I’m having exactly the same problem on a new install. I’m also using docker and nginx. This happened on my first attempt to log in. However, if I use a VPN I can log in.
A couple hours later it seems to be working again.
Hopefully the issue doesn’t come back.
Exactly the same problem, newest nextcloud release, jails (FreeNAS), nginx.
Somebody know how to fix this?
Mine is still not working the next day. But after 12 hours… it seems to work. This, however, does require a more efficient solution than waiting 12 hours. Looking forward to updates.
Same here, not attached to a specific account, get the same answers for all accounts. Works when using a VPN.
Maybe there is an option somewhere, where we can clear an IP address from this probable security feature.
Same here.
I was able to login using local IP address without https.
After it was possible to login using domain name.
Same here, running nextcloud behind an nginx and after a fresh install.
Solved it by loggin in directly to the http ip of my nextcloud vm and after that, whitelisting my local home ip range under security settings --> Brute-Force IP-Whitelist.
Only a workaround, but fixed it for the moment.
Hi,
I had the same issue, the same erratic behaviour, and then when I looked through the configuration, I noticed that my apache server was listening on both port 80 and 443, which shouldn’t be the case for nextcloud install.
When I disabled port 80 for nextcloud, all was good again, and it was stable.
Try that and and if it works, we can suggest it a documentation update.
-G
Hi All, Any luck with the root of the issue, I’m in the same boat
Same problem here, only for 1 user and only from the android client (either from wifi or cellular network).
Nothing relevant in the log file.
Also seeing this on an iOS device, but not Android (or browser based though I’ve not seen anyone complain about this from a browser). If it makes any difference, I am using the Linuxserverio docker image and running NC 20.0.4.
I’m not quite sure what to look for in the logs, but the first seemingly related one looks like this:
[core] Warning: Login failed: '<user>' (Remote IP: '<ip>')
PROPFIND /remote.php/webdav
from <ip> at <date-time>
A couple of those follow by a bunch of:
PUT /remote.php/webdav/<...>
Which l think all correspond to an attempt to upload some photos (manually).
No security or setup warnings in the admin overview.
Has anyone managed to figure out what this is yet or how to work around it before a fix arrives?
3 Likes
Hi all,
I was having the same issue and I believe that it’s because I changed my user password in admin panel and did not update the android app login. I was having repeatedly failed login attempts.
I was able to get rid of the error message by deleting the content of the table "oc_bruteforce_attempts " on nextcloud database.
DELETE FROM nextcloud.oc_bruteforce_attempts
You can put a where clause and limit it by IP so that only your login attempts are deleted:
DELETE FROM nextcloud.oc_bruteforce_attempts WHERE ip ="X.X.X.X";
12 Likes
This solved it for me. thanks!
1 Like
My guess the problem is, that after a password change, some app (in my case - android client) bursts attempts to login with the old password, which looks like a brute-force attack for the server, which locks out the IP.
It was no -docker situation. If it is like I think, a bug should be registered.
Deleting records in oc_bruteforce_attempts from database fixes it (untill next password change?). Thanks @jotatr.
FWIW there looks to be a new occ command in NC20 to address this without having to jump into sql commands:
security:bruteforce:reset
For the Linuxserverio docker, you’d want to bash into the container:
docker exec -it <container-name> bash
and run the command something like this:
sudo -u abc php /config/www/nextcloud/occ security:bruteforce:reset <ip>
I haven’t been able to confirm if this fixed it yet as the person who was affected by this uninstalled the app and hasn’t yet reinstalled, but I thought I would follow up with this method in case anyone else might find it simpler.
8 Likes
How did you solved ? We do not need know that you already solved or not. We need to know how did you solved
Same issue here. I think caused by the latest Android app update. It kept trying to tell me to “Grant Access” even though I’ve used the app on that device for months now. But, even trying web access from my laptop gave the same error so I had initially ruled that out.
The clues and solution found by @Da01W6hwz proved helpful to me with one nuance I think worth mentioning. In my case, the IP address was 127.0.01 which at first didn’t make sense to me. Then I remembered that my nextcloud is running on apache behind an nginx reverse proxy on the same host. So, all requests appear to come from the localhost regardless of where or what device they actually originated. Hope this helps someone.
1 Like
I deleted everything in the oc_bruteforce_attempts table and now it works.
Was there anything in that table that I maybe should not have deleted?
2 Likes
thanks this helped me with this problem
On a snap install,
sudo /snap/bin/nextcloud.occ security:bruteforce:reset 127.0.0.1
solved the issue (culprit was also the nextcloud smartphone app, after a password change).
6 Likes