Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-mail-logging domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the health-check domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ninja-forms domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the updraftplus domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rocket domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114 Nextcloud 11 sets new standard for security and scalability - NextcloudSkip to main content
We’re proud to release a huge milestone: Nextcloud 11, delivering a wide range of security and scalability improvements with a number of important features on top. This release provides you the most secure solution for keeping your data under control we’ve delivered yet.
A video showing many of the small refinements in this release
This release introduces significant security improvements, attested by NCC Group, a global expert in cyber security and risk mitigation to “complement the existing security architecture” and “enhance the general standing of the security working environment.”
New security capabilities include:
Support for cutting edge browser security features CSP 3.0 and Same-site Cookies
Support for Kerberos authentication and Two-factor Authentication providers based on Universal 2nd Factor and Time-based One-Time Password
Expanded brute force protection to all API access points
More secure Federation through use of SSL/TLS
Our new app store automatically checks apps and enforces signatures
Scalability is a prime concern among our large enterprise customers. This release decreases database load by up to 80% and improves response time by up to 60% for common server operations. Combined with multi-bucket Object Store support, improved handling of previews and Collabora Online speed improvements Nextcloud 11 enables scaling to greater numbers of users and files, decreases the server load and improves the user experience.
Nextcloud 11 introduces Apache Solr powered Full Text Search, enabling users to find words or phrases in text, pdf and common office documents on internal, external, shared and encrypted storage. The next generation Federation technology introduces a central lookup server, enabling Nextcloud users to find each other irrespective of the server their account resides on. The experimental Spreed app integrates secure, peer to peer audio and video chat in Nextcloud.
Read on for more details on these features.
Security
For Nextcloud 11, security has been a prime concern. Privacy and control over data mean little if security is not in order. Nextcloud 11 introduces a series of new security capabilities and hardening, delivering security following the latest industry standards and enabling administrators to opt in to further measures.
This release includes Two factor authentication support for Universal 2nd Factor (Yubikey and compatible) and Time-based One-Time Password (Google Authenticator and compatible)
Support for Kerberos authentication
Password confirmation for sensitive actions
HTTPS by default for federation
Password reset logic auto-invalidates after changing mail address
Improved brute force protection on more endpoints
CSP 3.0 protection and Same-site Cookies Support improvements
App specific tokens can be forbidden file system access
Our Collabora Online integration app has several security hardenings
Our new app store automatically checks apps and enforces signatures
NCC Group, a global expert in cyber security and risk mitigation, reviewed the addition of these features and noted they “enrich the security layers with minimum impact on the user” and are developed using industry standard security processes (assessed against ISO27001 clause 14 controls). Read more and download their independent security assurance on our website and learn more details about the new features in our blog on security in Nextcloud 11.
App store in action
New app store
Given some security related incidents with the old app store like this and this, security of Nextcloud systems benefits from a move to our new app store on apps.nextcloud.com. The new app store integrates an automatic check on uploaded apps, ensuring a significant proportion of scam and spam attempts is blocked before even making it to the store. Vetted developers have to sign their app with a private key, signed in turn by the Nextcloud Code Signing Authority which ensures even a successful compromise of an app store account can not result in malicious apps being uploaded to user systems.
Scalability and efficient operation are key capabilities sought after by system administrators. Nextcloud 11 introduces changes which result in decreased database load and faster execution of common operations known to cause significant load on large instances.
Typical Nextcloud instances should benefit from up to 80% less database queries and 60% faster execution of checks for changes (“propfind“) as done by the Nextcloud clients. This operation is often accounting for over 95% of the load on big installations. With database usage often a major limiting factor in scaling up this should result in significant decreases in load and a subsequent increase in capacity for Nextcloud servers. Syncing small files also benefits with up to 60% faster transfer of small files.
To make Nextcloud systems with object storage more scalable, this release introduces a multi bucket object store. Not all s3/swift implementations like having multiple million objects in a bucket, so Nextcloud 11 will create a bucket per user, helping with storage performance on large installations.
