Syncing libraries not possible

I have followed the documentation and installed Seafile Server 6.3.2 for Raspberry Pi on Raspbian 9 with Apache and MariaDB. The software is up-to-date. Everything, including the entire web interface, works properly. Moreover, I have installed the Seafile Client on Debian 9. Logging in and viewing as well as modifying libraries works without problems, however syncing a library does not work since the server denies access for some reason.

Client-logs

seafile.log

[08/04/18 23:47:20] seaf-daemon.c(558): starting seafile client 6.1.8
[08/04/18 23:47:20] ../common/mq-mgr.c(60): [mq client] mq cilent is started
[08/04/18 23:47:20] ../common/mq-mgr.c(106): [mq mgr] publish to heartbeat mq: seafile.heartbeat
[08/04/18 23:47:20] seafile-session.c(422): Moving commits for deleted repo a1f46990-88b6-4e17-8b9c-3e7d733e9e4e.
[08/04/18 23:47:20] seafile-session.c(422): Moving fs for deleted repo a1f46990-88b6-4e17-8b9c-3e7d733e9e4e.
[08/04/18 23:47:20] repo-mgr.c(6609): Removing store /home/user/desktop/SF-Test/Seafile/.seafile-data/deleted_store/commits/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e
[08/04/18 23:47:20] repo-mgr.c(6609): Removing store /home/user/desktop/SF-Test/Seafile/.seafile-data/deleted_store/fs/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e
[08/04/18 23:47:30] clone-mgr.c(847): Transition clone state for a1f46990 from [init] to [check server].
[08/04/18 23:47:30] clone-mgr.c(847): Transition clone state for a1f46990 from [check server] to [fetch].
[08/04/18 23:47:30] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'init') --> ('normal', 'check')
[08/04/18 23:47:30] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'check') --> ('normal', 'commit')
[08/04/18 23:47:30] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'commit') --> ('normal', 'fs')
[08/04/18 23:47:30] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'fs') --> ('normal', 'data')
[08/04/18 23:47:30] http-tx-mgr.c(4261): Bad response code for GET https://cloud.MYDOMAIN.com/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a: 403.
[08/04/18 23:47:30] repo-mgr.c(5209): Transfer failed.
[08/04/18 23:47:30] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'data') --> ('error', 'finished')
[08/04/18 23:47:30] clone-mgr.c(864): Transition clone state for a1f46990 from [fetch] to [error]: fetch.
[08/04/18 23:47:30] clone-mgr.c(847): Transition clone state for a1f46990 from [error] to [check server].
[08/04/18 23:47:30] clone-mgr.c(847): Transition clone state for a1f46990 from [check server] to [fetch].
[08/04/18 23:47:30] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'init') --> ('normal', 'check')
[08/04/18 23:47:30] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'check') --> ('normal', 'commit')
[08/04/18 23:47:30] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'commit') --> ('normal', 'fs')
[08/04/18 23:47:30] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'fs') --> ('normal', 'data')
[08/04/18 23:47:31] http-tx-mgr.c(4261): Bad response code for GET https://cloud.MYDOMAIN.com/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a: 403.
[08/04/18 23:47:31] repo-mgr.c(5209): Transfer failed.
[08/04/18 23:47:31] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'data') --> ('error', 'finished')
[08/04/18 23:47:31] clone-mgr.c(864): Transition clone state for a1f46990 from [fetch] to [error]: fetch.
[08/04/18 23:47:35] clone-mgr.c(847): Transition clone state for a1f46990 from [error] to [check server].
[08/04/18 23:47:35] clone-mgr.c(847): Transition clone state for a1f46990 from [check server] to [fetch].
[08/04/18 23:47:35] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'init') --> ('normal', 'check')
[08/04/18 23:47:38] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'check') --> ('normal', 'commit')
[08/04/18 23:47:38] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'commit') --> ('normal', 'fs')
[08/04/18 23:47:38] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'fs') --> ('normal', 'data')
[08/04/18 23:47:38] http-tx-mgr.c(4261): Bad response code for GET https://cloud.MYDOMAIN.com/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a: 403.
[08/04/18 23:47:38] repo-mgr.c(5209): Transfer failed.
[08/04/18 23:47:38] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'data') --> ('error', 'finished')
[08/04/18 23:47:38] clone-mgr.c(864): Transition clone state for a1f46990 from [fetch] to [error]: fetch.
[08/04/18 23:47:40] clone-mgr.c(847): Transition clone state for a1f46990 from [error] to [check server].
[08/04/18 23:47:40] clone-mgr.c(847): Transition clone state for a1f46990 from [check server] to [fetch].
[08/04/18 23:47:40] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'init') --> ('normal', 'check')
[08/04/18 23:47:41] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'check') --> ('normal', 'commit')
[08/04/18 23:47:41] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'commit') --> ('normal', 'fs')
[08/04/18 23:47:41] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'fs') --> ('normal', 'data')
[08/04/18 23:47:41] http-tx-mgr.c(4261): Bad response code for GET https://cloud.MYDOMAIN.com/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a: 403.
[08/04/18 23:47:41] repo-mgr.c(5209): Transfer failed.
[08/04/18 23:47:41] http-tx-mgr.c(1153): Transfer repo 'a1f46990': ('normal', 'data') --> ('error', 'finished')
[08/04/18 23:47:41] clone-mgr.c(864): Transition clone state for a1f46990 from [fetch] to [error]: fetch.
[08/04/18 23:47:41] clone-mgr.c(847): Transition clone state for a1f46990 from [error] to [canceled].

