When you think about a firewall, you think about a complicated tool big companies use to keep hackers out of their networks. And perhaps you think about the many movies where weird visuals are used to represent them being used and broken through. Nextcloud has the File Access Control app which acts as a bit of a firewall and while it helps protect businesses secrets, there are use cases for home users as well.
Introducing Two Factor Authentication
Two factor authentication has becoming quite popular in the last months/years. So you go ahead and enable all those fancy things on various websites you use. Note that they often provide you with a list of recovery keys! Where do you put those keys, to make sure you don’t ever lose them? There is this self-hosted cloud solution you use, with the slogan “a safe home for all your data“. And it sure can help with this!
By putting your keys on your Nextcloud you keep them to yourself. Yet, Nextcloud aims to make sharing easy. You don’t want to accidentally share your recovery keys, do you? Nor would you want your sync client on your phone to, all too easily, give access to these files. So is there an extra layer of protection possible, one that protects from accidental sharing or a stolen phone?
Protecting the keys
This is where the File Access Control app joins the party:
1. As a first step you assign the tag `Protected file` to your recovery files in the web UI.2. You go to `admin settings` > `File access control` and start a new rule group:
1. `File system tag` is tagged with `Protected file`2. `Request user agent` is not `Desktop client`
Your files can now no longer be downloaded and synced with the android client or a web browser.
This would disallow the client and only allow the web interface (and only Firefox!) from the local network.
Now to be sure the files are also not delivered to your laptop, you can add a second rule that only allows the Desktop client when the IP is the local IP of your Desktop PC which accesses the instance via the LAN rather then the internet:
1. `File system tag` is tagged with `Protected file`2. `Request user agent` is `Desktop client`3. `Request remote address` does not match IPv4 `192.168.176.42/32`
As you see, the File Access Control app can help ensure your data stays within the confines of your house or follows other rules which ensure you don’t accidentally make them available where you wouldn’t want them. Note that it is NOT a super secure solution, you can’t use it to replace https or other encryption solutions! But it can avoid mistakes through accidental sharing and such.
Post by Joas, main author of the File Access Control app
Regain control of your time with Hub 8: improvements all around Hub, new apps, new AI features, new level of performance and comfort. Tune in and discover the next generation of collaboration.
We bring you a major update to the Nextcloud AI Assistant, plus the news we work with several big hosting providers like IONOS and OVHcloud to bring AI-as-a-Service options to you!
Bechtle and Nextcloud announce today a complete managed collaboration platform for the public sector that requires no tender and can be deployed immediately.
Discover how to make the switch from ownCloud to Nextcloud. Our quick guide provides insights into the migration process, helping you make the transition smoothly.
Today, US-based file sync & share vendor Kiteworks announced their acquisition of ownCloud and Dracoon. Kiteworks points out that their customers now have access to their file-sharing application. It is to be expected they will not maintain 3 similar products, but customers will have to migrate to the US firms’ platform or look for another […]
As part of Schleswig-Holstein's state digitization strategy, the state chancellery has announced they will work with Nextcloud to develop AI for working with government documents. This comes just after we announced the first private AI assistant last weekend with Hub 6. The German state already uses Nextcloud and their AI strategy aligns with our work on ethical, local AI technologies.
Over the last year, AI has become a popular topic. Some is hype, some is substance. Some is good, some is bad. We want to give you the good, not the bad, and ignore the hype! AI has a ton of opportunity – but also risk. So we put you in control – off by […]
The Nextcloud Conference is not your average event - it's a community meetup that brings together Nextcloud enthusiasts, contributors, developers, users and industry experts from all over the world.
Minor Nextcloud updates are released, carrying multiple stability and security improvements. As always, the upgrade process is designed to be safe and quick
We save some cookies to count visitors and make the site easier to use. This doesn't leave our server and isn't to track you personally!
See our Privacy Policy for more information. Customize