Login to NextCloud takes up to 15sec

hi Folks,
my login to NextCloud on my own Server (Ubuntu 16.04, 2GB RAM, Xeon 1245) is very low. Up to 15sec!
WordPress, MediaWiki, Roundcude on the server are much more faster.

I checked my Apache log files could not find any error.

I must confess… when I installed NextCloud I accidentally enabled all installed Apache2 mod.
So I tried to diable not needed mods.
Here are my loaded Apache2 mods… maybe I need one more?

access_compat_module (shared) actions_module (shared) alias_module (shared) auth_basic_module (shared) authn_core_module (shared) authn_file_module (shared) authz_core_module (shared) authz_host_module (shared) authz_svn_module (shared) authz_user_module (shared) autoindex_module (shared) cache_module (shared) cgi_module (shared) core_module (static) dav_fs_module (shared) dav_lock_module (shared) dav_module (shared) dav_svn_module (shared) deflate_module (shared) dir_module (shared) env_module (shared) fcgid_module (shared) filter_module (shared) headers_module (shared) http_module (static) log_config_module (static) log_debug_module (shared) logio_module (static) mime_module (shared) mpm_prefork_module (shared) negotiation_module (shared) php7_module (shared) proxy_fcgi_module (shared) proxy_module (shared) rewrite_module (shared) session_module (shared) setenvif_module (shared) socache_shmcb_module (shared) so_module (static) ssl_module (shared) status_module (shared) suexec_module (shared) unixd_module (static)

and here is my Apache2 conf foe the domain

<code>
    <VirtualHost *:80>
    SuexecUserGroup "#1021" "#1021"
    ServerName domain.tld
    DocumentRoot /home/domain.tld/public_html
    ErrorLog /var/log/virtualmin/domain.tld_error_log
    CustomLog /var/log/virtualmin/domain.tld_access_log combined
    ScriptAlias /cgi-bin/ /home/domain.tld/cgi-bin/
    DirectoryIndex index.html index.htm index.php index.php4 index.php5
    <Directory /home/domain.tld/public_html>
    Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    AddType application/x-httpd-php .php
    AddType application/x-httpd-php7.0 .php7.0
    AddType application/x-httpd-php7.0 .php
    Action application/x-httpd-php7.0 /cgi-bin/php7.0.cgi
    </Directory>
    <Directory /home/domain.tld/cgi-bin>
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    RewriteEngine on
    RemoveHandler .php
    RemoveHandler .php7.0
    php_admin_value engine Off
    RedirectPermanent / https://domain.tld
    </VirtualHost>
    <VirtualHost 1.2.3.4:443>
    SuexecUserGroup "#1021" "#1021"
    ServerName domain.tld
    DocumentRoot /home/domain.tld/public_html
    ErrorLog /var/log/virtualmin/domain.tld_error_log
    CustomLog /var/log/virtualmin/domain.tld_access_log combined
    ScriptAlias /cgi-bin/ /home/domain.tld/cgi-bin/
    DirectoryIndex index.html index.htm index.php index.php4 index.php5
    <Directory /home/domain.tld/public_html>
    Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    AddType application/x-httpd-php .php
    AddType application/x-httpd-php7.0 .php7.0
    AddType application/x-httpd-php7.0 .php
    Action application/x-httpd-php7.0 /cgi-bin/php7.0.cgi
    </Directory>
    <Directory /home/domain.tld/cgi-bin>
    allow from all
    AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    Require all granted
    </Directory>
    RewriteEngine on
    RemoveHandler .php
    RemoveHandler .php7.0
    php_admin_value engine Off
    SSLEngine on
    SSLCertificateFile /home/domain.tld/ssl.cert
    SSLCertificateKeyFile /home/domain.tld/ssl.key
    SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
    SSLCACertificateFile /home/domain.tld/ssl.ca
    </VirtualHost>
</code>

and my config.php

<code>
<?php
$CONFIG = array (
  'instanceid' => 'oc782*',
  'passwordsalt' => 'jat**',
  'secret' => 'Bgna*',
  'trusted_domains' =>
  array (
    0 => 'domain.tld',
  ),
  'datadirectory' => '/home/domain.tld/data',
  'overwrite.cli.url' => 'http://domain.tld',
  'dbtype' => 'mysql',
  'version' => '11.0.3.2',
  'dbname' => 'name',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'name',
  'dbpassword' => 'password',
  'logtimezone' => 'UTC',
  'installed' => true,
);
</code>

Please have a look in your bruteforcetable. You can do that with phpmyadmin or in the terminal:
DON’T FORGET TO MAKE A DATABASE BACKUP!

mysql
USE nextcloud;
SHOW tables;
SELECT * FROM oc_bruteforce_attempts;

Lists the bruteforce entries
For removing rows:

DELETE FROM oc_bruteforce_attempts WHERE IP=“nnn.nnn.nnn.nnn.”;
SELECT * FROM oc_bruteforce_attempts;
exit

1 Like

ahhh… i got some hits… my moms S3 wasent set up to the new NextCloud…still using the old OwnCloud login on same domain as the new installation.

EDIT
It’s really faster now!

1 Like

Can I temporary disable this function?

Here you might find some info on how to disable the check:

For nc 11 you can set
'auth.bruteforce.protection.enabled' => false',
in config.php

For nextcloud 12 there will be an app to handle the bruteforcesettings…

'auth.bruteforce.protection.enabled' => 'false',
1 Like

Any infos for nc14? the actual bruteforce system is just broken down nextcloud with apps.