宝塔面板部署NextCloud（14.0.3）逐一解决后台安全

方才把NextCloud更新到14.0.3，后台又出现了一堆警告，也是够烦的。

 

之前写过 宝塔面板安装NextCloud一一搞定后台safe及设置警告，这个是基于Nextcloud 13.x的，因而就再补充记载一下搞定如下的警告。

 

Use of the the built in php mailer is no longer supported. Please update your email server settings
您的网页服务器未准确设置以解析“/.well-known/caldav”
您的网页服务器未准确设置以解析“/.well-known/carddav”
The database is missing some indexes. Due to the fact that adding indexes on big tables could take some time they were not added automatically. By running “occ db:add-missing-indices” those missing indexes could be added manually while the instance keeps running. Once the indexes are added queries to those tables are usually much faster.
在数据表 “oc_share” 中没法找到索引 “parent_index” .
在数据表 “oc_filecache” 中没法找到索引 “fs_mtime” .
HTTP的请求头 “Referrer-Policy” 未设置为 “no-referrer”, “no-referrer-when-downgrade”, “strict-origin” or “strict-origin-when-cross-origin”. 这会导致信息泄露. 请查阅 W3C 提议

 

1.Use of the the built in php mailer is no longer supported. Please update your email server settings

粗心就是php自带的mail组件不再被nextcloud支持，需要使用smtp方法发送邮件。

 

实则就是让你设置1个smtp服务器信息，便于发送邮件，关于SMTP这里不再详述。

 

2.您的网页服务器未准确设置以解析“/.well-known/caldav”及您的网页服务器未准确设置以解析“/.well-known/carddav”

这两个警告能一齐搞定，出现该提示一般是由于这两个路径的伪静态设置有问题，导致没法一般访问。

 

搞定方式就是增加两行重定向配置

 

rewrite /.well-known/carddav /remote.php/dav permanent;

rewrite /.well-known/caldav /remote.php/dav permanent;

 

3.The database is missing some indexes. Due to the fact that adding indexes on big tables could take some time they were not added automatically. By running “occ db:add-missing-indices” those missing indexes could be added manually while the instance keeps running. Once the indexes are added queries to those tables are usually much faster.

在数据表”oc_share” 中没法找到索引”parent_index”
在数据表”oc_filecache” 中没法找到索引”fs_mtime”

 

粗心是说，数据库的一些索引丧失了，需要使用OCC修复一下。OCC是owncloud的command行，而nextcloud又是基于owncloud开拓的，因而需要用到OCC来修复丧失的数据库索引。

 

修复command为：

 

php occ db:add-missing-indices

 

SSH进入服务器nextcloud的根目录，并执行修复command

 

出现如下错误

 

Console has to be executed with the user that owns the file config/config.php
Current user: root
Owner of config.php: www
Try adding ‘sudo -u www ‘ to the beginning of the command (without the single quotes)

 

好吧，需要使用www使用者权限来修正，再次执行

 

sudo -u www php occ db:add-missing-indices

 

修复成功！

 

4.HTTP的请求头 “Referrer-Policy” 未设置为 “no-referrer”, “no-referrer-when-downgrade”, “strict-origin” or “strict-origin-when-cross-origin”. 这会导致信息泄露

粗心是，需要设置1个Referrer-Policy请求头来提升safe性。Nginx配置文件里增加：

 

add_header Referrer-Policy "no-referrer";

 

======================================================

 

至此，Nextcloudupgrade到14.0.3后出现的一些新的警告提示已全部覆灭彻底

 

 

 

 

原文链接：https://host.fubi.hk/foreshadowinghost/zhishiku/20181026/8429.html