11.0.2 incredibly slow login

it seems to me, that the X-Forwarded-For is not used as intended.
I have in the oc_bruteforce_attempts table always the proxy ip.

i have tested the forwarded-for setting of the proxy with a little php script where i get my real ip on HTTP_X_FORWARDED_FOR

(I’m on nextlcoud 11.0.3)
Someone else can reproduce the same behavior?

am I missing a setting?


“DELETE FROM oc_bruteforce_attempts”

Danke! My nextcloud setup had suddenly gotten very slow after making some config changes (namely adding memcache), and I was getting another unrelated error to confuse the issue, defintiey stinks to suddenly have everything slow to a crawl for no apparent reason, but then again, it’s nice to know that protection is there, and now I know a little more about nextcloud internals. (this is 11.0.2)

A post was split to a new topic: Expired password and bruteforce detection

I had the same problem and solved it with the SQL statement

DELETE FROM xyz_bruteforce_attempts

Thanks a lot.

This worked. THANK YOU! Saved me a huge headache.

Thanks this speeded up my nextcloud instances allot!

Would be best if this issue is reported here actually:


I just registered to report that this bug still exists in Nextcloud 13.0.2 and that the remedy is still the same.
In my case logging in lasted over a minute, and the Linux Nextcloud client couldn’t even connect (probably because of a timeout).

You are sure it is the same bug. Check the related github issues and open a new one if you still can reproduce this error. I’m closing this (answers to such old topics mostly get no attention).