I’ve just finished installing Nextcloud Docker AIO. By far the easiest install process I’ve done yet. I’m getting the error
Your remote address was identified as “MY.WAN.IP.ADDR” and is bruteforce throttled at the moment slowing down the performance of various requests. If the remote address is not your address this can be an indication that a proxy is not configured correctly. Further information can be found in the documentation
.
The way I have this setup is as follows:
Internet -> [pfsense -> HAProxy] -> [Ubuntu 22.04 VM -> Apache2.4 -> Nextcloud Docker]
pfSense and HAProxy handle the certs and encryption. This makes propping up new subdomains relatively painless.
I suspect the issue is with my Apache config:
/etc/apache2/site-available/nextcloud.conf
<VirtualHost *:80>
ServerAdmin **PRIVATE**
ServerName **PRIVATE**
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{SERVER_NAME} =**PRIVATE**
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerAdmin **PRIVATE**
ServerName **PRIVATE**
RewriteEngine On
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
ProxyPass / http://192.168.2.20:11000/ nocanon
ProxyPassReverse / http://192.168.2.20:11000/
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteCond %{THE_REQUEST} "^[a-zA-Z]+ /(.*) HTTP/\d+(\.\d+)?$"
RewriteRule .? "ws://localhost:11000/%1" [P,L]
Protocols h2 h2c http/1.1
H2WindowSize 5242880
TraceEnable off
<Files ".ht*">
Require all denied
</Files>
# I've added this because I've had to use it in the past, so my thought was this would fix the issue.
#
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000' includeSubDomains"
Header always set Referrer-Policy "no-referrer"
</IfModule>
LimitRequestBody 0
</VirtualHost>
config.php
...
'trusted_domains' =>
array (
0 => '192.168.2.20',
1 => 'my.cloud.url.tld',
2 => '127.0.0.1',
),
...
'trusted_proxies' =>
array (
0 => '127.0.0.1',
1 => '::1',
2 => '192.168.2.20',
),
...
Let me know if there’s anything else that would be helpful for debugging this issue.