I did a deeper firewall test on my fresh installed OpenWRT Router and activated a “Ads Blacklist” after this my owncloud Share Login loops!
Result:
- Seems that some IP’s of the “Update Check Tool” Servers, which is installed inside the PHP-Kit is blacklisted.
- So it seems the Code calls home! With this option its possible to count and collect IPs of Setups! Perhaps checkout unpatched Versions!
- I didn’t check deeper, but the behavior was clear without viewing the codes.
After publish this Info via Twitter:
REMARKS:
- No Company / Developer works for “free”
- After Setup of PHP-Kits do a IP Firewall Traffic checkout
- If you don’t need the PHP Kit reachable via Internet block the IP Device at your Router from Internet Access!
- Prefer Standard Tools like SFTP/SCP with Key Auth to transfer Files, less unsecure cause only one application active!!
- PHP Kits Logins can often be scanned by Search Indexes by “Search by Title” of the Login Webinterface!!
For me i decided to purge the package and use System Standard Tool “SFTP with SSH Key Auth” and on my Phone a Totalcommander with SFTP Plugin!