Issues after update to NC 27.1.2: IP is currently being throttled by bruteforce

ℹ️ Support
1

Hi community,

After updating my NC to version 27.1.2 i see the following issue in the administration → overview

Your remote address has been identified as Public-IPV6-of-my-laptop- and is currently being throttled by bruteforce. which slows down the speed of various requests. If the remote address is not your address, it may be an indication that a proxy is not configured correctly. For more information,

:dizzy_face:
Looking at the linked documentation page under this error-message, all I see are information regarding reverse-proxies. Thats useless for me, as I my NC is not behind a reverse proxy or something similar. Also my laptop, is not proxied. Another point is that my Public IPV6 changes regulary of course,…
:hushed:
On the previuous version I was running before (don’t remember the version, it was some V27 as well) I did not face this issue. The server itself has not been modified in any way.

So whats that ??? I would be very very thankfull for a hint regarding this and how I can solve this.

Thank you in advance :upside_down_face:

2 Likes
2

I have solved this for now by adding my IPV6 (scope global dynamic mngtmpaddr) into NC on administration → security → Brute-Force IP-Whitelist.

But that is not acceptable. It just cannot be that I need to modify this each and every time the inet-provider changes my home IPV6 :see_no_evil:

Beside this, I am asking myself why NC “thinks” that my IP does a brute force :thinking:

And still I am totally sure here nothing proxied at all :point_up:

3 Likes
3

Interestingly, we are experiencing very similar behaviour. However, we don’t have the brute force app installed, so no way to add IP to the white-list.

In our case the problem started with NC container relocation (different network segment, no proxy thou).

All I’m getting is:

Your remote address was identified as “10.x.x.x” and is bruteforce throttled at the moment slowing down the performance of various requests. If the remote address is not your address this can be an indication that a proxy is not configured correctly. Further information can be found in the documentation :arrow_upper_right:.

NC 27.1.2
Debian 12
PHP 8.2
Apache2 2.4.57

4

Thank you! You helped me to resolve it.
Yes, indeed this is weird.
My issue started when I allowed HTTP2 on my webserver and then I saw it was that error. I disabled it but the problem remained. I spent an entire afternoon trying to solve it. Thank you.

1 Like
5

Hey.

I had the same problem after upgrading NC in a Docker container to Nextcloud 27.1.3.2.

After that it seems as if I had produced one failed login try with a wrong password - this had triggered the error text above in my case!


Solution (for me):
So, I did some research and came up with Nextcloud’s occ command-line interface, which can handle a security:bruteforce:reset.

From outside the Docker container the fixing command looks like this:

docker exec -u www-data [nextcloud-container-name] php /var/www/html/occ security:bruteforce:reset [Public-IPV6-of-your-laptop]

On a NC host itself, the command should look something like this:

sudo -u www-data php /var/www/html/occ security:bruteforce:reset [Public-IPV6-of-your-laptop]

Good luck to you all :nerd_face:

3 Likes
6

Facing the same problem on a fresh new install. I can confirm that I did a wrong log-in with admin account (but cannot guarantee that it is due to that), and I have no proxy settings

1 Like
7

I think, this issue is not about any reverse proxies or not. I think, the error message is missleading.

I hope, resetting this security:bruteforce thing helps you anyway. :slight_smile: