How to install OwnCloud 10 on Ubuntu Server 16.04 LTS

Post Reply
User avatar
LHammonds
Site Admin
Site Admin
Posts: 660
Joined: Fri Jul 31, 2009 6:27 pm
Are you a filthy spam bot?: No
Location: Behind You
Contact:

How to install OwnCloud 10 on Ubuntu Server 16.04 LTS

Post: # 535Post LHammonds
Sun Oct 01, 2017 8:58 am

Greetings and salutations,

I hope this thread will be helpful to those who follow in my foot steps as well as getting any advice based on what I have done / documented.

High-level overview

OwnCloud is a web application that can store and serve content from a centralized location, much like Dropbox. The difference is that ownCloud allows you to host the serving software on your own machines, taking the trust issues out of putting your personal data someone else's server.

This tutorial will cover how to manually setup an ownCloud server which will use a separate dedicated database server and SSL encryption.

Advantages of manually installing ownCloud:
* Can use the latest version of ownCloud currently available (Repository rarely contains latest version)
* Are not forced to install MySQL locally (handy if you have a dedicated database server)
* Can install where you want (such as standard / well-known locations)

Disadvantages of manually installing ownCloud:
* Will not automatically update the system via "apt-get update" (although you are not guaranteed you get the latest this way either...just the latest in the repository)
* Not as easy to install

The server will be installed inside a virtual machine in vSphere running on ESXi servers. Notes will also be supplied for doing the same thing for VirtualBox on a Windows 7 PC. Although there are some VMware-specific and VirtualBox-specific steps, they are very few and the majority of this documentation will work for other Virtual Machines or even directly installed onto a physical machine (e.g. bare-metal install). If you have any advice on doing things better, please let me know by replying to the Ubuntu forums thread above.

Tools utilized in this process
Helpful links

The list below are sources of information that was helpful in the creation of this document.
Assumptions

This documentation will need to make use of some very-specific information that will most-likely be different for each person / location. And as such, this information will be noted in this section. They will be highlighted in red throughout the document as a reminder that you should plug-in your own value rather than actually using these "place-holder" values.

Under no circumstance should you use the actual values listed below. They are place-holders for the real thing. This is just a checklist template you need to have answered before you start the install process.

Wherever you see RED in this document, you need to substitute it for you will use in your environment.
  • Internet domain: owncloud.mydomain.com
  • Ubuntu Server name: srv-owncloud
  • Ubuntu Server IP address: 192.168.107.9
  • Database Server Name (remote): srv-mysql
  • Database Server IP (remote): 192.168.107.20
  • Database Admin ID: root
  • Database Admin Password: rootpass
  • Database ID: ownclouduser
  • Database Password: ownclouduserpass
  • Email Server Name (remote): srv-mail
  • Email Server IP (remote): 192.168.107.25
  • Ubuntu Admin ID: administrator
  • Ubuntu Admin Password: myadminpass
ownCloud Ubuntu Server - Setup an Ubuntu server for use as the ownCloud server. This tutorial assumes the server was configured according to this tutorial: How to install and configure Ubuntu Server

MySQL/MariaDB server - Setup a separate and dedicated database server. This tutorial assumes the server was configured according to this tutorial: How to install and configure MariaDB

It is also assumed the reader knows how to use the VI editor. If not, you will need to beef up your skill set or use a different editor in place of it.

User avatar
LHammonds
Site Admin
Site Admin
Posts: 660
Joined: Fri Jul 31, 2009 6:27 pm
Are you a filthy spam bot?: No
Location: Behind You
Contact:

Prior to install

Post: # 536Post LHammonds
Sun Oct 01, 2017 9:05 am

Name Resolution

Add your owncloud domain(s) so they point to the local loopback (127.0.0.1)
Add your other remote servers such as your mail and database server IPs so you can reference them by name.

