EN · $

Running Nextcloud Securely on Shared Hosting

Learn how to secure Nextcloud on shared hosting with automatic updates and security scans. Tips for updates, scans, and configuration.

nextcloudshared-hostingsecuritycloudautomatic updates

Why Security is Important for Nextcloud on Shared Hosting

Nextcloud is a popular open-source solution for cloud storage and collaboration. If you run Nextcloud on shared hosting, you share server resources with other users. This poses special security risks. With automatic updates and regular security scans, you can effectively protect your data.

Setting Up Automatic Updates

Using the Nextcloud Update Manager

Nextcloud offers an integrated update manager. Go to Administration → Overview in the settings and enable the option "Check for updates". This way you will be notified as soon as a new version is available.

Automating Updates via Cron Job

For automatic updates, you can set up a cron job. Many shared hosting providers like dezhost offer cron job functions in the administration interface. Add the following command to run the update script regularly:

php /path/to/nextcloud/updater/updater.phar

Run the job daily to stay up to date.

Performing Security Scans

Nextcloud Security Scanner

The official Nextcloud Security Scanner checks your server configuration for known vulnerabilities. Simply enter the URL of your Nextcloud instance and receive a detailed report.

Custom Scans with Tools like WPScan

You can also use specialized tools like WPScan (for WordPress) or Nikto for general web scans. Run these regularly to detect security vulnerabilities early.

Additional Security Tips for Shared Hosting

  • Enforce HTTPS: Make sure your Nextcloud instance is only accessible via HTTPS. Many providers offer free SSL certificates via Let's Encrypt.
  • Strong Passwords and 2FA: Use strong passwords for all users and enable two-factor authentication.
  • Secure Files and Folders: Set permissions for Nextcloud directories to 755 for folders and 644 for files.
  • Regular Backups: Create daily backups of your Nextcloud data and database. Many hosting packages include backup functions.

Additional Protective Measures

Use a Web Application Firewall (WAF) like ModSecurity to fend off attacks. Some hosting providers offer this by default. Also, uninstall outdated apps and plugins as they pose a security risk.

If you are looking for a reliable partner for your Nextcloud project, check out our web hosting packages. We support you in setting up and securing your cloud.