Nextcloud scanning


Having installed the latest Netxcloud on my server, I added ModSecurity and CRS 3 on the Apache instance. After some tuning and the configuration of geoIP with the help of our very own Christian Folini, I watched the logs fly by during a few hours and noticed scan.nextcloud.com accessing my /status.php.

By going to this /status.php on my server, I get this JSON payload:

{
“installed”: true,
“maintenance”: false,
“needsDbUpgrade”: false,
“version”: “12.0.0.29”,
“versionstring”: “12.0.0”,
“edition”: “”,
“productname”: “Nextcloud”
}

So what is scan.nextcloud.com ? Checking their page brings back: “Check the security of your private Nextcloud server”.

In fact the idea is good to help keeping a secure internet (hey, I got A+, after all), but on the other hand, the /status.php URL exposes the exact version of my cloud server and its potential vulnerabilities. I’m not really sure yet if I’m happy with the idea.