Block Login Attempts with App

💻 Development app dev
1

Hi,

with the Geoblocker App I want to block login attempts from defined countries.
I could imagine that this could work (this example is blocking all login attempts):

$callback_post_login = function (\OC\User\User $user, string $password) {
    $this->userSession->logout();
};
$this->userSession->listen('\OC\User', 'postLogin', $callback_post_login);

Is this the desired way to block a login attempt? Is this safe, so that it cannot be circumvented by an attacker?

Best

1 Like
2

Your best bet would be to have an (iptables) firewall that simply blocks connections from certain IP ranges. This will be the best solution, because it would block all connections on all ports.

3

Sure, an admin can configure it this way on the Nextcloud host and it has several advantages. But the App should provide this option within Nextcloud, too.

1 Like