Reset throttle / bruteforce attempts

Nextcloud version (eg, 20.0.5):
Operating system and version (eg, Ubuntu 20.04): docker-compose in ubuntu
Apache or nginx version (eg, Apache 2.4.25): -
PHP version (eg, 7.4): -

How can I reset throttling/bruteforcing state in nextcloud?

This is what I have tried so far:

  • dropping redis: redis-cli -h (docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' compose_nextcloud-aio-redis_1) -p 6379 -a (rg ' *REDIS_PASSWORD=([^ ]+)' -or '$1' ~/nextcloud/compose/.env) FLUSHDB

  • Checking the table: select * from oc_bruteforce_attempts; — it is empty, 0 rows.

Official documentation says that there is an app, but I cannot login. I only have access to console/occ/DB.


"message":"Bruteforce attempt from \"fd12:3456:789a:2::4\" detected for action \"login\".",
"userAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36 Edg/","version":"","data":{"app":"core"}}

Use this occ command: Using the occ command — Nextcloud latest Administration Manual latest documentation


The following can be used disable protection and reset the attempts history for your IP address (don’t forget to set it back to true when your situation is corrected!):

occ config:system:set --value false --type bool
occ security:bruteforce:reset YOUR_IP_ADDRESS

Do you know why it’s being triggered? Under normal circumstances even a few invalid login attempts shouldn’t do much other than delay authentication briefly.

1 Like

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.