NextCloud blocking my IP after putting incorrect password 3 times

Change NextCloud settings to remove IP block

After failing the password 3 times NextCloud doesn’t let me join it again on my pc, Is there a way to change the amount of tries you can do and the amount of time the block lasts?
Hope there’s a solution, thank you!

Hi @Yeet


Afaik no. But you can disable the App “Password Policy” entirely, if you are using Nextcloud only on your local network. I would not recommand doing this if your server is publicly available.

Hey, thanks for your help!
Do you know which side of the NextCloud administration runs Password Policy?

If you click on the link to the documentation I psoted it says: “In the security-section of your administrator-settings”

I changed the amount of tries to 10 and after failing the password 3 times, after the 4th I can’t no longer acess NextCloud site. I also eliminated the data records of the login attempts and I still can’t acess NextCloud.

How exactley does the error manifest itself. Do you get an error message? Can you no longer connect to your Nextcloud?

When I put the IP of the site it does this. Whenever I put incorrect passwords 3 times it just blocks my IP and I can no longer access the site

This only happens on the newest version of the NextCloud, the version 22.2.10 works fine.

To me this looks like the connection is getting blocked at the operating system / network level. Are you using Fail2ban on your server and did you configure it to work with Nextcloud? If so, you would have to unban your IP in Fail2ban. Also, if you would like to increase the number of possible login attempts before your IP gets banned you would have to adjust this value in Fail2ban as well.

I’m not using any of that. I just have a virtual machine with TurnKey Nextcloud ISO

I don’t use anything from TurnKey myself, but with a quick search I found that there was a fail2ban config added to TurnKey Nextcloud, starting with version 17.0: New TurnKey Nextcloud version (17.0) | TurnKey GNU/Linux

1 Like

Do you know how can I access that Fail2Ban?

On a standard Debian you would configure it via command line and the config file would be in /etc/fail2ban/jail.d/. On the TurnKey ISOs you may also be able to configure it via Webmin | TurnKey GNU/Linux, but I can’t help with that.

In order to unban your IP you can use the command line client, which should work in any case:

Open the Fail2ban client:

fail2ban-client -i

Show a list of all Jails:


Show banned IP addresses of a jail:

status <Jail>

Unban banned IP addresses:

set <Jail> unbanip <IP-ADDRESS>

The above commands can also be entered directly without opening the Fail2ban client first:

fail2ban-client status <Jail>
fail2ban-client set <Jail> unbanip <IP-ADDRESS>
1 Like

Thank you! It worked perfectly after I did what you told me.

So basically, I guess you can change the amount of time of the ban in the Fail2Ban, right?

I found this on their GitHub:

So yes, you can increase the value for maxretry in /etc/fail2ban/jail.d/nextcloud.local to your liking and then restart fail2ban by entering: systemctl restart fail2ban. What I don’t know is whether TURNKEY maybe will overwrite the config with future updates, otherwise it should be persistent.

1 Like

It’s giving me this error after trying to restart fail2ban

Nevermind :sweat_smile:. I was doing it on fail2ban instead of the root haha

Now my user is getting disabled, do you have any suggestions on how I can fix it? If you don’t know it’s okay, you already gave me a big help man!

Your Nextcloud user?

Either via WebUI, if you still can login to an admin account, or via occ command:

The full command would probably look as follows, assuming Nextloud is installed under /var/www/nextcloud:

sudo -u www-data php /var/www/nextcloud/occ user:enable username

Thanks for your help, I really appreciate it. Now I can finally use it for my company! Have a nice day.

1 Like