Code: Select all

vi /etc/hosts

Code: Select all

127.0.0.1       localhost
127.0.1.1       srv-owncloud
127.0.0.1	owncloud.mydomain.com
192.168.107.25  srv-mail
192.168.107.20  srv-mysql
Prerequisites

Install Apache web server:

Code: Select all

apt-get -y install apache2
Install PHP

Code: Select all

apt-get -y install php7.0 libapache2-mod-php7.0 php7.0-mysql
TIP: You can search available PHP packages names by typing this:

Code: Select all

apt-cache search php7.0
TIP: You can see which PHP modules are installed by typing this:

Code: Select all

php -m
The following are required PHP modules:

Code: Select all

ctype
dom - Missing
iconv
json
libxml
mb multibyte - Missing
posix
simplexml - Missing
xmlwriter - Missing
zip - Missing
zlib
Install the missing PHP modules with these packages:

Code: Select all

apt-get -y install php7.0-gd php7.0-zip php7.0-xml php7.0-mbstring

Recommended Modules

The following are recommended PHP modules:

Code: Select all

bz2
curl - Missing
fileinfo
gmp - Missing
intl - Missing
mcrypt - Missing
openssl
Install the missing PHP modules with these packages:

Code: Select all

apt-get -y install php7.0-curl php7.0-gmp php7.0-intl php7.0-mcrypt

Optional Packages

The following are optional PHP modules:

Code: Select all

exif
imagick - Missing
smbclient - Missing
Install the missing PHP modules with these packages:

Code: Select all

apt-get -y install php-imagick php-smbclient
Enable the url rewrite option in Apache:

Code: Select all

a2enmod rewrite
Enable recommended options in Apache:

Code: Select all

a2enmod headers
a2enmod env (probably already enabled)
a2enmod dir (probably already enabled)
a2enmod mime (probably already enabled)
Modify PHP to allow uploading of larger files. In the below example, it allows 2GB uploads.

Code: Select all

vi /etc/php/7.0/apache2/php.ini

Code: Select all

default_charset = "UTF-8"
post_max_size = 2058M
upload_max_filesize = 2048M
Reload Apache for changes to the config to take affect:

Code: Select all

service apache2 reload
PHP Information

To verify Apache, PHP and modules are installed and enabled, lets create the famous phpinfo page.

Code: Select all

touch /var/www/html/phpinfo.php
chown www-data:www-data /var/www/html/phpinfo.php
chmod 0644 /var/www/html/phpinfo.php
vi /var/www/html/phpinfo.php

Code: Select all

<?php
phpinfo();
?>

User avatar
LHammonds
Site Admin
Site Admin
Posts: 660
Joined: Fri Jul 31, 2009 6:27 pm
Are you a filthy spam bot?: No
Location: Behind You
Contact:

Database Configuration

Post: # 537Post LHammonds
Sun Oct 01, 2017 9:06 am

Configure MariaDB / MySQL

In this scenario, a dedicated and general-purpose database server already exists and it will be used to hold the application's database.
  1. Connect to the MariaDB/MySQL server using PuTTY.
  2. At the login prompt, login with your administrator account (administrator / myadminpass) and then temporarily grant yourself super user privileges by typing sudo su
  3. Type the following commands:
    mysql -u root -p Enter password: rootpass
    CREATE DATABASE owncloud CHARACTER SET utf8 COLLATE utf8_bin; CREATE USER 'ownclouduser'@'%' IDENTIFIED BY 'ownclouduserpass'; GRANT ALL ON owncloud.* TO 'ownclouduser'@'%'; FLUSH PRIVILEGES; exit
    The above commands will allow the database account to connect from any machine from anywhere in the world. This might be OK if your database is not accessible outsite your local network or if your machine name changes or you have multiple servers that connect to the same database that use the same ID. You can make this more secure by specifying your application server when granting access. Make sure the database server will recognize the server name (via hosts file or DNS) or just use the IP address:
    CREATE USER 'ownclouduser'@'srv-owncloud' IDENTIFIED BY 'ownclouduserpass'; GRANT ALL ON owncloud.* TO 'nextclouduser'@'srv-nextcloud';
    or
    CREATE USER 'ownclouduser'@'192.168.107.9' IDENTIFIED BY 'ownclouduserpass'; GRANT ALL ON owncloud.* TO 'ownclouduser'@'192.168.107.9';
    This will prevent anyone knowing the credentials from logging into the database from any other remote machine not specified in the grant command.

