[Nextcloud 29.0.4] Warnings about incorrect headers set-up

babba · August 12, 2024, 6:10pm

Hello!
In the Overview tab of he admin page, I get this warning:

Some headers are not set correctly on your instance - The `Strict-Transport-Security` HTTP header is not set (should be at least `15552000` seconds). For enhanced security, it is recommended to enable HSTS. For more details see the documentation ↗.

But I do not really know how should I solve this issue, even after looking at the linked documentation.
My setup is:

Nextcloud 29.0.4
UmbrelOS 1.2.2
Raspberry Pi 4

Please let me know if I can give you further information.

denny · August 12, 2024, 8:21pm

No problem!

Open a terminal and type:

sudo nano ./umbrel/app-data/nextcloud/data/nextcloud/.htaccess

Add the following line to your .htaccess file:

Header set Strict-Transport-Security "max-age=15552000"

That should have been it!

babba · September 11, 2024, 11:14pm

Thanks! It worked

denny · September 14, 2024, 6:30pm

I’m glad I could help you!

Topic		Replies	Views
Nextcloud Update to v29.0.4 - Error messages and security warnings General Discussions	18	493	August 27, 2024
Nextcloud passwords Support and Troubleshooting	7	52	September 13, 2024
[umbrelOS 1.2 beta] nextcloud runs but i cannot access it Support and Troubleshooting	2	83	June 11, 2024
Nextcloud Broken After Update to 0.4.1 Support and Troubleshooting	0	957	August 20, 2021
Nextcloud broke after 25.0.1 upgrade Support and Troubleshooting	52	3326	August 29, 2024

[Nextcloud 29.0.4] Warnings about incorrect headers set-up

Related topics