The brute force protection really needs an improvement in functionality. If you install a new nextcloud instance and/or change passwords the block list is filled up within seconds if you got many aktive clients in the environment. Thatās very annoying and it is no fun to always delete the blocked IPs manually.
A positive example is the simple but effective GUI of Fail2ban , which handles all following tasks:
I know this app, but itās functionality is not is not sufficient. IMHO the functionality I have mentioned above should be directly implemented in the Nextcloud configuration.