    If your application is running on the database server (typical on a developer machine / non-production scenario), create the user like this:
    CREATE USER 'ownclouduser'@'localhost' IDENTIFIED BY 'ownclouduserpass'; GRANT ALL ON owncloud.* TO 'ownclouduser'@'localhost';
    This will prevent anyone knowing the credentials from logging into the database from any other remote machine.

    If you mess anything up, you can remove the database and user by issuing these commands:
    DROP USER ownclouduser; FLUSH PRIVILEGES; DROP DATABASE owncloud;
  4. To avoid the "impossible to write to binary log since BINLOG_FORMAT = STATEMENT" error message when accessing the ownCloud page the 1st time which creates the database tables/data, you need to edit the "my.cnf" on the MySQL/MariaDB server to include the following setting:

    Code: Select all

    binlog-format=MIXED
    Then restart the database service:

    Code: Select all

    service mysql restart

User avatar
LHammonds
Site Admin
Site Admin
Posts: 660
Joined: Fri Jul 31, 2009 6:27 pm
Are you a filthy spam bot?: No
Location: Behind You
Contact:

ownCloud Installation

Post: # 538Post LHammonds
Sun Oct 01, 2017 9:16 am

OwnCloud

We are installing manually instead of using the package manager for the following reasons:
  • Can obtain the newer version straight from owncloud's website
  • Don't want MySQL installed on the same server since I have a dedicate DB server (and also would rather use MariaDB)
  • Want to use my own paths rather than the awkward path Ubuntu uses which is different than everyone else.
Default Application - This documentation assumes ownCloud will be the only web service running on this server and as such will configure everything in the default sites. If there were to be multiple applications, you could move configurations to their own .conf files and manage each site them separately.

Code: Select all

cd /tmp
wget https://download.owncloud.org/community/owncloud-10.0.3.zip.md5
wget https://download.owncloud.org/community/owncloud-10.0.3.zip
Verify the file integrity of the download. Compare both numbers and insure they are identical:

Code: Select all

md5sum /tmp/owncloud-10.0.3.zip
a0131f5cae2b1503b8de6796487c1bdc  owncloud-10.0.3.zip

cat /tmp/owncloud-10.0.3.zip.md5
a0131f5cae2b1503b8de6796487c1bdc  owncloud-10.0.3.zip
Extract the archive:

Code: Select all

cd /tmp
unzip /tmp/owncloud-10.0.3.zip
mv /tmp/owncloud /var/www/owncloud
chown www-data:www-data -R /var/www/owncloud/
rm /tmp/owncloud*.zip
rm /tmp/owncloud*.md5
Enable .htaccess for ownCloud

Code: Select all

vi /etc/apache2/sites-available/owncloud.conf
<VirtualHost *:80> ServerAdmin webmaster@localhost ServerName owncloud.mydomain.com DocumentRoot /var/www/owncloud ErrorLog ${APACHE_LOG_DIR}/oc-error.log CustomLog ${APACHE_LOG_DIR}/oc-access.log combined <Directory /var/www/owncloud/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /var/www/owncloud SetEnv HTTP_HOME /var/www/owncloud </Directory> </VirtualHost>
Enable the site configuration:

Code: Select all

a2ensite owncloud
If you need to disable the site in the future:

Code: Select all

a2dissite owncloud
Reload the apache config so it is aware of the modified virtual host

Code: Select all

service apache2 reload
ownCloud Installation Wizard

Now, go to your IP address or domain name in your browser:
Example: http://192.168.107.9/

Create an admin account - Set the Username and Password to become your admin user.
Storage & database - Click this link and select MySQL/MariaDB
In the lower tab below the MySQL/MariaDB, set the following and then click "Finish setup":
username=ownclouduser password=ownclouduserpassword databasename=owncloud databaseserver=srv-mysql

User avatar
LHammonds
Site Admin
Site Admin
Posts: 660
Joined: Fri Jul 31, 2009 6:27 pm
Are you a filthy spam bot?: No
Location: Behind You
Contact:

Post-Installation

Post: # 539Post LHammonds
Sun Oct 01, 2017 9:25 am

Directory Security

These are the recommended modes and ownership for your ownCloud directories and files:
  • All files should be read-write for the file owner, read-only for the group owner, and zero for the world
  • All directories should be executable (because directories always need the executable bit set), read-write for the directory owner, and read-only for the group owner
  • The / directory should be owned by root:www-data
  • The apps/ directory should be owned by www-data:www-data
  • The config/ directory should be owned by www-data:www-data
  • The data/ directory should be owned by www-data:www-data
  • The [ocpath]/.htaccess file should be owned by root:www-data
  • The data/.htaccess file should be owned by root:www-data
  • Both .htaccess files are read-write file owner, read-only group and world
Let's create the script that will enforce the recommended permissions/ownership.

