The brute force protection really needs an improvement in functionality. If you install a new nextcloud instance and/or change passwords the block list is filled up within seconds if you got many aktive clients in the environment. That’s very annoying and it is no fun to always delete the blocked IPs manually.
A positive example is the simple but effective GUI of Fail2ban , which handles all following tasks:
- Option to disable brute force protection
- Option to look up blocked clients/IPs
- Option to whitelist blocked clients/IPs
- Option to clear the all blocked clients/IPs