[x] I have read the contributing guideline and understand that I have made the correct modifications
Description
The default configuration does not pass security checks. A change to ssl.conf is required for secure operation. This behaviour can be very confusing to new users. Documenting this should help make it easier for
new nextcloud users to have a secure experience.
Benefits of this PR and context
The default behavior was very confusing and the correct solution is very non-obvious (change ssl.conf).
A user may simply remove the proxy_hide_header directive, which will cause unintended consequences in the future.
closes #569
Description
The default configuration does not pass security checks. A change to ssl.conf is required for secure operation. This behaviour can be very confusing to new users. Documenting this should help make it easier for new nextcloud users to have a secure experience.
Benefits of this PR and context
The default behavior was very confusing and the correct solution is very non-obvious (change ssl.conf). A user may simply remove the
proxy_hide_headerdirective, which will cause unintended consequences in the future. closes #569Source / References
569