Code: Select all

mkdir -p /var/scripts
touch /var/scripts/owncloud-secure.sh
chown root:root /var/scripts/owncloud-secure.sh
chmod 0755 /var/scripts/owncloud-secure.sh
vi /var/scripts/owncloud-secure.sh

Code: Select all

#!/bin/bash
ocpath='/var/www/owncloud'
htuser='www-data'
find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640
find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750
chown -R root:${htuser} ${ocpath}/
chown -R ${htuser}:${htuser} ${ocpath}/apps/
chown -R ${htuser}:${htuser} ${ocpath}/config/
chown -R ${htuser}:${htuser} ${ocpath}/data/
chown root:${htuser} ${ocpath}/.htaccess
chown root:${htuser} ${ocpath}/data/.htaccess
chmod 0644 ${ocpath}/.htaccess
chmod 0644 ${ocpath}/data/.htaccess
Now just run the script

Code: Select all

/var/scripts/owncloud-secure.sh
You can also schedule the script via crontab to run on a regular basis to make sure the permissions never stay out of whack for long.

Configure for secure (SSL) access

This will create a self-signed certificate that will expire 1,095 days (3 years) from the date it was created. Web browsers will balk about it being untrusted. It will still work but end-users will have to allow this exception unless you pay > $200 for an official SSL certificate issued by a trusted/known authority.

Code: Select all

a2enmod ssl
mkdir -p /etc/apache2/ssl/certs
mkdir -p /etc/apache2/ssl/private
openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -keyout /etc/apache2/ssl/private/owncloud.key -out /etc/apache2/ssl/certs/owncloud.crt
  Country Name: US
  State: MyState
  Locality Name: MyCity
  Organication Name: MyCompany
  Organizational Unit Name: MyDepartment
  Common Name: ownclould.mycompany.com
  Email Address: webmaster@mycompany.com
Create the SSL config

Code: Select all

vi /etc/apache2/sites-available/owncloud-ssl.conf
Set these values:

Code: Select all

<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerName owncloud.mydomain.com:443
                ServerAdmin webmaster@localhost
                DocumentRoot /var/www/owncloud
                ErrorLog ${APACHE_LOG_DIR}/oc-error.log
                CustomLog ${APACHE_LOG_DIR}/oc-access.log combined
                SSLEngine on
                SSLCertificateFile /etc/apache2/ssl/certs/owncloud.crt
                SSLCertificateKeyFile /etc/apache2/ssl/private/owncloud.key
                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
                <IfModule mod_headers.c>
                                Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
                </IfModule>
                BrowserMatch "MSIE [2-6]" \
                                nokeepalive ssl-unclean-shutdown \
                                downgrade-1.0 force-response-1.0
                BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
        </VirtualHost>
</IfModule>
Now we need to enable the SSL site configuration:

Code: Select all

a2ensite owncloud-ssl
service apache2 reload
Force users to use SSL for enhanced security

Code: Select all

a2enmod rewrite

Code: Select all

vi /etc/apache2/sites-available/owncloud.conf

Code: Select all

<VirtualHost *:80>
        #### Redirect to port 443 ###
        RewriteEngine on
        ReWriteCond %{SERVER_PORT} !^443$
        RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
        #### End of Redirection configuration ###

        ServerAdmin webmaster@localhost
        ServerName owncloud.mydomain.com
        DocumentRoot /var/www/owncloud
        ErrorLog ${APACHE_LOG_DIR}/oc-error.log
        CustomLog ${APACHE_LOG_DIR}/oc-access.log combined
        <Directory /var/www/owncloud/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>
Reload the updated configuration for Apache:

Code: Select all

service apache2 reload
Configure ownCloud Settings

Now, go to your IP address or domain name in your browser:
Example: http://192.168.107.9/

It should automatically re-direct to https://192.168.107.9/ for secured SSL connection.

Login with your admin account and click on top-right side, YourAdminName -> Admin

When the configuration check is complete, it should say "No problems found" if you did everything right (e.g. using SSL, .htaccess, etc.)

Email Server - Setup your mail sending capability here (choices vary depending on your mail server):
Send mode: smtp Encryption: SSL From address: owncloud@mydomain.com Authentication method: Login Check: Authentication required Server address: mail.mydomain.com : 25 Credentials: smtpuser Password: smtppassword
On the top-left, click Apps -> +Apps and click the "Recommended" link on the left.
Enable the following apps:
  • Calendar
  • Contacts
  • Search Lucene
  • Documents
  • Bookmarks
Add Users

While logged in with your admin user, click on top-right side, YourAdminName -> Users
Click the "gear" icon on the lower-left corner to display settings.
Note the default space quota is set to Unlimited. You can configure the default here.
It would also be a good idea to place checkmarks beside "Send email to new user" and "Show email address"
In the empty "Username" "Password" and "Email" fields, add a user account and click "Create"
Repeat for each user you want added.

ownCloud comes with two default groups: Everyone and Admins. When you create users, they automatically belong to the "Everyone" group. If you need to create other groups, click the "+ Add Group" link on the left.

You can also assign space limitations by setting the quota for each individual.

Configure New User Folder Skeleton

When a new user is created, the following folder/files are copied to the new user's folder:

/var/www/owncloud/core/skeleton/*

You can remove the example files and/or create new folders/files so it looks a certain way when a new person logs in.

Install New Apps

You can install other apps not listed with the default installation.
Visit this site: https://apps.owncloud.com/?xsortmode=high

User avatar
LHammonds
Site Admin
Site Admin
Posts: 660
Joined: Fri Jul 31, 2009 6:27 pm
Are you a filthy spam bot?: No
Location: Behind You
Contact:

Upgrades

Post: # 540Post LHammonds
Sun Oct 01, 2017 9:28 am

It is recommended to upgrade any time a release is made but I've been burned before with point releases not working...which is why I stayed on 8.0.2 for so long.

But when you do upgrade an old install, you cannot skip the major releases. So going from 8.0.2 to 10.0.3 means you need to upgrade in this order:

8.0.2 -> 8.0.16 (Upgrade to the latest release of the version you are on)
8.0.16 -> 8.1.12 (Upgrade to the the latest release of the next minor version)
8.1.12 -> 8.2.11 (Upgrade to the the latest release of the next minor version)
8.2.11 -> 9.0.10 (Upgrade to the latest release of the next major version)
9.0.10 -> 9.1.6 (Upgrade to the the latest release of the next minor version)
9.1.6 -> 10.0.3 (Upgrade to the latest release of the next major version)

As I upgrade my current production system, I will document how I did it successfully here.

General steps of the upgrade are as follows:
  1. Disable any 3rd-party applications
  2. Place system into maintenance mode.

    Code: Select all

    sudo -u www-data php occ maintenance:mode --on
    or

    Code: Select all

    vi /var/www/owncloud/config/config.php

    Code: Select all

    'maintenance' => true,
  3. Backup the owncloud site (and uploads)

    Code: Select all

    tar -czf /tmp/html-before.tar.gz /var/www/owncloud
  4. Backup the database

    Code: Select all

    mysql --databases owncloud > /tmp/owncloud-before.sql
  5. Download next release to install and extract into a temp folder

    Code: Select all

    cd /tmp
    wget *** INSERT URL HERE ***
    unzip /tmp/owncloud*.zip
    rm /tmp/owncloud*.zip
  6. Stop web server

    Code: Select all

    service apache2 stop
  7. Push the folders around such as the following:

    Code: Select all

    mv /var/www/owncloud /var/www/owncloud.old
    mv /tmp/owncloud /var/www/owncloud
    cp /var/www/owncloud.old/config/config.php /var/www/owncloud/config/.
    mv /var/www/owncloud.old/data /var/www/owncloud/.
    NOTE: If you have a custom theme, be sure to move it too. Example:

    Code: Select all

    mv /var/www/owncloud.old/themes/mytheme /var/www/owncloud/themes/.
  8. Start web server

    Code: Select all

    service apache2 start
  9. Run the upgrade script:

    Code: Select all

    cd /var/www/owncloud
    sudo -u www-data php occ upgrade
  10. Turn off maintenance mode.