It seems, there is a 403-error for some reason.

Server-logs

gunicorn_access.log

127.0.0.1 - - [04/Aug/2018:21:47:23 +0000] "GET /api2/server-info/ HTTP/1.1" 200 51 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:47:23 +0000] "GET /api2/starredfiles/ HTTP/1.1" 200 2 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:47:23 +0000] "GET /api2/account/info/ HTTP/1.1" 200 136 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:47:23 +0000] "GET /api2/events/ HTTP/1.1" 404 35 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:47:23 +0000] "GET /api2/events/ HTTP/1.1" 404 35 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:47:23 +0000] "GET /api2/repos/ HTTP/1.1" 200 558 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:47:23 +0000] "GET /api2/repos/ HTTP/1.1" 200 558 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:47:23 +0000] "GET /api2/ping/ HTTP/1.1" 200 6 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:47:23 +0000] "GET /api2/avatars/user/test@example.com/resized/80/ HTTP/1.1" 200 85 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:47:29 +0000] "GET /api2/repos/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/download-info/ HTTP/1.1" 200 659 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:50:24 +0000] "GET /api2/ping/ HTTP/1.1" 200 6 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:50:26 +0000] "GET /api2/account/info/ HTTP/1.1" 200 136 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:52:23 +0000] "GET /api2/repos/ HTTP/1.1" 200 558 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:52:23 +0000] "GET /api2/events/ HTTP/1.1" 404 35 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:53:23 +0000] "GET /api2/ping/ HTTP/1.1" 200 6 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:53:23 +0000] "GET /api2/account/info/ HTTP/1.1" 200 136 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:53:24 +0000] "GET /api2/avatars/user/test@example.com/resized/80/ HTTP/1.1" 200 85 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:56:24 +0000] "GET /api2/ping/ HTTP/1.1" 200 6 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:56:24 +0000] "GET /api2/account/info/ HTTP/1.1" 200 136 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:57:23 +0000] "GET /api2/events/ HTTP/1.1" 404 35 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:59:24 +0000] "GET /api2/ping/ HTTP/1.1" 200 6 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:59:24 +0000] "GET /api2/account/info/ HTTP/1.1" 200 136 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:21:59:25 +0000] "GET /api2/avatars/user/test@example.com/resized/80/ HTTP/1.1" 200 85 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:22:00:22 +0000] "GET /api2/repos/ HTTP/1.1" 200 558 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:22:02:23 +0000] "GET /api2/ping/ HTTP/1.1" 200 6 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:22:02:23 +0000] "GET /api2/events/ HTTP/1.1" 404 35 "-" "Mozilla/5.0"
127.0.0.1 - - [04/Aug/2018:22:02:23 +0000] "GET /api2/account/info/ HTTP/1.1" 200 136 "-" "Mozilla/5.0"

seafile.log

[08/04/18 23:46:48] size-sched.c(96): Repo size compute queue size is 0
[08/04/18 23:51:48] size-sched.c(96): Repo size compute queue size is 0
[08/04/18 23:56:48] size-sched.c(96): Repo size compute queue size is 0
[08/05/18 00:01:48] size-sched.c(96): Repo size compute queue size is 0

