Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ninja-forms domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the simple-custom-post-order domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-mail-logging domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the health-check domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the updraftplus domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rocket domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114 Nextcloud 17 brings remote wipe, collaborative text editor and next generation secure watermarking - NextcloudSkip to main content
Welcome to Nextcloud 17! This release brings major new improvements, especially around security and team collaboration. You can go get the update or read on to find out what is new!
Remote wipe allows users and administrators to forcibly clean files from remote devices, for example in case they are stolen. The video shows how easy it is to clean devices when you need to!
📝 Nextcloud Text
Introducing Nextcloud Text, our new distraction-free, collaborative rich text editor. You can see how Text makes working with others easier than ever in the video.
🔒 Secure view
This release comes with improvements to secure view like enforceable document watermarks based on tags, groups, type of share and other properties. Watch the video to learn more!
And much more, including:
🔐 Setup two-factor authentication after first login, admins can create one-time login tokens in the web UI and delegate this to group admins
📧 Secure mailbox in Outlook Add-in
👥 LDAP write support makes it possible to manage users from Nextcloud
💽 S3 versioning support, IBM Spectrum Scale integration and Global Scale with Collabora Online
note that we roll out new versions incrementally and usually wait a few weeks before we do so. This helps us catch any problems before it impacts too many users! If you wait for the updater to notify you, it can take some weeks. If you don’t want to wait, you can switch to the Beta channel, refresh the page, update to 17, and switch back!
Remote wipe
A major new feature in Nextcloud 17 is remote wipe. While many companies have Mobile Device Management, thanks to built-in support, remote wipe will work on systems not under management of the company. This is useful for home users but also large universities and of course in a scenario where guest accounts were handed to a third party. If you permit downloading of documents by the third party, you can wipe the documents from their devices when the the collaboration has ended.
Remote wipe can be used on a per-device basis by users and on a per-user base by the administrator.
Remote wipe as a user, per device
Remote wipe as admin, per user
Nextcloud Text
There are many moments when a light-weight, distraction-free text editor is the perfect solution for the task. Note taking, writing down thoughts or brainstorming a little don’t require advanced editors with thousands of features. Nextcloud Text is an integrated, collaborative markdown-based text editor and ships as part of Nextcloud 17. Compared to the test version we made available for Nextcloud 16, this version has much improved reliability and introduces plain text editing with syntax highlighting for code.
Learn how Nextcloud Text and Talk facilitate collaboration in this video.
Nextcloud text in short:
Markdown-based
Simple, efficient interface
Any number of collaborators
Support for bullets, headers, bold, italics, images and strike-through
Sidebar with sharing, comments, versions, video chat and activity
Plain text editing with syntax highlighting for many supported file formats
Last December, Nextcloud 15 introduced the Hide Download menu option. Since then this feature was used to provide secure view functionality in Collabora Online and ONLYOFFICE. With Nextcloud 17, our secure view feature was expanded with admin settings for watermarked text to enforce watermarks on:
public shares: option for all/read-only shares/hide download/tagged with (select a tag, for workflow integration)
internal shares: option for all/read-only/no reshare/tagged with (select a tag, for workflow integration)
Note that the full range of options requires Collabora Online 4.1. For older versions only the ‘all’ option works. ONLYOFFICE supports all these new capabilities as of today.
With secure view, our online office solutions can be configured to open PDF files, images and text files, making these files available in a watermark-protected way, while downloads and other apps are disabled using File Access Control. This setup is useful when data has to be protected from leaking but still has to be made available for review, like in a virtual data room scenario.
Watch a video of watermarking and our new secure mailbox below!
Configuring Secure View in Collabora
Setting a ‘confidential’ tag
Secure view watermarked file
Secure mailbox for Outlook
The Outlook Add-in introduces the secure mailbox feature. This feature protects the contents (body) of email from interception by providing the recipient with a notification that a new email was received. The recipient then has to log in on their (guest) account to access the email and its attachments.
In combination with the READ.me app, the body of the email is shown on top of the file attachments. Each email is a folder, linked to in the email notification.
Watch our secure mailbox in action in the last minute of the video below.
Writing an email
Attaching files, enabling Secure Mailbox
Email as it will be sent to recipient
Recipient view in Secure Mailbox in Nextcloud
The example above sends the link and password to the recipient by email. The user can take out the password and send it through another channel. Alternatively, when a guest account is set up for the recipient, the Outlook add-in will detect this and instead share the message to the guest account and include an internal link in the email. The recipient will have to log into their guest account to access the email.
You might be familiar with this feature from banks, insurance, realtors and other organizations dealing with sensitive data. Protecting the content from emails from leaking is very hard and with the Secure Mailbox for Outlook feature, Nextcloud offers an integrated solution.
Two-factor authentication improvements
Two-factor authentication is very important to protect the security of Nextcloud accounts. Administrators can enforce the use of two-factor authentication and offer a number of options to users.
Nextcloud 17 introduces:
Ability for users to setup 2FA after the first login it was enabled or enforced
New Administrator settings:
Administrator can create one-time-login tokens for users who forgot or broke their second factor solution
Administrator can delegate the ability to create one-time-login tokens to group administrators
Nextcloud offers the following ‘second factor’ options, any number of which can be enabled by the system administrator and used to validate the login of a user:
Time-based One-Time Password (TOTP, including Google Authenticator or similar apps
Universal 2nd Factor hardware tokens (U2F, like Yubikeys or Nitrokeys, also supports NFC)
Gateways: SMS, secure messaging apps Telegram, Signal and more
Notification (just click to approve login on an existing device like a phone)
User backup code (user has to generate these in advance and store them in a safe location)
Administrator backup code (creating those can be delegated to group admins)
Active user sessions can be invalidated through a list, by removing the user in the admin settings or by changing passwords. Users can manage their own sessions and devices. Remote wipe is available from that same screen.
