Without whitelisting a IP address - How do I prevent a admin account from ever being blocked/disabled.
I just wasted an hour trying to get access to my admin account because my iPad decided to log the app out and flooding the server with login requests. Which caused NC to disable my account.
I’m the only admin on this setup, WHY CAN THIS ACCOUNT BE DISABLED!?!? Who thought that that was a good idea?
Ofcourse OCC from terminal didn’t work. Some stupid PHP error (in my frustration I forgot to note it down) and had to dig through mysql to delete the bruteforce logs and flip a variable in preferences to get access to the only account that should never be blocked. I could then log in once, but when I tried the iPad it again screwed the account.
Then I found out that my phone, desktop app and some webdav connected apps are now also screwed and need to be logged in again… All because the iPad app can’t stay logged in or something. What the hell kind of stupid design is this?
So, why can an admin account be blocked like this (especially if its the only admin account!) and how do I prevent it?
Most likely your router is using NAT-Loopback, instead of proper DNS, in order to map the public domain name to the local IP address of the server. With NAT-Loopback, all packets coming from devices in your local network, carry the IP address of the router instead of the IP address of the device that originally initiated the connection. So if one device triggers the brute force protection, all devices in the local network are affected.
You could at first start to create a second user account for yourself and use the admin account only for administrative tasks.
I don’t think that it’s a bad idea to also disable the admin account if it’s being brute forced. Otherwise you could lose the whole cloud to an offender
Yea I can see the use of that.
And if it’s a separate thing I can unlock disabled accounts.
The downside is that as a regular user I don’t see what’s happening in or with the admin account. So if it were to get hacked I wouldn’t notice immediately as it’s basically an unattended account regular users can see very little of.
with that in mind I’m not keen on splitting things up, and am just looking to prevent having my account locked, or have some reasonable timeout or something that doesn’t have me edit MySQL, delete records and re-setup several devices…
By not using the admin account for regular things as @Chartman123 already stated. The risk that one of your devices is leaking your password because of some malware or becaue of a flaw in the OS, browser, some app etc, is way higher than the risk that somebody “brute-forces” into your admin account. After all we know now, the security messarues of Nextcloud seem to work. You can further increase security by enabling MFA, if you haven’t done so already, and by using a unique username and a long and random password for your admin account. Nevertheless, it is always a good idea to follow the principle of least privilege.
Thanks for the clarification.
I’m certainly not going to apologize for making an assumption.
You can further increase security by enabling MFA, if you haven’t done so already, and by using a unique username and a long and random password for your admin account. Nevertheless, it is always a good idea to follow the principle of least privilege.