we are currently experimenting with Nextcloud for exchanging files with external users and customers.
Yesterday someone used the Nextcloud mobile device client with wrong credentials. This caused the brute force detection to kick in and making log ins from our internal subnet very slow.
Some questions in regard to this since the manual didn’t provide much informations on this or may be I missed it.
Are all logins from a specific subnet / IP slowed down if brute force detection has kicked in ?
Is the database table cleaned up after some time by a cron job ? I mean like everyday midnight ?
If #1 is true this could cause serious trouble for us if some internal user enters a wrong PW multiple times and this causes slow logins for any other inhouse user when accessing our Nextcloud server.
Hopefully someone can shed a bit of light in my darkness