Anonymous access in Nextcloud - nextcloud

I use current stable version of Nextcloud (nextcloud docker image). I want to disable an authentication window when user enter the site. Is it possible? I found only anonymous upload feature in official doc.

Nextcloud is build around the concept that each user has it's personal (cloud) folder where he can upload, edit and share files. Therefore you cannot access the "normal" user interface without a log in.
However it is possible for any user to share files/folders via a link and allow editing of them without login:
https://docs.nextcloud.com/server/latest/user_manual/en/files/sharing.html#public-link-shares
https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/file_sharing_configuration.html
But just in case you rally want to give all anonymous visitors of your Nextcloud instance the option to upload and edit files anonymously, here is a possible solution:
Create a folder anonymous with your admin account
Share it via link and allow editing
In your admin settings, go towards Theming: https://your-domain.com/settings/admin/theming
Set Anonymous Usage as Name and your shared link as Web link
Now if you log out and access your Nextcloud instance, you'll see a link at the very bottom called Anonymous Usage that you (and your clients) can follow to upload files/folders or edit existing ones. All files uploaded via that link will be stored inside the anonymous folder and will be owned by your admin account. So make sure to set the storage quota on that account high enough.
Be ware that
by visiting your Nextcloud instance anyone could delete all files inside anonymous as he doesn't need to authenticate himself.
the visitors are not fully anonymous, as there are probably some log files of Nextcloud and your Webserver with their IP addresses.

Related

Best way to password-protect folders on IIS

What is the best way to password-protect a folder on IIS with a single set of credentials to be shared by a group of users?
Our hosting service offers Plesk, which in turn offers a "password-protected directory" function, but some of our clients have HTTP authorization disabled, so they get an automatic 401.4 error with no prompt for credentials.
I've looked into Forms authentication but this seems cumbersome to set up for the numerous separate domains at issue.
The protected content is not super sensitive, we just don't want it easily accessible to the public. Many of our users do not use the site frequently and we don't want to implement individual credentialing for everyone (we do have that in place for more sensitive sections) just so they can view current project reports or meeting minutes.
On sites I don't control, but am just a user, that do the same things as mine, it is a big pain to have to look up a username and password twice per year just to view a meeting agenda (yes, browser could remember but they also have a 4-month expiration and lots of us are on different devices all the time).
Is Forms authentication the way to go? Took a several hours for me to get it set up and working, with all sorts of settings not well documented in a single place.
(I had previously asked about how to disable Basic Auth on the client side, was told more than once it's not possible - but it is, via client/browser registry keys)
Thanks.
It's perfectly fine to use forms authentication. All you need to do is navigate to the folder or file you want to protect, then go to Authorization Rules. Add a deny rule for anonymous users, when users who are not logged in try to click on any file in that folder, they will be redirected to your login page. You can find a lot of guides on forms authentication in Google, you can refer to the following:
https://learn.microsoft.com/zh-CN/troubleshoot/developer/webapps/aspnet/development/forms-based-authentication
https://learn.microsoft.com/en-us/iis/application-frameworks/building-and-running-aspnet-applications/how-to-take-advantage-of-the-iis-integrated-pipeline

How to give phpmyadmin access through the webmail in cpanel?

I added the user from user management but I don't know what to do further how to check?
I am expecting to user don't access public html folder.
User will be able to access the public html folder, if they are accessing it through cPanel. Unfortunately, there is no way around this as phpMyAdmin is secured with cPanel authentication.
However, you could install your own phpMyAdmin on your domain and provide access through it. You can find more information about how to do it here.

How to restrict access to custom application WEBUI in QNAP?

Good morning everyone,
I am developing an app for QNAP which has also a web interface. In my qpkg.conf I set QPKG_WEBUI and QPKG_USE_PROXY and I can see correctly the Web interface inside the QNAP interface once I am logged in. It seems perfectly integrated with the QNAP interface, BUT, I can see it also writing the right url in my web browser, even if I am not logged in the QNAP and I cleared all possible cache/cookies.
I want to give access to my Web interface only to valid users. Unfortunately I do not know how to do it. I tried to write a .htaccess to deploy with my application, but without any success (obviously I can not modify the apache standard configuration, and with the standard configuration I was not able to do it).
The only thing I found, inside the Apache folder, there is a pwauth executable that let me ask for username/password (even if I do not want to ask, I want only to see if the user is ALREADY logged in). Anyway with the standard apache configuration, the external module is not loaded, then I can not use the pwauth inside the .htaccess. Maybe I could create some custom cgi program that call it, but I would prefer to avoid custom solution, I really would like to follow a "standard" way to do it, it should be one.....
I would like to know if there is some QNAP variable to set in the qpkg.conf file, or some configuration to set in a .htaccess that does what I want: grant the access only if the user is ALREADY logged in.
Thanks very much to everyone, I could not find anything in google or in the official documentation.

error "List does not exist"

I had error when access SharePoint sites out of the server , as when I
try to add new document or did any action this error displayed although
it worked well in SharePoint server
I think Yevgeniy made a good suggestion.
I assume you mean by 'outside' the server, users are trying to view the page on a different URL? If so, it might be the URLs to access the site 'outside SharePoint' are not configured correctly.
I would suggest a few things to start with:
When you say it works 'in SharePoint server' does this mean that the whole site is accessible, with no problems? But using a different URL (i.e. host header?), fails - for just this one page with the list or the whole site?
Check you have Alternate Access Mappings configured correctly as suggested above - check that the URL is setup correctly in any AAM zones defined, and that the authentication (e.g. Anonymous, Forms whatever required) is also setup too. This is all done in Central Administration.
If AAM setup correctly, check if you have any firewall or other network security that may block access to the site (again, assuming users are routed externally?)
Does the problem page or list (or the subsite it is within) have any unique security permissions?
You can check for the site via Site Actions | Site Permissions - if it does not have unique permissions, you will see a 'This Web site inherits permissions from its parent.' message.
If the List has unique permissions, you can check by going to the list page, and clicking 'Library Permissions' on the Library grouping on the Library Tools section of the ribbon.

In IIS7, how can I require Authentication on specific directories?

I have a website on Win 2008 and IIS7. Some directories have admin specific pages and I don't want regular site users to be able to access them.
What I would like is, if the user tries to load a page from a specific directory, for the site to popup a windows authentication window if the user has not not already authenticated.
Can this be done? Preferably just by setting web.config keys?
Yes, use <location></location> tags to override the current IIS settings at that level and set new ones.
Reference: http://msdn.microsoft.com/en-us/library/b6x6shw7(v=vs.100).aspx