30 sec. to wait before login since update 10.0

Hi all,

I have updated today my nextcloud to 10.0 Stable from 9.53 Stable. Everything got OK but a problem came :

When I log in on Firefox (same thing for Chrome), I have to wait 30 sec before files page appears. I hadn’t this problem before. I think it appeared when I have created some applications passwords I have deleted after.
Now, I have deleted all the password for applications, but the 30 seconds remain…
This is my access.log

[25/Aug/2016:18:19:31 +0200] “POST /index.php/login HTTP/1.1” 303 922 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0”
[25/Aug/2016:18:20:02 +0200] “GET /index.php/apps/files/ HTTP/1.1” 200 6639 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0”

[25/Aug/2016:17:31:26 +0200] “POST /index.php/login HTTP/1.1” 303 922 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0”
[25/Aug/2016:17:31:57 +0200] “GET /index.php/apps/files/ HTTP/1.1” 200 6639 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0”

Ideas to remove this issue ?? Thanks a lot !

EDIT : I have cut down my wifi and my cellphone had quick access to the server. So I think my IP was blocked because server think I try to bruteforce or something else. How can we control the blocked IPS and remove them ?

Hi,

I think I have just run into exactly the same problem. In a few minutes, I changed my main passwords and created several application-specific passwords, but some of my clients attempted to connect to my server before I had the time to update their configuration with the new passwords. It was enough to have my IP flagged as a brute-forcing attacker, resulting in the same delay that you have noticed.

As far as I can tell, there is (for now) no way to modify or even access the list of flagged IPs from the administration interface. So what I did was to delete my IP directly from the SQL database:

DELETE FROM oc_bruteforce_attempts WHERE ip = ‘aaa.bbb.ccc.ddd’;

After that, all my clients could connect without any delay.

3 Likes

Thank you very much, it works perfectly ! Glad to see there is a good anti-bruteforcing system, but some extra options would be nice to configure and repair some mistakes :wink:
Thanks again anyway, you saved my life :wink:

I hope, the brute-force protection will get a reset-button for blocked IP-adresses. :slight_smile:

1 Like

Second the need for a reset-button, I had to go into mysql to delete the ip as above. For posterity’s sake, if anyone encounters ‘Server took too long to respond’ on the Android app, it might be that bruteforce protection is locking you out.

Thanks it worked for me as well.But I have a query that all my users are using via a single NAT IP ,then in that case what anyone user changes his/her password will make rest users unable to log-in.
Is there any process where it automatically detects correct user credentials before log-in instead of marking it as brute-force attacks.

This solution working for me; add this line to the config.php, and reboot the system:

'auth.bruteforce.protection.enabled' => false,
2 Likes

Specially when running behind proxy. Took me an hour of hair pulling.

The other question is how in that case fight with bruteforce attacks? Since the only ip accessing the server is proxy server.

Maybe it could be blocked per user instead of IP.

Worked for me as well :slight_smile: i am also behind a reverse proxy and the ip was from the proxy :frowning:

If there only would be a configuration flag for that and Nextcloud would get the proper IP. :wink:

1 Like

Hey LukasReschke yup i saw this and configured it after i deleted the bruteforce entries :slight_smile: so from now on it should be fine^^

Thx a lot

I’ve got my Android client working with my new Nextcloud Box. It was returning “Server took too long to respond” but it is at least connecting now.

I find that using my cell data connection is faster than the WiFi connection on my LAN. I suspect I’m getting the same sort of problem described here?

If I understand correctly I can put this ‘trusted_proxies’ line in my config.php file and it might fix this. Would I use my local IP address for my phone at the moment or the one assigned by my ISP for the router as seen by the outside?