Urgent: Nextcry ransomware

A recently disocever bug, CVE-2019-11043 opens the door for a newly identified ransomware named "Nextcry". If you configured your Nextcloud to run on nginx as reverse proxy (as I have done) you could be affected. Update php-fpm NOW.

Mitigation

On this Nextcloud page you find instructions how to mitigate the issue. I post it here as personal mirror

You need two changes in your nginx.conf:

Becomes


And

Becomes (Add $try_files $fastcgi_script_name =404;)


Here I post my configuration, that is slightly modified as I run currently on FreeBSD.

Backups!

And a kind reminder, that the only viable protection against Ransomware are occurring offline backups on separate media. I burn my backups still on Blue-Rays, as this is the only fool-proof way of protecting your data against software threads like Ransomware or stupid user errors.

Leave a Comment