Disable default https redirection

[ghost]

hi, when i acces to my website without http / https before the domain name it automaticly redirect to https and i don't want it, how can i remove it ?

[evertramos]

Are you using any reverse proxy?

Are you using apache? If so, did you run your Dockerfile updating your sites-enable conf file?

And just curious... why would you like to disable it?

As of the description of this image:

"When you want to have your server reachable from the internet adding HTTPS-encryption is mandatory!"

[ghost]

I juste deploy docker with the official nextcloud docker and i don't edit any config file
I want to remove it because i haven't any certificat

[evertramos]

I would suggest you to check out the possibility to get a Free Certificate with Lets Encrypt which will make a more secure environment. You could use some reverse proxy, easy to set up, as of:

https://github.com/evertramos/docker-compose-letsencrypt-nginx-proxy-companion

Along with:

https://github.com/evertramos/docker-nextcloud-letsencrypt

Hope it will be of help!

I believe Nextcloud was designed to use https for security reasons, which I am not sure how you will disabled it in production.

[marceljd]

Which version of the Nextcloud image did you use? Normally the redirects are handled by the webserver (apache / nginx), so your solution will probably be in the webserver configuration. Did you install or modify a .htaccess file?

[ghost]

There really are very important reasons to be able to disable https in some circumstances. For example, I have a purely internal nextcloud to sync files locally on a rpi, and have no reason whatsoever to want to waste processing overhead for https in that use case.

[naodesu]

I disabled https redirect by commenting following line in nginx config:
fastcgi_param HTTPS on;

[oz42]

"fastcgi_param HTTPS on;" does not work here. Any other ideas?

[SKART1]

You should remove http2 directive in server because most browsers do not support http2 without tls

https://stackoverflow.com/questions/34108188/how-to-enable-h2c-in-nginx

[ghost]

Also trying to remove the overhead for https as I use my own https server to redirect. Followed all the suggestions here: https://help.nextcloud.com/t/how-disable-https-for-nginx/52718 as well as removing "fastcgi_param HTTPS on;" and tweaking 'overwrite.cli.url' to use http, but the webui simply doesn't load.

[edit] Spoke too soon. Works fine - I just forgot to change my docker container port mapping from 443 to 80.

[chrisdlangton]

TLS/SSL termination on an nginx reverse proxy that is internet facing is far superior than exposing Nextcloud. HTTPS is not necessary when nginx is terminating TLS

[J0WI]

Some examples are provided in https://github.com/nextcloud/docker/tree/master/.examples/docker-compose/insecure
However, it's not recommend to run Nextcloud without HTTPS.

[chrisdlangton]

Open the ticket
You ignored the whole point
Nextcloud IS USING HTTPS but it is terminated OUTSIDE the container!

[icasdri]

@chrisdlangton Does that configuration not already work? Having the https redirect would not seem to hurt that use case...

[chrisdlangton]

this is what is happening

For completeness, that TLS termination is happening using AWS Load Balancers + AWS ACM, not actually an nginx host, but essentially the same if you want to home lab it yourself.

Notice there is no way to reach the Nextcloud web server itself.

If you removed https redirection you could permit poor usage patterns - but you also permit best-practices like separation of concerns having the app do just web server things and load balancers do network things, plus principle of least privilege prevents app vulnerabilities exposing the certificate or having a lateral movement vector to through the network workloads (nginx).

Basically, remove http redirect to https for the docker container, which is essentially just an "app" not a network appliance/workload. Just do 1 thing, and do that 1 thing well.

[EgonHeuson]

Hello everyone!
I'm reopening this thread because I have a similar request. I installed my NextCloud server using the NextCloudPi distribution on an Odroid HC1 board. My server is behind a reverse proxy (installed on my Synology NAS) with a dedicated Let's Encrypt certificate stored on the reverse proxy. Everything is working fine except on iOS where I can't access the login page because of a "protocol error". I noticed that the access is automatically redirected to HTTPS behind the reverse proxy, and this may be the cause of my problem. That's why I would like to disable the HTTPS redirection behind the reverse proxy. I tried to disable it by setting the "nc-httpsonly" option to off in the NextCloudPi control panel, but it doesn't seem to stop the redirection. Then, I'd like to do it manually but I'm not good enough in the apache configuration to do it alone. Could you enlighten me?
Thanks a lot!

[ghost]

join to previous comment. Try to setup reverse proxy with tls termination for 2 sites (nextcloud docker + vaultwarden docker)
And cannot disable redirection!
Comment and remove any ssl-related in config, disable 000-default site, but apache still answer with 302 Found -> https:// ...

only 'overwriteprotocol' => 'http', in config.php did the trick ... (default https)

[joshtrichards]

This thread appears to no longer be applicable. I can't find where we ever did an HTTPS redirect in the image. And we certainly don't today. Some of the example configs, sure. But those are just that: examples. Change them to suit your local needs.

If anyone has redirect issues they should review:

• upstream documentation (https://docs.nextcloud.com)
• their reverse proxy configuration
• trusted_* configuration in NC
• overwrite* configuration in NC
• browser settings (http->https is now a feature in some browsers)

This issue can be safely closed best as I can tell.