Having installed the latest Netxcloud on my server, I added ModSecurity and CRS 3 on the Apache instance. After some tuning and the configuration of geoIP with the help of our very own Christian Folini, I watched the logs fly by during a few hours and noticed scan.nextcloud.com accessing my /status.php.
By going to this /status.php on my server, I get this JSON payload:
So what is scan.nextcloud.com ? Checking their page brings back: “Check the security of your private Nextcloud server”.
In fact the idea is good to help keeping a secure internet (hey, I got A+, after all), but on the other hand, the /status.php URL exposes the exact version of my cloud server and its potential vulnerabilities. I’m not really sure yet if I’m happy with the idea.