Commit Graph

347 Commits

Author SHA1 Message Date
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Roeland Jago Douma 72464f1ce4
Remove asset pipelin
Fixes #215

The asset pipeline has shown to do more harm than good. Some apps fail
hard with it. Also it makes sure that you download a huge file on each
unvisited page.
2016-07-15 20:14:11 +02:00
Joas Schilling bb287c0036
Fix warnings from building docs 2016-07-13 14:30:50 +02:00
Lukas Reschke c8ba8f637e Merge pull request #314 from jernst/master
Allow wildcard * to be used in trusted domains
2016-07-07 19:34:11 +02:00
Johannes Ernst c2309f1bcd Extended documentation on trusted_domains to cover ports and wildcards. 2016-07-07 16:23:20 +00:00
Morris Jobke 68b03a0eab Fix config sample text 2016-07-06 08:59:38 +02:00
Thomas Pulzer 90b7f74da7 Changed name of default logfile from owncloud.log to nextcloud.log. 2016-07-04 11:50:32 +02:00
Patric Lenhart 46d6839914 replaced ownCloud by Nextcloud in config sample 2016-06-20 20:00:18 +02:00
= 60f4f99002 revise updater.server.url to reflect nextcloud.org URL, also it's comment 2016-06-16 09:16:20 -04:00
Joas Schilling 1d2cdfb9fd
Fix URL for client downloads 2016-06-01 16:58:57 +02:00
Vincent Petry b5f455f5ac Merge pull request #24812 from owncloud/fkammer-enhancement-cache-folder-gc-ttl
Make chunk cache ttl configurable
2016-05-25 11:07:31 +02:00
Christoph Wurst a922957f76
add default token auth config on install, upgrade and add it to sample config 2016-05-24 18:02:52 +02:00
Vincent Petry 51b0036d8f
Changed labels of chunk TTL to mention chunks 2016-05-24 15:18:56 +02:00
Frederik Kammer 299520b322
Add config value for cache gc ttl 2016-05-24 14:55:26 +02:00
Carla Schroder 1f12551329 clarify filesystem_check_changes in config.sample.php 2016-05-23 09:25:51 -07:00
Joas Schilling 92c21fd6f4
Do not lock the cron anymore so we can have multiple workers 2016-05-21 01:59:25 +02:00
Lukas Reschke 52add798d4 Do not automatically try to enable index.php-less URLs (#24539)
The current logic for mod_rewrite relies on the fact that people have properly configured ownCloud, basically it reads from the `overwrite.cli.ur
l` entry and then derives the `RewriteBase` from it.

This usually works. However, since the ownCloud packages seem to install themselves at `/owncloud` (because subfolders are cool or so…) _a lot_ of people have just created a new Virtual Host for it or have simply symlinked the path etc.

This means that `overwrite.cli.url` is wrong, which fails hard if it is used as RewriteBase since Apache does not know where it should serve files from. In the end the ownCloud instance will not be accessible anymore and users will be frustrated. Also some shared hosters like 1&1 (because using shared hosters is so awesome… ;-)) have somewhat dubious Apache configurations or use versions of mod_rewrite from the mediveal age. (because updating is money or so…)

Anyhow. This makes this explicitly an opt-in configuration flag. If `htaccess.RewriteBase` is set then it will configure index.php-less URLs, if
admins set that after installation and don't want to wait until the next ownCloud version they can run `occ maintenance:update:htaccess`.

For ownCloud 9.0 we also have to add a repair step to make sure that instances that already have a RewriteBase configured continue to use it by copying it into the config file. That way all existing URLs stay valid. That one is not in this PR since this is unneccessary in master.

Effectively this reduces another risk of breakage when updating from ownCloud 8 to ownCloud 9.

Fixes https://github.com/owncloud/core/issues/24525, https://github.com/owncloud/core/issues/24426 and probably some more.
2016-05-12 09:43:26 +02:00
Jörn Friedrich Dreyer e03f9e8103 allow configuration of memcached options (#23729)
* allow configuration of memcache options

Use production values for memcached as explained in http://apprize.info/php/scaling/15.html

The current implementiation uses ascii based serialization. This PR should reduce traffic to the memcached server.

cc @MorrisJobke @FelixBoehm

* add config sample

* merge config options, throw hint on config error

* fix typo

* fix config sample
2016-05-11 19:38:00 +02:00
Lukas Reschke 8b428d84c0
Make update server URL configurable
Currently testing the updates is a big problem and not really super easy possible. Since we now have a new updater server we should also make this configurable so that people can properly test updates.
2016-05-09 11:25:58 +02:00
Roeland Douma 0c5f915377 Merge pull request #24054 from owncloud/data_fingerprint
Add data-fingerprint property
2016-04-19 14:24:27 +02:00
Lukas Reschke 51975d360a Merge pull request #24037 from owncloud/file_versions_default
link to file_versioning.rst
2016-04-18 21:13:30 +02:00
Thomas Müller 739dfb5c66
Suggest cli based updater in case the instance is bigger - #23913 2016-04-18 17:09:21 +02:00
Roeland Jago Douma 1fa13f666b
Add config text 2016-04-18 16:08:27 +02:00
Carla Schroder 912693af49 link to file_versioning.rst
which describes files_versions and config.php settings
backports to 8.2
2016-04-15 12:04:45 -07:00
Joas Schilling 04232cdcdb
Fix deprecated usages
Warning: -convert-to is deprecated.  Use --convert-to instead.
Warning: -outdir is deprecated.  Use --outdir instead.
2016-04-15 10:50:18 +02:00
Thomas Müller dc061bae42
Kill movable 3rdparty 2016-04-14 17:59:49 +02:00
Thomas Müller 91e73328b8 Document an example wait timeout for MySQL in case the web hoster is killing the connection too early - fixes #15407
This reverts commit e9a9af3493.
2016-04-12 15:10:39 +02:00
Thomas Müller e9a9af3493 Revert "Document an example wait timeout for MySQL in case the web hoster is killing the connection too early - fixes #15407"
This reverts commit acad7b30be.
2016-04-12 15:09:50 +02:00
Thomas Müller acad7b30be Document an example wait timeout for MySQL in case the web hoster is killing the connection too early - fixes #15407 2016-04-12 15:08:12 +02:00
Robin Appelman cdedda99e4 Make lock ttl configurable 2016-04-07 08:24:13 +02:00
Phil Davis 8e70351bda Minor grammar in config.sample.php
Fix this here in the source so it will propogate into the documentation.
Edit was already applied in https://github.com/owncloud/documentation/pull/2208 but needs to be done here at the source.
2016-03-03 04:31:57 +05:45
RealRancor 4a0d91a043 Add Versions app header to config.sample.php 2016-03-02 12:51:04 +01:00
Robin Appelman 49d3a7d0bb add config sample 2016-03-01 15:29:19 +01:00
Morris Jobke 0a66734416 Revert "setting to skip migration tests by default" 2016-02-03 12:59:47 +01:00
Thomas Müller 85174d8526 Merge pull request #22084 from owncloud/configphp-fixes
small corrections; Web is capitalized, webroot is one lowercase word
2016-02-03 11:35:43 +01:00
Carla Schroder 7d49bb6323 small corrections; Web is capitalized, webroot is one lowercase word 2016-02-03 10:06:44 +01:00
Morris Jobke 2e444e6e37 setting to skip migration tests by default
* if you install owncloud via package it is not
  possible to skip migration tests
* this also allows to disable migration tests for
  an instance by default
2016-02-03 09:08:27 +01:00
Vincent Petry 899f9bd113 Allow custom implementation of system tag managers
Added config.php option to replace the default implementation of system
tag manager and system tag object mapper.

Also adjusted the comments manager factory to inject the server container
2016-01-20 16:36:10 +01:00
Roeland Jago Douma 67b7ebccd1 [Share 2.0] Add share provider factory
* Add providers
* Add share manager to server container
* Use share manager from server container
* Properly get the share manager
2016-01-13 16:35:14 +01:00
Thomas Müller eac5d9fb3a Merge pull request #21336 from owncloud/system-root-certs
Allow admins to add system wide root certificates
2016-01-12 15:01:46 +01:00
Robin Appelman 0d0377ebfb Add a config option to enable certificate management 2016-01-12 12:58:45 +01:00
Morris Jobke 8b6b042ffd Add config switch to disable the .well-known URL check 2016-01-12 09:53:23 +01:00
Thomas Müller 71999ef820 Merge pull request #21139 from owncloud/makeswifturltypeconfigurable
make url type configurable
2016-01-08 12:34:58 +01:00
Robin Appelman 32fe3a7d5e remove mention of 'filesystem_check_changes' => 2 from the config sample 2016-01-07 08:57:15 +01:00
JohannesKleine c95d1b2625 Update config.sample.php
I corrected the word order.
2015-12-31 14:48:19 +01:00
blizzz 99e25cded9 enforce_home_folder_naming_rule cannot be configured in config.php 2015-12-16 21:50:47 +01:00
Jörn Friedrich Dreyer eae8500a86 make url type configurable 2015-12-11 10:19:28 +01:00
Arthur Schiwon 2ce2de0ae5 add icommentsmanger and icomment implementation
register CommentsManager service, allow override, document in config.sample.php

don't insert autoincrement ids in tests, because of dislikes from oracle and pgsql

specify timezone in null date

only accepts strings for ID parameter that can be converted to int

replace forgotten hardcoded IDs in tests

react on deleted users

react on file deletion

Postgresql compatibility

lastInsertId needs *PREFIX* with the table name

do not listen for file deletion, because it is not reliable (trashbin, external storages)

add runtime cache for comments
2015-12-09 14:34:23 +01:00
Joas Schilling 87bc02c6cd Allow specifying a custom reset-password-url 2015-12-07 15:41:40 +01:00
Lukas Reschke 2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00