from None to All fixed a bunch of warnings but not the ocm-provider or ocs-provider. Could you provide your apache2.conf and your nextcloud.conf to see if I can why my warnings won't go away.

[Superyorch]

replacing AllowOverride None with All does not fix anything for me.

[joshtrichards]

@cliffordsnow If further help is needed with troubleshooting, pop over to the help forum and post the details about your installation and update method: https://help.nextcloud.com. That way your specific situation can be looked at closer.

[Superyorch]

there are hundreds of posts in help.nextcloud.com reporting the same issue. Many of them suggest some changes in htaccess and others to the apache.conf file but still the problem is not resolved. That is the reason this still remains a bug and should be addressed as that.

[joshtrichards]

@Superyorch Please share the following:

• output of occ config:list system or equivalent
• what web server you're using (Apache/mod_php or Nginx/PHP-FPM)
• your installation method
• whether you're using a reverse proxy
• whether the following line exists in your .htacccess exactly as it appears here:

  server/.htaccess

  Line 93 in 57d84c5

  RewriteRule ^ocm-provider/?$ index.php [QSA,L]

• the output of occ integrity:check-core or equivalent

replacing AllowOverride None with All does not fix anything for me.

Regardless of whether it resolves the current matter for you, it not being on indicates your environment may not be fully setup. That option being set is a fundamental element of installation and documented in the Admin Manual (https://docs.nextcloud.com). As it happens though, it must also be on for ocm-provider handling.

[Superyorch]

@joshtrichards Here is the info:

**- occ config:list system**
`{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "192.168.0.113",
            "REMOVED.net",
            "REMOVED"
        ],
        "filelocking.enabled": true,
        "filesystem_check_changes": 1,
        "memcache.local": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "cache_path": "\/mnt\/usblinx\/cache_dir",
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "https:\/\/REMOVED.net:443",
        "htaccess.Rewritebase": "\/",
        "dbtype": "mysql",
        "dbtableprefix": "oc_",
        "version": "27.1.7.2",
        "installed": true,
        "maintenance": false,
        "theme": "",
        "loglevel": 2,
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "smtp",
        "mail_smtpsecure": "ssl",
        "mail_smtpauthtype": "LOGIN",
        "mail_smtpauth": 1,
        "mail_sendmailmode": "smtp",
        "updater.release.channel": "stable",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "465",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "allow_local_remote_servers": true,
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "mysql.utf8mb4": true,
        "twofactor_enforced": "true",
        "twofactor_enforced_groups": [],
        "twofactor_enforced_excluded_groups": [],
        "app_install_overwrite": [
            "occweb",
            "nextant",
            "admin_notifications",
            "mindmap_app",
            "mailnotifier"
        ],
        "encryption.legacy_format_support": false,
        "encryption.key_storage_migrated": false,
        "default_phone_region": "MX",
        "versions_retention_obligation": "auto,15",
        "enabledPreviewProviders": [
            "OC\\Preview\\Image",
            "OC\\Preview\\HEIC",
            "OC\\Preview\\TIFF",
            "OC\\Preview\\Movie",
            "OC\\Preview\\MKV",
            "OC\\Preview\\MP4",
            "OC\\Preview\\AVI"
        ],
        "preview_max_memory": 4096,
        "preview_max_filesize_image": 256,
        "memories.gis_type": 1,
        "memories.vod.ffmpeg": "\/usr\/bin\/ffmpeg",
        "memories.vod.ffprobe": "\/usr\/bin\/ffprobe",
        "memories.vod.path": "\/var\/www\/html\/nextcloud\/apps\/memories\/bin-ext\/go-vod-aarch64",
        "memories.vod.disable": false,
        "memories.exiftool_no_local": true,
        "updater.secret": "***REMOVED SENSITIVE VALUE***"
    }
}

• ** Apache/mod_php**
• Installation: Bare metal on RaspberryPi 5
• Reverse proxy = no
• line in .htaccess
  RewriteRule ^ocm-provider/?$ index.php [QSA,L]
• occ integrity:check-core output
  None
• AllowOverride All is on

[joshtrichards]

What happens when you visit the URL:

https://REMOVED.net/ocm-provider

(With your domain of course)

If it fails, please check your Apache error log and access log for clues.

[Superyorch]

it fails with 404 not found. Apache error log shows nothing, access log only displays the GET instruction with the 404 result
[04/Mar/2024:11:09:11 -0600] "GET /ocm-provider/ HTTP/1.1" 404 904 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0"