Slow WebDAV performance

kfincei · April 10, 2017, 7:18pm

Hi,

While the performance with the desktop client is allright, I’m experiencing an extremely slow performance when using WebDAV.

Nextcloud version: 11.0.2
Operating system and version: FreeBSD 11.0
Apache or nginx version: nginx 1.11.10
PHP version: 7.0
Is this the first time you’ve seen this error?: no

Can you reliably replicate it? (If so, please outline steps):

Unfortunately, there is nothing that I could see in the logs, but after doing file operations over WebDAV, it takes a long time until a reply is coming back. I’m not seeing any error, because it works, but exremely slow.

Is this a known error with Nextcloud?

X4LD1M0 · April 10, 2017, 8:19pm

Can you confirm if it takes approx 30 seconds before a response? If so then most likely the brute force mechanism got triggered and is slowing down the responses.

You can disable it in the config.php file by adding:

'auth.bruteforce.protection.enabled' => false,

But it would be better to improve the configuration. If you are behind a proxy, you will most likely translate all public IP’s to an internal IP, so it will look like only one IP is communicating, causing the brute force mechanism to be triggered.

Add to the config.php the following:

  'forwarded_for_headers' =>
  array (
    0 => 'HTTP_X_FORWARDED',
    1 => 'HTTP_FORWARDED_FOR',
  ),

and add to Apache (if you are using Apache) to the virtualhost:

  ProxyVia On
  ProxyPreserveHost On
  RequestHeader set X-Forwarded-Proto 'https' env=HTTPS

kfincei · April 11, 2017, 9:31am

Hi,

Thank you very much for the hint. It definitely looks like I’m hitting the brute force protection. My clients are behind NAT, but none of them is using a web proxy.

I’ve added
'auth.bruteforce.protection.enabled' => false,
but I’m not sure if it’s working. I’m still seeing this error in the log:

{"reqId":"JcezzWUiWpkoLWmclg1o","remoteAddr":"","app":"PHP","message":"inet_ntop(): Invalid in_addr value at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#121","level":3,"time":"2017-04-11T11:21:31+02:00","method":"PROPFIND","url":"\/owncloud\/remote.php\/dav\/calendars\/ihsan\/inbox\/","user":"--","version":"11.0.2.7"}

Is there anything else I have to take care of?

X4LD1M0 · April 11, 2017, 9:38am

You could also manually clear the brute force database table:

For MySQL: TRUNCATE TABLE <PREFIX>_bruteforce_attempts; (where PREFIX is as define in config.php)

and see what you get in your logs then.

P.S. It was more that the NextCloud is behind a web-proxy (i.e. Apache) but if you have NextCloud directly accessible than those lines for Apache won’t work.

kfincei · April 11, 2017, 12:29pm

Hi,

Clearing the database table helped, but it looks like that the brute force thingie still isn’t turned off. For testing, I’ve connected with cadaver via WebDAV to my Nextcloud installation. I’ve created a directory “test” and deleted it afterwards.

dav:/owncloud/remote.php/webdav/> mkdir test
Creating `test': succeeded.
dav:/owncloud/remote.php/webdav/> rmcol test
Deleting collection `test': succeeded.
dav:/owncloud/remote.php/webdav/>

The new directory was created quickly, but deleting it took about two minutes. During this operation, these messages appeared in the log:

/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#113","level":3,"time":"2017-04-11T14:12:13+02:00","method":"OPTIONS","url":"\/owncloud\/remote.php\/webdav\/","user":"--","version":"11.0.2.7"}
{"reqId":"eCqfOytiPHEaSIRSJFuT","remoteAddr":"","app":"PHP","message":"inet_ntop(): Invalid in_addr value at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#121","level":3,"time":"2017-04-11T14:12:13+02:00","method":"OPTIONS","url":"\/owncloud\/remote.php\/webdav\/","user":"--","version":"11.0.2.7"}
{"reqId":"GXYxuSjxd\/OKQkgiJqGU","remoteAddr":"","app":"PHP","message":"inet_pton(): Unrecognized address  at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#113","level":3,"time":"2017-04-11T14:12:13+02:00","method":"PROPFIND","url":"\/owncloud\/remote.php\/webdav\/","user":"--","version":"11.0.2.7"}
{"reqId":"GXYxuSjxd\/OKQkgiJqGU","remoteAddr":"","app":"PHP","message":"inet_ntop(): Invalid in_addr value at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#121","level":3,"time":"2017-04-11T14:12:13+02:00","method":"PROPFIND","url":"\/owncloud\/remote.php\/webdav\/","user":"--","version":"11.0.2.7"}
{"reqId":"heMhfX6i3EaswpJV\/wWH","remoteAddr":"","app":"PHP","message":"inet_pton(): Unrecognized address  at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#113","level":3,"time":"2017-04-11T14:12:25+02:00","method":"MKCOL","url":"\/owncloud\/remote.php\/webdav\/test\/","user":"--","version":"11.0.2.7"}
{"reqId":"heMhfX6i3EaswpJV\/wWH","remoteAddr":"","app":"PHP","message":"inet_ntop(): Invalid in_addr value at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#121","level":3,"time":"2017-04-11T14:12:25+02:00","method":"MKCOL","url":"\/owncloud\/remote.php\/webdav\/test\/","user":"--","version":"11.0.2.7"}
{"reqId":"heMhfX6i3EaswpJV\/wWH","remoteAddr":"","app":"PHP","message":"stream_get_contents() expects parameter 2 to be integer, string given at \/usr\/local\/www\/nextcloud\/3rdparty\/sabre\/http\/lib\/Message.php#81","level":3,"time":"2017-04-11T14:12:26+02:00","method":"MKCOL","url":"\/owncloud\/remote.php\/webdav\/test\/","user":"ihsan","version":"11.0.2.7"}
{"reqId":"bfiSecfD8Nv3R6AzDVd9","remoteAddr":"","app":"PHP","message":"inet_pton(): Unrecognized address  at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#113","level":3,"time":"2017-04-11T14:12:47+02:00","method":"PROPFIND","url":"\/owncloud\/remote.php\/webdav\/test\/","user":"--","version":"11.0.2.7"}
{"reqId":"bfiSecfD8Nv3R6AzDVd9","remoteAddr":"","app":"PHP","message":"inet_ntop(): Invalid in_addr value at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#121","level":3,"time":"2017-04-11T14:12:47+02:00","method":"PROPFIND","url":"\/owncloud\/remote.php\/webdav\/test\/","user":"--","version":"11.0.2.7"}
{"reqId":"vIyA0E+jqaI7Wc9Wg6U8","remoteAddr":"","app":"PHP","message":"inet_pton(): Unrecognized address  at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#113","level":3,"time":"2017-04-11T14:12:47+02:00","method":"DELETE","url":"\/owncloud\/remote.php\/webdav\/test\/","user":"--","version":"11.0.2.7"}
{"reqId":"vIyA0E+jqaI7Wc9Wg6U8","remoteAddr":"","app":"PHP","message":"inet_ntop(): Invalid in_addr value at \/usr\/local\/www\/nextcloud\/lib\/private\/Security\/Bruteforce\/Throttler.php#121","level":3,"time":"2017-04-11T14:12:47+02:00","method":"DELETE","url":"\/owncloud\/remote.php\/webdav\/test\/","user":"--","version":"11.0.2.7"}