2FA enforcement settings, enforcing for guest users
2FA setup on first login
one-time login token creation
Security hardenings
Security is very important to Nextcloud users, and thus a core focus for the Nextcloud team. Every release comes with many improvements, and this is no different. These include:
A new feature policy header
Stricter CSP
Suspicious login improvements
At the Nextcloud Conference, Nextcloud GmbH also announced a doubling of its security bug bounties to USD 10.000. This means an even larger incentive for security experts to find and responsibly report security problems to Nextcloud’s capable and responsive security team.
Performance, scalability and storage integration: IBM Spectrum Scale, Global Scale and S3.
This release delivers a number of improvements in the area of performance, scalability and storage integration.
Real time document collaboration with Global Scale
This release expands the capabilities of our unique Global Scale architecture to Collabora Online. Global Scale is designed to enable some of our largest customers to run a single Nextcloud instance with tens of millions of users. Collabora Online GS integration allows these users to seamlessly collaborate with each other on office documents.
Global Scale has been in production since 2017 in a commercial setup for tens of millions of users across 4 continents. Several other customers have deployed or began experimenting with Global Scale in the last years. Thanks to the new integration, Collabora Online installations at multi-million user scale are now set to roll out.
For smaller deployments, these changes are also relevant: users can now collaboratively edit documents across private Nextcloud servers!
In collaboration with IBM, Nextcloud 17 introduces IBM Spectrum Scale integration.
IBM Spectrum Scale is a high-performance file system for managing data with the distinctive ability to perform analytics in place with comprehensive support for data access protocols including POSIX, NFS, SMB, HDFS and S3/Object. It can provide a single namespace for all this data, offering a single point of management with an intuitive graphical user interface. IBM Spectrum Scale offers high scalability, high availability, automated data management and reliability with no single point of failure in large file storage infrastructure.
On request of several major research organizations and universities, Nextcloud and IBM developed this integration between IBM’s Spectrum Scale and the Nextcloud storage layer. A white paper with more details can be found on the IBM website. An example use case would be when a research institute has a large storage system where research data is written to by scientific tools. Thanks to this integration, this data can be made available real time through Nextcloud and manipulated without the risk of accessing outdated information.
Nextcloud 17 introduces S3 versioning support which allows a Nextcloud server to use the native versioning of S3 rather than its own. This allows a system administrator to manage versions using native S3 tools but, when used with S3 as external storage, also improves compatibility with other applications which access the same data. Nextcloud will then be able to recognize versions created by these other applications, and vice versa.
More responsive web interface and decreased server load
In every release, Nextcloud improves in performance and responsiveness of its user interface. For this release:
We have significantly reduced the number of requests to the server on page loads
We do more streaming when writing to storage
A new event dispatcher interface does simpler linking and more lazy loading
An initial state manager makes some pages feel more instant since it saves the initial ajax call to the backend
This should help decrease server load and improve the snappiness of the web interface.
Nextcloud Talk
With this Nextcloud version comes again a release of Nextcloud Talk. This release delivers the following improvements:
🛎 Lobby for webinars
🔗 Chats and calls on public shares
👤 Guest mentions
💬 Improved chat loading
🎙 Added a voice level indicator and notify the user when they speak while they are muted
➕ And much more!
Client releases!
We also recently made available releases of our Android, iOS and desktop clients!
Note that the Android client will have FIDO2 support, which was developed in collaboration with Nitrokey and Cotech. Learn more in the blog by Cotech!
Even more
There is much more new and improved in this Nextcloud release. For example, we have a systems overview in the admin settings which shows system package versions to help the admin administer their system. Our monitoring view was overhauled and looks much nicer. Much work was also done in the area of usability and performance. Best check it out for yourself!
“When we have welcoming communities of contributors, open source software gets better and more useful to everyone.” Limor Fried, Electrical Engineer, Inventor and Founder of open-source hardware company Adafruit We believe in this ideal and love to work with our community. We are always looking to involve more people in Nextcloud, bringing in their ideas, […]
When cables are cut, sanctions are put in place or privacy legislation prohibits the use of the service your entire organization depends on, what can you do? Amidst geo-political changes, organizations face dependencies on large, centralized communication platforms. A major example of this is the SaaS-only communication platform Microsoft Teams. It is the only solution […]
Nextcloud, a leading provider of open-source collaboration software has partnered with epiKshare to deliver Nextcloud One — a fully managed, secure and compliant cloud solution hosted in Germany.
The Nextcloud Conference is not your average event - it's a community meetup that brings together Nextcloud enthusiasts, contributors, developers, users and industry experts from all over the world.
We save some cookies to count visitors and make the site easier to use. This doesn't leave our server and isn't to track you personally!
See our Privacy Policy for more information. Customize
Statistics cookies collect information anonymously and help us understand how our visitors use our website. We use cloud-hosted Matomo
Matomo
_pk_ses*: Counts the first visit of the user
_pk_id*: Helps not to double count the visits.
mtm_cookie_consent: Remembers that consent for storing and using cookies was given by the user.
_pk_ses*: 30 minutes
_pk_id*: 28 days
mtm_cookie_consent: 30 days