Bruteforce handling in 20.0.4.0 does not seem to work

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 18.0.2): 20.0.4.0
Operating system and version (eg, Ubuntu 20.04): Arch linux
Apache or nginx version (eg, Apache 2.4.25): apache 2.4.41
PHP version (eg, 7.1): 7.3.12

The issue you are facing:

It seems the whitelisted IPs are not honoured by bruteforce. At least we have several IPs listed in the bruteforce table that we whitelisted before.

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Whitelist some IPs for bruteforce
  2. check oc_bruteforce_attempts for your whitelisted IP

The output of your Nextcloud log in Admin > Logging:

There is not much logging for this

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

nothing to configure for this

The output of your Apache/nginx/system log in /var/log/____:

apache has really nothing to do with the problem