seahub.log

2018-08-04 21:47:23,801 [WARNING] django.request:152 get_response Not Found: /api2/events/
2018-08-04 21:47:23,813 [WARNING] django.request:152 get_response Not Found: /api2/events/
2018-08-04 21:52:23,634 [WARNING] django.request:152 get_response Not Found: /api2/events/
2018-08-04 21:57:23,262 [WARNING] django.request:152 get_response Not Found: /api2/events/
2018-08-04 22:02:23,709 [WARNING] django.request:152 get_response Not Found: /api2/events/

error.log (Apache)

[Sat Aug 04 23:47:30.545592 2018] [proxy:warn] [pid 9691] AH03408: HTTP: reusable backend connection is not empty: forcibly closed
[Sat Aug 04 23:47:30.748699 2018] [:error] [pid 9691] [client 178.3.82.83:1033] [client 178.3.82.83] ModSecurity: Warning. Match of "rx (?:\\\\x1f\\\\x8b\\\\x08|\\\\b(?:(?:i(?:nterplay|hdr|d3)|m(?:ovi|thd)|r(?:ar!|iff)|(?:ex|jf)if|f(?:lv|ws)|varg|cws)\\\\b|gif)|B(?:%pdf|\\\\.ra)\\\\b)" against "RESPONSE_BODY" required. [file "/usr/share/modsecurity-crs/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf"] [line "111"] [id "953120"] [rev "2"] [msg "PHP source code leakage"] [data "Matched Data: <? found within RESPONSE_BODY: \\xd0\\xcf\\x11\\xe0\\xa1\\xb1\\x1a\\xe1\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00>\\x00\\x03\\x00\\xfe\\xff\\x09\\x00\\x06\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x05\\x00\\x00\\x00F\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x10\\x00\\x00H\\x02\\x00\\x00\\x01\\x00\\x00\\x00\\xfe\\xff\\xff\\xff\\x00\\x00\\x00\\x00A\\x02\\x00\\x00B\\x02\\x00\\x00C\\x02\\x00\\x00D\\x02\\x00\\x00E\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff..."] [severity "ERROR"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-discl [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye8n8AAQEAACXb1mMAAAAJ"]
[Sat Aug 04 23:47:30.788854 2018] [:error] [pid 9691] [client 178.3.82.83:1033] [client 178.3.82.83] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "32"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [tag "anomaly-evaluation"] [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye8n8AAQEAACXb1mMAAAAJ"]
[Sat Aug 04 23:47:30.789808 2018] [:error] [pid 9691] [client 178.3.82.83:1033] [client 178.3.82.83] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf"] [line "82"] [id "980140"] [msg "Outbound Anomaly Score Exceeded (score 4): PHP source code leakage"] [tag "event-correlation"] [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye8n8AAQEAACXb1mMAAAAJ"]
[Sat Aug 04 23:47:31.153528 2018] [:error] [pid 9108] [client 178.3.82.83:1032] [client 178.3.82.83] ModSecurity: Warning. Match of "rx (?:\\\\x1f\\\\x8b\\\\x08|\\\\b(?:(?:i(?:nterplay|hdr|d3)|m(?:ovi|thd)|r(?:ar!|iff)|(?:ex|jf)if|f(?:lv|ws)|varg|cws)\\\\b|gif)|B(?:%pdf|\\\\.ra)\\\\b)" against "RESPONSE_BODY" required. [file "/usr/share/modsecurity-crs/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf"] [line "111"] [id "953120"] [rev "2"] [msg "PHP source code leakage"] [data "Matched Data: <? found within RESPONSE_BODY: \\xd0\\xcf\\x11\\xe0\\xa1\\xb1\\x1a\\xe1\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00>\\x00\\x03\\x00\\xfe\\xff\\x09\\x00\\x06\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x05\\x00\\x00\\x00F\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x10\\x00\\x00H\\x02\\x00\\x00\\x01\\x00\\x00\\x00\\xfe\\xff\\xff\\xff\\x00\\x00\\x00\\x00A\\x02\\x00\\x00B\\x02\\x00\\x00C\\x02\\x00\\x00D\\x02\\x00\\x00E\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff..."] [severity "ERROR"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-discl [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye8n8AAQEAACOUxtYAAAAB"]
[Sat Aug 04 23:47:31.193955 2018] [:error] [pid 9108] [client 178.3.82.83:1032] [client 178.3.82.83] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "32"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [tag "anomaly-evaluation"] [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye8n8AAQEAACOUxtYAAAAB"]