Thanks to improvements in the integration with Collabora Online, startup time has been improved in Nextcloud 11 and users will now be able to enjoy their online office suite faster than ever!
Last but not least, large folders will load considerably faster while thumbnails are handled far more efficiently as well as now shared between users, saving significant resources on instances where many users share the same set of files.
Nextcloud 11 introduces full text search with the optional Nextant search application. Using Apache Solr, Nextant indexes the content of:
User files
Shared files
Federated cloud shares
External storage
Server-side encrypted storage
Bookmarks
It recognizes plain text, rtf, pdf, jpeg & tiff, html, LibreOffice and Microsoft Office file formats. System administrators can opt to use a standalone Solr or use Solr as a Service for a more scalable solution. Learn more about full text search in Nextcloud 11 in our blog.
Next level of Federation
Federated Cloud Sharing enables users to share files between Nextcloud servers. Nextcloud 11 introduces an optional, global ‘address book’ to search for other Nextcloud users to share data with. In the personal settings, users can op to share certain data like country of residence or social media accounts which can be used by friends to identify them for file sharing.
Nextcloud will operate the lookup server and we are looking into distributing this task, creating a fully decentralized network.
Nextcloud 11 brings Spreed audio and video chat integrated in the user interface. The Spreed allows you to invite any of your friends and colleagues on your Nextcloud server for a call and also allows sending a public link to people who don’t have an account yet. Users will get a notification if they are receiving a call. Up to six users can join a conversation.
Spreed for Nextcloud 11 is still under heavy development and considered a technology preview. While the app is largely stable there are a lot of features we’d still like to add and cross-browser and cross-device compatibility improvements are a work in progress.
Delivering a great user experience has always been a central goal for the Nextcloud team and this release makes significant strides in this area. File handling was improved with move actions for files and folders as well as a easy way to share the current folder and share files and folders by mail. Thanks to a database update, we can handle emoticons in file names without breaking their synchronization on servers using MySQL.
The updater has seen a rewrite with a new approach aiming for reliability and stand alone functionality so a break anywhere in Nextcloud won’t impact the updater.
The Contacts and Calendar apps also have seen a number of improvements, most notably by introducing public sharing links in the Calendar and improved contacts import in the Contacts app.
The packages for Nextcloud 11 are building and will be available in the next hour or so.
If you would like to update, you can do so by downloading the zip file on our download page and following the manual upgrade instructions or wait for 2-3 weeks until we make the new release available in the Nextcloud Updater app. If you prefer to update now already using the easy to use Updater app, you can set the release channel to beta this will give you Nextcloud 11 final. Be sure to set it back to stable after the upgrade is done!
“When we have welcoming communities of contributors, open source software gets better and more useful to everyone.” Limor Fried, Electrical Engineer, Inventor and Founder of open-source hardware company Adafruit We believe in this ideal and love to work with our community. We are always looking to involve more people in Nextcloud, bringing in their ideas, […]
When cables are cut, sanctions are put in place or privacy legislation prohibits the use of the service your entire organization depends on, what can you do? Amidst geo-political changes, organizations face dependencies on large, centralized communication platforms. A major example of this is the SaaS-only communication platform Microsoft Teams. It is the only solution […]
In Nextcloud Hub 8, we introduced interactive widgets, a completely new mechanic that lets you share, access and interact with items from various apps in a compact widget format throughout your platform.
We save some cookies to count visitors and make the site easier to use. This doesn't leave our server and isn't to track you personally!
See our Privacy Policy for more information. Customize
Statistics cookies collect information anonymously and help us understand how our visitors use our website. We use cloud-hosted Matomo
Matomo
_pk_ses*: Counts the first visit of the user
_pk_id*: Helps not to double count the visits.
mtm_cookie_consent: Remembers that consent for storing and using cookies was given by the user.
_pk_ses*: 30 minutes
_pk_id*: 28 days
mtm_cookie_consent: 30 days