Bug 44851 - nextcloud installation note links to non-UCS HSTS documentation
nextcloud installation note links to non-UCS HSTS documentation
Status: NEW
Product: UCS
Classification: Unclassified
Component: App Center
UCS 4.2
Other Linux
: P5 normal (vote)
: ---
Assigned To: App Center maintainers
App Center maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-24 09:23 CEST by Daniel Tröder
Modified: 2017-06-30 09:24 CEST (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 2: Improvement: Would be a product improvement
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.046
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Tröder univentionstaff 2017-06-24 09:23:28 CEST
When installing the Nextcloud app, a pop-up shows the following note:

------------------------------------------------------
[..]

Also, if the host webserver does not have HTTP Strict Transport Security enabled, it is recommend to configure it. More information can be found in our documentation.
------------------------------------------------------

"our documentation" is a link to https://docs.nextcloud.com/server/11/admin_manual/configuration_server/harden_server.html#enable-http-strict-transport-security

This should instead read / link to:

------------------------------------------------------
ucr set apache2/hsts=yes
systemctl restart apache2.service
------------------------------------------------------