[Sat Aug 04 23:47:31.194884 2018] [:error] [pid 9108] [client 178.3.82.83:1032] [client 178.3.82.83] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf"] [line "82"] [id "980140"] [msg "Outbound Anomaly Score Exceeded (score 4): PHP source code leakage"] [tag "event-correlation"] [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye8n8AAQEAACOUxtYAAAAB"]
[Sat Aug 04 23:47:38.319450 2018] [:error] [pid 9691] [client 178.3.82.83:1033] [client 178.3.82.83] ModSecurity: Warning. Match of "rx (?:\\\\x1f\\\\x8b\\\\x08|\\\\b(?:(?:i(?:nterplay|hdr|d3)|m(?:ovi|thd)|r(?:ar!|iff)|(?:ex|jf)if|f(?:lv|ws)|varg|cws)\\\\b|gif)|B(?:%pdf|\\\\.ra)\\\\b)" against "RESPONSE_BODY" required. [file "/usr/share/modsecurity-crs/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf"] [line "111"] [id "953120"] [rev "2"] [msg "PHP source code leakage"] [data "Matched Data: <? found within RESPONSE_BODY: \\xd0\\xcf\\x11\\xe0\\xa1\\xb1\\x1a\\xe1\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00>\\x00\\x03\\x00\\xfe\\xff\\x09\\x00\\x06\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x05\\x00\\x00\\x00F\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x10\\x00\\x00H\\x02\\x00\\x00\\x01\\x00\\x00\\x00\\xfe\\xff\\xff\\xff\\x00\\x00\\x00\\x00A\\x02\\x00\\x00B\\x02\\x00\\x00C\\x02\\x00\\x00D\\x02\\x00\\x00E\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff..."] [severity "ERROR"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-discl [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye@n8AAQEAACXb1mkAAAAJ"]
[Sat Aug 04 23:47:38.359606 2018] [:error] [pid 9691] [client 178.3.82.83:1033] [client 178.3.82.83] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "32"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [tag "anomaly-evaluation"] [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye@n8AAQEAACXb1mkAAAAJ"]
[Sat Aug 04 23:47:38.360516 2018] [:error] [pid 9691] [client 178.3.82.83:1033] [client 178.3.82.83] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf"] [line "82"] [id "980140"] [msg "Outbound Anomaly Score Exceeded (score 4): PHP source code leakage"] [tag "event-correlation"] [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye@n8AAQEAACXb1mkAAAAJ"]
[Sat Aug 04 23:47:41.390956 2018] [:error] [pid 9108] [client 178.3.82.83:1032] [client 178.3.82.83] ModSecurity: Warning. Match of "rx (?:\\\\x1f\\\\x8b\\\\x08|\\\\b(?:(?:i(?:nterplay|hdr|d3)|m(?:ovi|thd)|r(?:ar!|iff)|(?:ex|jf)if|f(?:lv|ws)|varg|cws)\\\\b|gif)|B(?:%pdf|\\\\.ra)\\\\b)" against "RESPONSE_BODY" required. [file "/usr/share/modsecurity-crs/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf"] [line "111"] [id "953120"] [rev "2"] [msg "PHP source code leakage"] [data "Matched Data: <? found within RESPONSE_BODY: \\xd0\\xcf\\x11\\xe0\\xa1\\xb1\\x1a\\xe1\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00>\\x00\\x03\\x00\\xfe\\xff\\x09\\x00\\x06\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x05\\x00\\x00\\x00F\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x10\\x00\\x00H\\x02\\x00\\x00\\x01\\x00\\x00\\x00\\xfe\\xff\\xff\\xff\\x00\\x00\\x00\\x00A\\x02\\x00\\x00B\\x02\\x00\\x00C\\x02\\x00\\x00D\\x02\\x00\\x00E\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff..."] [severity "ERROR"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-discl [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye-X8AAQEAACOUxtwAAAAB"]
[Sat Aug 04 23:47:41.434866 2018] [:error] [pid 9108] [client 178.3.82.83:1032] [client 178.3.82.83] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "32"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [tag "anomaly-evaluation"] [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye-X8AAQEAACOUxtwAAAAB"]
[Sat Aug 04 23:47:41.435723 2018] [:error] [pid 9108] [client 178.3.82.83:1032] [client 178.3.82.83] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf"] [line "82"] [id "980140"] [msg "Outbound Anomaly Score Exceeded (score 4): PHP source code leakage"] [tag "event-correlation"] [hostname "cloud.MYDOMAIN.com"] [uri "/seafhttp/repo/a1f46990-88b6-4e17-8b9c-3e7d733e9e4e/block/8663a70ef30a5987b440a621483af2044bae1e0a"] [unique_id "W2Ye-X8AAQEAACOUxtwAAAAB"]

