search

nextcloud / ransomware_protection

An app that prevents uploading files that have names that are linked to known ransomware
https://apps.nextcloud.com/apps/ransomware_protection
GNU Affero General Public License v3.0
63 stars 24 forks source link

Issues with several apps #93

Closed derritter88 closed 3 years ago

derritter88 commented 3 years ago

Steps to reproduce

  1. Check Nextcloud log

Expected behaviour

No error should appear

Actual behaviour

Strange log entries appear

Server configuration

Operating system: Ubuntu 20.04

Web server: Apache

Database: PostgreSQL

PHP version: 7.4-FPM

Nextcloud version: (see Nextcloud admin page) 21.0

Where did you install Nextcloud from: the internet

Signing status:

No errors have been found.

List of activated apps:

Enabled:
  - accessibility: 1.7.0
  - activity: 2.14.3
  - admin_audit: 1.11.0
  - bookmarks: 4.1.0
  - breezedark: 21.0.3
  - bruteforcesettings: 2.0.1
  - calendar: 2.1.3
  - checksum: 1.1.2
  - cloud_federation_api: 1.4.0
  - comments: 1.11.0
  - contacts: 3.5.0
  - contactsinteraction: 1.2.0
  - dashboard: 7.1.0
  - dav: 1.17.1
  - deck: 1.3.1
  - drawio: 1.0.0
  - extract: 1.3.1
  - federatedfilesharing: 1.11.0
  - federation: 1.11.0
  - files: 1.16.0
  - files_downloadactivity: 1.10.0
  - files_external: 1.12.0
  - files_fulltextsearch: 21.0.0
  - files_fulltextsearch_tesseract: 20.0.1
  - files_pdfviewer: 2.1.0
  - files_rightclick: 1.0.0
  - files_sharing: 1.13.1
  - files_trashbin: 1.11.0
  - files_versions: 1.14.0
  - files_videoplayer: 1.10.0
  - firstrunwizard: 2.10.0
  - flowupload: 1.1.2
  - forms: 2.2.2
  - fulltextsearch: 21.0.0
  - fulltextsearch_elasticsearch: 21.0.0
  - gpxpod: 4.2.8
  - groupfolders: 9.0.0
  - integration_discourse: 0.0.9
  - integration_dropbox: 0.0.18
  - integration_github: 0.0.20
  - integration_gitlab: 0.0.15
  - integration_jira: 0.0.15
  - integration_mastodon: 0.0.13
  - integration_moodle: 0.0.9
  - integration_reddit: 0.0.11
  - integration_twitter: 0.0.10
  - integration_zammad: 0.0.18
  - logreader: 2.6.0
  - lookup_server_connector: 1.9.0
  - mail: 1.9.3
  - maps: 0.1.8
  - metadata: 0.13.0
  - news: 15.3.2
  - nextcloud_announcements: 1.10.0
  - notes: 4.0.4
  - notifications: 2.9.0
  - oauth2: 1.9.0
  - onlyoffice: 6.3.0
  - password_policy: 1.11.0
  - photos: 1.3.0
  - previewgenerator: 3.1.1
  - privacy: 1.5.0
  - provisioning_api: 1.11.0
  - quota_warning: 1.10.0
  - ransomware_protection: 1.9.0
  - recommendations: 1.0.0
  - riotchat: 0.7.3
  - serverinfo: 1.11.0
  - settings: 1.3.0
  - sharebymail: 1.11.0
  - spreed: 11.1.1
  - support: 1.4.0
  - survey_client: 1.9.0
  - systemtags: 1.11.0
  - talk_matterbridge: 1.22.1
  - text: 3.2.0
  - theming: 1.12.0
  - twofactor_backupcodes: 1.10.0
  - twofactor_nextcloud_notification: 3.1.2
  - twofactor_totp: 6.0.0
  - twofactor_u2f: 6.1.0
  - updatenotification: 1.11.0
  - user_ldap: 1.11.0
  - user_status: 1.1.1
  - viewer: 1.5.0
  - weather_status: 1.1.0
  - workflow_pdf_converter: 1.6.0
  - workflowengine: 2.3.0
Disabled:
  - encryption

Nextcloud configuration:

