Page 1 of 1

Configuring NAS / Owncloud 8.2.2. to use HTTPS

PostPosted: Tue Feb 02, 2016 5:04 am
by mdof2
Can someone kindly point me to a reference on configuring Owncloud 8.2.2 for HTTPS access *only*.
I'm having a hard time finding steps on how to do it from the NAS and or configuration settings within Owncloud.
This used to be a simple tick mark in Enterprise, but I've switched to the non-enterprise version recently, and would like this setting enabled as it was prior.

Much thanks!

Re: Configuring NAS / Owncloud 8.2.2. to use HTTPS

PostPosted: Wed Feb 03, 2016 6:25 am
by mdof2
Nobody uses Owncloud over HTTPS?

Re: Configuring NAS / Owncloud 8.2.2. to use HTTPS

PostPosted: Wed Feb 03, 2016 11:21 pm
by sksbir
Hello
Yes I do, but Owncloud 8.0.4 upgraded to 8.1.3 at present time. But it should not be very different.
This is how I have proceed :
- started webserver
- disabled http , enabled https ( of course this is my own choice )
- created a virtualhost : /web/owncloud with https + specific port number.
- mapped only this specific port number to give access from outside my LAN.
- updated /web/owncloud/config/config.php following owncloud installation instructions ( you have to update "trusted domains" )
- installed self signed certificates which worked with my target domain URL

Re: Configuring NAS / Owncloud 8.2.2. to use HTTPS

PostPosted: Wed Feb 03, 2016 11:36 pm
by mdof2
Thank you very much sksbir.
I'll dig around that path you followed and see what I can do.
I'll need to do something slightly different as there are other services that rely on http, so I can't turn off http altogether.
I did find that it can be does via the host file on the NAS through SSH/puTTy but my preferred method was via the app config or via the asustor admin GUI.

Thanks again for sharing your experience.

Re: Configuring NAS / Owncloud 8.2.2. to use HTTPS

PostPosted: Thu Feb 04, 2016 4:26 pm
by sksbir
you are welcome :)
Then I think that best way is to create an other virtual hosts mapped to another sub-folder ( eg /web/mywebserver ) and using port 80, give an arbitrary port other than 80 to the main web server ( or perhaps disable it ? I did not test if virtualhosts still work if main protocol is disabled in control panel ) that is NOT accessible from outside your LAN.
You have to move your content what is stored in /web to /web/mywebserver ( /web/owncloud excluded of course ! ) .

After that, you will be sure that /web/owncloud is not accessible in an other way than threw it's own associated virtualhost.

Re: Configuring NAS / Owncloud 8.2.2. to use HTTPS

PostPosted: Thu Feb 04, 2016 9:39 pm
by mdof2
sksbir wrote:Then I think that best way is to create an other virtual hosts mapped to another sub-folder ( eg /web/mywebserver ) and using port 80, give an arbitrary port other than 80 to the main web server ( or perhaps disable it ? I did not test if virtualhosts still work if main protocol is disabled in control panel ) that is NOT accessible from outside your LAN.
You have to move your content what is stored in /web to /web/mywebserver ( /web/owncloud excluded of course ! ) .

After that, you will be sure that /web/owncloud is not accessible in an other way than threw it's own associated virtualhost.


That's a giant band aid of trouble looking to fix a very simple problem.
I'll go back to doing it though an .htaccess file.

Re: Configuring NAS / Owncloud 8.2.2. to use HTTPS

PostPosted: Thu Feb 04, 2016 9:43 pm
by sksbir
Of course. with .htaccess.... :)
but you wrote finding steps on how to do it from the NAS and or configuration settings within Owncloud, so this is a good way for people who don't really know how to use ssh vi and so one...

Re: Configuring NAS / Owncloud 8.2.2. to use HTTPS

PostPosted: Thu Feb 04, 2016 9:54 pm
by mdof2
htaccess doesn't require ssh or vi.
It's a simple notepad file in a folder, readily accessible, to anyone.

Configuring the Apache hosts file in the NAS based on the instructions from Owncloud is the alternative which requires SSH/VI, etc. Which I assure you, your average Asustor NAS owner isn't going to do. Which is even more surprising that people run cloud based services off their NAS lacking security. htaccess doesn't correctly fix the problem, but it gets me closer than being wide open to hackers.