Config files

ccnet.conf

[General]
USER_NAME = server
ID = 4f0c7218b322c694d9f2c3759589bebdf18aa3bd
NAME = server
SERVICE_URL = https://cloud.MYDOMAIN.com

[Client]
PORT = 13419

[Database]
ENGINE = mysql
HOST = 127.0.0.1
PORT = 3360
USER = seafile
PASSWD = MYPASSWORD
DB = ccnet-db
CONNECTION_CHARSET = utf8

seahub_settings.py

# -*- coding: utf-8 -*-
SECRET_KEY = "8$dj!v(r2_$c_4#9-p739(ztd0)$!)!31p(u+kzoqn^acae_um"

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'seahub-db',
        'USER': 'seafile',
        'PASSWORD': 'MYPASSWORD',
        'HOST': '127.0.0.1',
        'PORT': '3360'
    }
}

FILE_SERVER_ROOT = 'https://cloud.MYDOMAIN.com/seafhttp'
ALLOWED_HOSTS = ['127.0.0.1', 'localhost']
LOGIN_REMEMBER_DAYS = 30
LOGIN_ATTEMPT_LIMIT = 3
SESSION_EXPIRE_AT_BROWSER_CLOSE = False
TEXT_PREVIEW_EXT = """ac, am, bat, c, cc, cmake, cpp, cs, css, diff, el, h, html,
htm, java, js, json, less, make, org, php, pl, properties, py, rb,
scala, script, sh, sql, txt, text, tex, vi, vim, xhtml, xml, log, csv,
groovy, rst, patch, go"""
ENABLE_THUMBNAIL = True

gunicorn.conf

import os

daemon = True
workers = 5

# default localhost:8000
bind = "0.0.0.0:8000"

# Pid
pids_dir = '/home/user/seafile/pids'
pidfile = os.path.join(pids_dir, 'seahub.pid')

# Logging
logs_dir = '/home/user/seafile/logs'
errorlog = os.path.join(logs_dir, 'gunicorn_error.log')
accesslog = os.path.join(logs_dir, 'gunicorn_access.log')
# for file upload, we need a longer timeout value (default is only 30s, too shor$
timeout = 1200

limit_request_line = 8190

seafile.conf

[fileserver]
port = 8082

[database]
type = mysql
host = 127.0.0.1
port = 3360
user = seafile
password = MYPASSWORD
db_name = seafile-db
connection_charset = utf8

/etc/apache2/sites-available/default-ssl.conf (Apache)

# Certificates etc.....

<VirtualHost *:443>
   ServerName cloud.MYDOMAIN.de
   DocumentRoot /var/www/html
   Alias /media /home/user/seafile/seafile-server-latest/seahub/media

   RewriteEngine On

   <Location /media>
      Require all granted
   </Location>

   ProxyPass /seafhttp http://127.0.0.1:8082
   ProxyPassReverse /seafhttp http://127.0.0.1:8082
   RewriteRule ^/seafhttp - [QSA,L]

   SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
   ProxyPass / http://127.0.0.1:8000/
   ProxyPassReverse / http://127.0.0.1:8000/
</VirtualHost>

I am using dynamic DNS. Port forwarding is enabled for port 80 and port 443. The firewall is configured to allow TCP-connections on port 80 and port 443. I hope someone can help me with this issue.

ModSecurity (apache module) fucked everything up. Don’t setup any “security” stuff as long as you don’t understand the implications.

1 Like

That was it! After disabling mod security, everything works fine. Thank you for your fast help!