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "cloud.hks-projekt.at"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "https:\/\/cloud.hks-projekt.at",
        "dbtype": "pgsql",
        "version": "21.0.0.18",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "logtimezone": "Europe\/Vienna",
        "installed": true,
        "filelocking.enabled": true,
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 0,
            "timeout": 0
        },
        "mail_smtpmode": "smtp",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "updater.release.channel": "stable",
        "loglevel": 0,
        "appstore.experimental.enabled": true,
        "theme": "",
        "asset-pipeline.enable": true,
        "ldapIgnoreNamingRules": false,
        "ldapProviderFactory": "\\OCA\\User_LDAP\\LDAPProviderFactory",
        "remember_login_cookie_lifetime": 1296000,
        "session_lifetime": 86400,
        "session_keepalive": true,
        "auto_logout": false,
        "trashbin_retention_obligation": "auto, 7",
        "mysql.utf8mb4": true,
        "mail_smtpauthtype": "LOGIN",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "25",
        "htaccess.RewriteBase": "\/",
        "maintenance": false,
        "activity_expire_days": 14,
        "auth.bruteforce.protection.enabled": true,
        "blacklisted_files": [
            ".htaccess",
            "Thumbs.db",
            "thumbs.db"
        ],
        "cron_log": true,
        "enable_previews": true,
        "enabledPreviewProviders": [
            "OC\\Preview\\PNG",
            "OC\\Preview\\JPEG",
            "OC\\Preview\\GIF",
            "OC\\Preview\\BMP",
            "OC\\Preview\\XBitmap",
            "OC\\Preview\\Movie",
            "OC\\Preview\\PDF",
            "OC\\Preview\\MP3",
            "OC\\Preview\\TXT",
            "OC\\Preview\\MarkDown"
        ],
        "filesystem_check_changes": 0,
        "integrity.check.disabled": false,
        "knowledgebaseenabled": true,
        "log_rotate_size": 104857600,
        "quota_include_external_storage": false,
        "app_install_overwrite": [
            "files_fulltextsearch",
            "bruteforcesettings",
            "checksum",
            "contacts",
            "drawio",
            "fulltextsearch",
            "onlyoffice",
            "files_fulltextsearch_tesseract",
            "fulltextsearch_elasticsearch",
            "maps",
            "extract",
            "breezedark",
            "flowupload",
            "ransomware_detection",
            "ransomware_protection",
            "metadata",
            "groupfolders",
            "talk_matterbridge",
            "whiteboard"
        ],
        "mail_sendmailmode": "smtp",
        "mail_smtpauth": 1,
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "preview_max_x": "1080",
        "preview_max_y": "1920",
        "default_phone_region": "AT"
    }
}

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...

Client configuration

Browser: Firefox 86.0.1

Operating system: Win10 20H2

Logs

Nextcloud log (data/owncloud.log)

{"reqId":"YFD5pJEbSxLw7Xy9a7J74gAASQo","level":3,"time":"2021-03-16T19:32:04+01:00","remoteAddr":"192.168.10.2","user":"3A60C52D-9415-4F28-A2B7-71A8CBD7A9E3","app":"PHP","method":"GET","url":"/settings/admin/logging","message":{"Exception":"Error","Message":"include(): Failed opening 'ransomware_protection/personal.php' for inclusion (include_path='/var/www/cloud/apps/news/vendor/pear/net_url2:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Crypt_Blowfish:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Date:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Exception:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Idna:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Imap_Client:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_ListHeaders:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Mail:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_ManageSieve:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Mime:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Nls:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Secret:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Smtp:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Socket_Client:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Stream:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Stream_Filter:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Stream_Wrapper:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Stringprep:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Support:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Text_Filter:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Text_Flowed:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Translation:/var/www/cloud/apps/mail/vendor/pear-pear.horde.org/Horde_Util:/var/www/cloud/3rdparty/pear/archive_tar:/var/www/cloud/3rdparty/pear/console_getopt:/var/www/cloud/3rdparty/pear/pear-core-minimal/src:/var/www/cloud/3rdparty/pear/pear_exception:/var/www/cloud/apps') at /var/www/cloud/lib/private/legacy/OC_App.php#660","Code":0,"Trace":[{"file":"/var/www/cloud/lib/private/legacy/OC_App.php","line":660,"function":"onError","class":"OC\\Log\\ErrorHandler","type":"::"},{"file":"/var/www/cloud/lib/private/legacy/OC_App.php","line":660,"function":"include"},{"file":"/var/www/cloud/lib/private/Settings/Manager.php","line":258,"function":"getForms","class":"OC_App","type":"::"},{"file":"/var/www/cloud/apps/settings/lib/Controller/CommonSettingsTrait.php","line":116,"function":"getPersonalSections","class":"OC\\Settings\\Manager","type":"->"},{"file":"/var/www/cloud/apps/settings/lib/Controller/CommonSettingsTrait.php","line":64,"function":"formatPersonalSections","class":"OCA\\Settings\\Controller\\AdminSettingsController","type":"->"},{"file":"/var/www/cloud/apps/settings/lib/Controller/CommonSettingsTrait.php","line":148,"function":"getNavigationParameters","class":"OCA\\Settings\\Controller\\AdminSettingsController","type":"->"},{"file":"/var/www/cloud/apps/settings/lib/Controller/AdminSettingsController.php","line":68,"function":"getIndexResponse","class":"OCA\\Settings\\Controller\\AdminSettingsController","type":"->"},{"file":"/var/www/cloud/lib/private/AppFramework/Http/Dispatcher.php","line":218,"function":"index","class":"OCA\\Settings\\Controller\\AdminSettingsController","type":"->"},{"file":"/var/www/cloud/lib/private/AppFramework/Http/Dispatcher.php","line":127,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud/lib/private/AppFramework/App.php","line":157,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/cloud/lib/private/Route/Router.php","line":302,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/cloud/lib/base.php","line":993,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/cloud/index.php","line":37,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/cloud/lib/private/Log/ErrorHandler.php","Line":92,"CustomMessage":"--"},"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0","version":"21.0.0.18","id":"6050f9a6d3d0a"}
nickvergessen commented 3 years ago

Already fixed with https://github.com/nextcloud/ransomware_protection/pull/90/files just missing a release