Brute force protection needs Improvements

The brute force protection really needs an improvement in functionality. If you install a new nextcloud instance and/or change passwords the block list is filled up within seconds if you got many aktive clients in the environment. Thatā€™s very annoying and it is no fun to always delete the blocked IPs manually.
A positive example is the simple but effective GUI of Fail2ban , which handles all following tasks:

  • Option to disable brute force protection
  • Option to look up blocked clients/IPs
  • Option to whitelist blocked clients/IPs
  • Option to clear the all blocked clients/IPs
4 Likes

There is an option to whitelist IPs. You need to download the Brute-force settings app for that.
bruteforcesettings

1 Like

I know this app, but itā€™s functionality is not is not sufficient. IMHO the functionality I have mentioned above should be directly implemented in the Nextcloud configuration.

I totally agree. This security app is essential but unfortunately missing basic functions.

Iā€™m in the same situation. The manual solution is a pain in where you donā€™t want any painā€¦

  • How to manually do this:
    Connect to your mysql then
    use nextcloud
    DELETE FROM oc_bruteforce_attempts WHERE ip = ā€˜x.x.x.xā€™;

There is an open issue on github: Delete IP from oc_bruteforce_attempts via occ command Ā· Issue #3058 Ā· nextcloud/server Ā· GitHub

But it seems sadly dead from end 2017.

Even more sadly Iā€™m too incompetent to code or to helpā€¦

2 Likes
1 Like

This is a very useful App, thanks.

Would be great if the App would list blocked IPs and offer unblocking.