Nextcloud url rewrite problem

When i installed nextcloud on hestiacp its works great, but enabling url rewriting throw “Access Denied / 403 error” on url “domain.tld/apps/files/”

Does anyone know how to fix it?
All works except rewriting urls ;/


It would be usefull to know if you use apache or nginx
but if you use nginx I suggest you you copy my files nextcloud.* you could find them here
into your /usr/local/hestia/data/templates/web/nginx/
than choose nextcloud

I’m actually using it in preprod at

backend apache and nginx as proxy

did you try this config ?

if it’s working well you could make your file immuable with chattr

chattr +i

Problem with redirection maybe,

‘overwrite.cli.url’ => ‘’,
‘htaccess.RewriteBase’ => ‘/’,

and domain redirect me first to /apps/files and next to /apps/files/index.php
always nginx or apache2 adding index.php to url :disappointed_relieved:




ServerAdmin [email protected]
DocumentRoot /home/admin/web/
ScriptAlias /cgi-bin/ /home/admin/web/
Alias /vstats/ /home/admin/web/
Alias /error/ /home/admin/web/
#SuexecUserGroup admin admin
CustomLog /var/log/apache2/domains/ bytes
CustomLog /var/log/apache2/domains/ combined
ErrorLog /var/log/apache2/domains/

# run "a2enmod headers" if this isn't working
<IfModule mod_headers.c>
  Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"

<Directory /home/admin/web/>
Dav off

SetEnv HOME /home/admin/web/
SetEnv HTTP_HOME /home/admin/web/
AllowOverride All
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir /home/admin/web/
php_admin_value upload_tmp_dir /home/admin/tmp
php_admin_value session.save_path /home/admin/tmp

<Directory /home/admin/web/>
AllowOverride All

SSLEngine on
SSLVerifyClient none
SSLCertificateFile /home/admin/conf/web/
SSLCertificateKeyFile /home/admin/conf/web/
SSLCertificateChainFile /home/admin/conf/web/

<IfModule itk.c>
    AssignUserID admin admin
<IfModule mod_env.c>
# Add security and privacy related headers
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header set X-Robots-Tag "none"
Header set X-Download-Options "noopen"
Header set X-Permitted-Cross-Domain-Policies "none"
Header set Referrer-Policy "no-referrer"
SetEnv modHeadersAvailable true
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" SetHandler "proxy:unix:/run/php/|fcgi://localhost/" IncludeOptional /home/admin/conf/web/*


server {
listen ssl http2;
server_name ;
ssl_certificate /home/admin/conf/web/;
ssl_certificate_key /home/admin/conf/web/;
ssl_stapling on;
ssl_stapling_verify on;
error_log /var/log/apache2/domains/ error;

include /home/admin/conf/web/*;

location / {
    location ~* ^.+\.(jpg|jpeg|gif|png|ico|svg|css|zip|tgz|gz|rar|bz2|exe|pdf|doc|xls|ppt|txt|odt|ods|odp|odf|tar|bmp|rtf|js|mp3|avi|mpeg|flv|html|htm)$ {
        root           /home/admin/web/;
        access_log     /var/log/apache2/domains/ combined;
        access_log     /var/log/apache2/domains/ bytes;
        expires        max;
        try_files      $uri @fallback;

location /error/ {
    alias   /home/admin/web/;

location @fallback {

location ~ /\.ht    {return 404;}
location ~ /\.svn/  {return 404;}
location ~ /\.git/  {return 404;}
location ~ /\.hg/   {return 404;}
location ~ /\.bzr/  {return 404;}

include /home/admin/conf/web/*;


I will be grateful for help :confused: