{"id":1294,"date":"2017-06-25T15:46:09","date_gmt":"2017-06-25T13:46:09","guid":{"rendered":"http:\/\/www.netnea.com\/cms\/?p=1294"},"modified":"2017-06-25T15:47:24","modified_gmt":"2017-06-25T13:47:24","slug":"nextcloud-scanning","status":"publish","type":"post","link":"https:\/\/www.netnea.com\/cms\/2017\/06\/25\/nextcloud-scanning\/","title":{"rendered":"Nextcloud scanning"},"content":{"rendered":"<p>Having installed the latest Netxcloud on my server, I added ModSecurity and CRS 3 on the Apache instance. After <a href=\"https:\/\/www.netnea.com\/cms\/apache-tutorials\/\">some tuning and the configuration of geoIP<\/a>\u00a0with the help of <a href=\"https:\/\/www.netnea.com\/cms\/netnea-the-team\/christian-folini\/\">our very own Christian Folini<\/a>, I watched the logs fly by during a few hours and noticed scan.nextcloud.com accessing my \/status.php.<\/p>\n<p>By going to this \/status.php on my server, I get this JSON payload:<\/p>\n<blockquote><p>{<br \/>\n&#8220;installed&#8221;: true,<br \/>\n&#8220;maintenance&#8221;: false,<br \/>\n&#8220;needsDbUpgrade&#8221;: false,<br \/>\n&#8220;version&#8221;: &#8220;12.0.0.29&#8221;,<br \/>\n&#8220;versionstring&#8221;: &#8220;12.0.0&#8221;,<br \/>\n&#8220;edition&#8221;: &#8220;&#8221;,<br \/>\n&#8220;productname&#8221;: &#8220;Nextcloud&#8221;<br \/>\n}<\/p><\/blockquote>\n<p>So what is scan.nextcloud.com ? Checking their page brings back: <em>&#8220;Check the security of your private Nextcloud server&#8221;.<\/em><\/p>\n<p>In fact the idea is good to help keeping a secure internet (hey, I got <strong>A+<\/strong>, after all), but on the other hand, the \/status.php\u00a0URL exposes the exact version of my cloud server and its potential vulnerabilities. I&#8217;m not really sure yet if I&#8217;m happy with the idea.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Having installed the latest Netxcloud on my server, I added ModSecurity and CRS 3 on the Apache instance. After some tuning and the configuration of geoIP\u00a0with the help of our very own Christian Folini, I watched the logs fly by during a few hours and noticed scan.nextcloud.com accessing my \/status.php. By going to this \/status.php [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":{"0":"post-1294","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-security","7":"czr-hentry"},"_links":{"self":[{"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/posts\/1294","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/comments?post=1294"}],"version-history":[{"count":7,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/posts\/1294\/revisions"}],"predecessor-version":[{"id":1301,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/posts\/1294\/revisions\/1301"}],"wp:attachment":[{"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/media?parent=1294"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/categories?post=1294"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/tags?post=1294"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}