Change jailed OwnCloud default port?

[jakeandchase]

Hi All,

I want to open my OwnCloud up to external sources, but not on port 80. Would anyone know how to change the port for a jailed owncloud? No settings and I can't find any apache setting files (not sure if it's even running apache by default)?

All google results seem to be pretty old, before owncloud was packaged with php, web server, etc.

Thanks!

 

[SweetAndLow]

You can open any port on your router and forward that port to port 80 of your owncloud sever. This is assuming when you said open up owncloud to external sources you mean being able to access it offside of your network.

 

[jakeandchase]

I know how to open any port, but how do i forward it to 80? I have a Netgear CG3100D-2

Thanks!

 

[Ericloewe]

I know how to open any port, but how do i forward it to 80? I have a Netgear CG3100D-2

Thanks!

That you'll have to figure out with someone else's help. Check your router's documentation.

 

[jakeandchase]

Turns out my router doesn't have these capabilities. Only to Open Ports.

So there is no way to change the port OwnCloud listens on?

 

[Joshua Parker Ruehlig]

Turns out my router doesn't have these capabilities. Only to Open Ports.

So there is no way to change the port OwnCloud listens on?

yes you can do this. owncloud is just a PHP application that (in this plugin's case) is being served by Apache. change the port apache serves ownCloud.

 

[cyberjock]

I just want to add that if you've been reading the release notes for Owncloud you're taking *serious* risk of your server being compromised if you are making it available to the world. Use a VPN or don't say we didn't warn you if things go bad later.

 

[jakeandchase]

I just want to add that if you've been reading the release notes for Owncloud you're taking *serious* risk of your server being compromised if you are making it available to the world. Use a VPN or don't say we didn't warn you if things go bad later.

Just read up on it. Seems to have some serious security flaws.

It's a shame, I really enjoyed having my own cloud server. Might switch to BTSync or just FTP.

 

[Joshua Parker Ruehlig]

Where can I read up on these security flaws (I found this but not sure if there's more somewhere http://www.cvedetails.com/vulnerability-list/vendor_id-11929/Owncloud.htm)? I'm sure it's got some like any human written application, but I'd assume if there are any known ones OC would push out a security update pretty quickly.

I personally have mine open to the world. I use server side encryption so I 'should' be safe from people getting unencrypted files.. unless a user is logged in and their unencrypted key is sitting in /tmp, and that's a big IF.

 

[cyberjock]

My problem is that even with server-side encryption, there have been bugs in the past that allowed people to gain root access to the machine that is running Owncloud. If they can get that kind of control your encryption key doesn't protect you from anything. They've got full control and access. :/

 

[Joshua Parker Ruehlig]

My problem is that even with server-side encryption, there have been bugs in the past that allowed people to gain root access to the machine that is running Owncloud. If they can get that kind of control your encryption key doesn't protect you from anything. They've got full control and access. :/

I would think they'd need an exploit to get 'root' from a local user cause most systems run owncloud as the www user. But either way, if they get shell access, even as 'www', they can get my keys, and and subsequently my files. =/

I'll probably end up double encrypting my actually important stuff and storing the keys on flash drives hidden somewhere. OC encryption doesn't even hide the file names, and thumbnail previews are unencrypted, lol.