[SOLVED] ERROR - Nextcloud & OnlyOffice Docs. This content is blocked. Contact the site owner to fix the issue

Irwin · 17 March 2022 09:02

Hi,

After updating Onlyoffice or Nextcloud, Nextcloud stopped opening documents in Onlyoffice. In Chrome browser it says “This content is blocked. Contact the site owner to fix the issue.”

OS : Debian 11 VM Server for NC & OO Docs

NC 22.2.5 (Non Docker install)

OnlyOffice on a different VM server (Docker Compose install, try also with non Docker install = same error)

PHP 7.4 for NC

DB: MariaDB

Access from web for NC & OO Docs are ok with Letsencrypt CA

When I insert server adress (https://docs.xxx.xx/) in the OnlyOffice Section in NC Parameters, got a green message that said version 7.xxx are ok

RP Nginx VM (RP conf found in OnlyOffice support didnt work)

Only Office Connector are up to date (7.3.2)

Tested on Chrome, Firefox and Edge

Same Error on all web nav

Tried a multiple ideas to fix it found on github, here and on NC support but without result.

Thx for help

Irwin · 17 March 2022 13:38

Hello solved by Myself today. .conf in the RP modified and it works

Irwin · 17 March 2022 14:06

So, hi to all,

1st sorry for my english but I’m french speaking.

The problem comes from the xxx.conf file assigned to your documentserver. It does the job of accessing your docserver.youradress.xyz, so that Nextcloud recognizes it in the Nextcloud OnlyOffice settings but does not allow access to OnlyOffice itself. So here is my 3 step solution.

Behind Nginx Reverse Proxy

1st) Your .conf file without Letsencrypt at /etc/nginx/conf.d (for exemple: docs.conf)

upstream stream-docs {
   server local.ip.adress.here;
}

server {
   server_name docs.yoursite.xyz;

    access_log  /var/log/nginx/docs.access.log;
    error_log   /var/log/nginx/docs.error.log;

    location / {
        proxy_pass      http://stream-docs;
        proxy_redirect default;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $host;
    }
}

2nd) After save push it to SSL with letsencrypt on your Nginx RP

sudo certbot --nginx

3rd) Your .conf file should look like this

upstream stream-docs {
   server local.ip.adress.here;
}

server {
   server_name docs.yoursite.xyz;

    access_log  /var/log/nginx/docs.access.log;
    error_log   /var/log/nginx/docs.error.log;

    location / {
        proxy_pass      http://stream-docs;
        proxy_redirect default;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $host;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/docs.yoursite.xyz/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/docs.yoursite.xyz/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    if ($host = docs.yoursite.xyz) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

   server_name docs.yoursite.xyz;
    listen 80;
    return 404; # managed by Certbot


}

4th) add the commented lines to your .conf file without forgetting to uncomment them (remove the #)

upstream stream-docs {
   server local.ip.adress.here;
}

# map $http_host $this_host {
#    "" $host;
#    default $http_host;
# }

# map $http_x_forwarded_proto $the_scheme {
#     default $http_x_forwarded_proto;
#     "" $scheme;
# }

# map $http_x_forwarded_host $the_host {
#    default $http_x_forwarded_host;
#    "" $this_host;
# }

# map $http_upgrade $proxy_connection {
#  default upgrade;
#  "" close;
# }

server {
   # listen 0.0.0.0:80;
   server_name docs.yoursite.xyz;
   # server_tokens off;

    access_log  /var/log/nginx/docs.access.log;
    error_log   /var/log/nginx/docs.error.log;

    location / {
      #  proxy_set_header Upgrade $http_upgrade;
      # proxy_set_header Connection $proxy_connection;
       # proxy_set_header X-Forwarded-Host $the_host;
       # proxy_set_header X-Forwarded-Proto $the_scheme;
       # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass      http://stream-docs;
        proxy_redirect default;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $host;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/docs.yoursite.xyz/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/docs.yoursite.xyz/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}


server {
    if ($host = docs.yoursite.xyz) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


   server_name docs.yoursite.xyz;
    listen 80;
    return 404; # managed by Certbot


}

5th) Reload Nginx RP

sudo systemctl reload Nginx

Then go to your nextcloud instance as admin. Go to settings → Only Office and add the documentserver adress, no need to use advanced parameters.

For exemple : https:/docs.youradress.xyz/ (don’t forget the / at end)

that’s all Folks

NOTE: The #Manage by Certbot lines must stay commented ofc