    Code: Select all

    sudo -u www-data php occ maintenance:mode --off
    or

    Code: Select all

    vi /var/www/owncloud/config/config.php

    Code: Select all

    'maintenance' => false,
  11. If the upgrade was successful, verify by logging into the site as admin an verify the version number.
  12. Re-enable the 3rd party applications
  13. Re-run the script to correct ownership and permissions.

    Code: Select all

    /var/scripts/owncloud-secure.sh
  14. Remove old code:

    Code: Select all

    rm -rf /var/www/owncloud.old
  15. Backup the owncloud site (and uploads)

    Code: Select all

    tar -czf /tmp/html-after.tar.gz /var/www/owncloud
  16. Backup the database

    Code: Select all

    mysql --databases owncloud > /tmp/owncloud-after.sql

User avatar
LHammonds
Site Admin
Site Admin
Posts: 660
Joined: Fri Jul 31, 2009 6:27 pm
Are you a filthy spam bot?: No
Location: Behind You
Contact:

External Storage

Post: # 541Post LHammonds
Sun Oct 01, 2017 9:30 am

External Storage

These are the steps to enable and configure external storage to mount an existing share on another server...Windows 2012 in this case.

Step #1 Gather Share Information
  1. Make sure you have valid connection information such as the following:
  2. IP Address of the server hosting the share. Example: 192.168.107.55
  3. Exact spelling of the share. Example: Share
  4. UserID that has access to the share. Example: MyDomain\JDoe
  5. Password for the UserID. Example: abcd123!
Step #2 Enable External Storage support
  1. Login to your ownCloud web interface with an administrator account
  2. Click Apps -> +Apps -> Not enabled
  3. Find "External storage support" and click the Enable button
  4. Click the Enabled section on the left to show all enabled plugins and make sure you see External storage support.
Step #3 - Configure ownCloud to utilize the external storage
  1. Login to your ownCloud web interface with an administrator account
  2. Click the menu drop-down on the top-right corner and select Admin, then click External Storage
  3. Type in a folder name that will show up in the user's account. Example: Policies
  4. Click the "Add storage" drop-down beside it and select "SMB/CIFS"
  5. Fill out the Host, Share, Username and Password.
  6. In the "Available for" section to the right, add the ownCloud users/groups that will get this link.
  7. WARNING: Be careful adding it to anyone that syncs their account to their PC because they will immediately start sync'ing this new location.

User avatar
LHammonds
Site Admin
Site Admin
Posts: 660
Joined: Fri Jul 31, 2009 6:27 pm
Are you a filthy spam bot?: No
Location: Behind You
Contact:

Fail2Ban

Post: # 542Post LHammonds
Sun Oct 01, 2017 9:30 am

Fail2Ban

If you have Fail2Ban installed and protecting SSH as part of the base install. You can add these few changes to also watch for ownCloud login failures.

Code: Select all

vi /etc/fail2ban/filter.d/owncloud.conf

Code: Select all

## Author: LHammonds
## Date:   2017-09-26

[INCLUDES]

before = common.conf

[Definition]

## ownCloud 10.0.3
failregex={"reqId":".*","level":2,"time":".*","remoteAddr":".*","user":".*","app":"core","method":"POST","url":".*","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)"}

## ownCloud 8.2.0 / 9.0.0
#failregex={"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)","level":2,"time":".*"}

## ownCloud 8.1.0
#failregex={"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '<HOST>\)","level":2,"time":".*"}


## ownCloud 8.0.3
#failregex={"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '<HOST>', X-Forwarded-For: '.*'\)","level":2,"time":".*"}

ignoreregex =

Code: Select all

vi /etc/fail2ban/jail.local
Add the following to the bottom:

Code: Select all


[owncloud]
enabled = true
filter  = owncloud
# select http, https or both, depending on which you use:
port    =  http,https
# edit the logpath to your needs:
logpath = /var/www/owncloud/data/owncloud.log

Post Reply