And my config.php:

<?php
$CONFIG = array (
  'instanceid' => ‚**********‘,
  'passwordsalt' => ‚*************‘,
  'secret' => ‚****************‘,
  'auth.bruteforce.protection.enabled' => 'false',
  'trusted_domains' => 
  array (
    0 => 'cloud.dogan.ch',
  ),
  'datadirectory' => '/var/nextcloud/data',
  'overwrite.cli.url' => 'https://cloud.example.com/owncloud',
  'dbtype' => 'mysql',
  'version' => '11.0.2.7',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => ‚********‘,
  'dbpassword' => ‚******‘,
  'logtimezone' => 'Europe/Zurich',
  'log_rotate_size' => '104857600',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'installed' => true,
  'mail_from_address' => 'nextcloud',
  'mail_smtpmode' => 'php',
  'mail_domain' => ‚example.com‘,
  'maintenance' => false,
  'loglevel' => 2,
);

Probably something is still not all right.

kfincei · April 11, 2017, 12:30pm

Besides, even the “auth.bruteforce.protection.enabled” is set to false, the table contained again entries:

mysql> select * from oc_bruteforce_attempts;
+----+--------+------------+----+--------+------------+
| id | action | occurred   | ip | subnet | metadata   |
+----+--------+------------+----+--------+------------+
|  1 | login  | 1491912505 |    | /128   | {"uid":""} |
+----+--------+------------+----+--------+------------+
1 row in set (0.02 sec)

X4LD1M0 · April 11, 2017, 12:48pm

That is strange, also seeing the subnet it looks like it is IPv6 it is logging. Are you using IPv6?

I just double checked my table and I get:

mysql> select * from nc_bruteforce_attempts;
Empty set (0.00 sec)

The problem is I can’t compare it like-for-like since I have an Apache proxy in front of it, which creates the HTTP FORWARDED header entries with the source IP address so I don’t see a single IP address coming in. But even in your case that wouldn’t have since the NAT would still provide 1 single IP towards NC.

kfincei · April 11, 2017, 1:17pm

Yes, I am using IPv6, but during these Tests the clients were connecting only over IPv4.

X4LD1M0 · April 11, 2017, 1:47pm

The strange thing is it doesn’t show even an actual IP address and the subnet mask is a IPv6 one. So for some reason it is seeing a lot of IPv6 connecting which is causing to trigger the brute force mechanism. That doesn’t explain why disabling isn’t working. It could be a bug.

e-raser · June 11, 2018, 9:14pm

Any news on this?

t1omthy · July 10, 2018, 2:05pm

I also have problems with Webdav, like deleting,moving or listing files.

raytracy · July 16, 2018, 2:50am

Hi t1omthy:

Last time I solved your issue by install redis server as file locking cache,

And change config.php as:

‘memcache.locking’ => ‘\OC\Memcache\Redis’,
‘redis’ =>
array (
‘host’ => ‘localhost’,
‘port’ => 6379,

t1omthy · July 16, 2018, 5:29am

Thanks for your reply. I have both, APU caching and redis locking enabled.

tflidd · July 16, 2018, 11:51am

NC11 is not supported any more, please upgrade to a supported version (12 and 13) and see if the error still exists. If bruteforce detection is turned off and there is still activity on the bruteforce tables, there is probably a bug that should be reported to the bug tracker.

t1omthy · July 17, 2018, 9:08am

I use the latest version of NC, I just do not want to open a new discussion on the same topic.
Brute Force is not the problem.

tflidd · July 18, 2018, 8:37am

Except for the webdav performance, is anything similar to your problem (configuration, error messages, …)?

t1omthy · July 19, 2018, 7:45am

Not at all. I’ve tried many performance Tunings.

Roken_Price · September 14, 2019, 9:09am

I have a portable hard drive that boots to Arch Linux on any machine, and I wanted desktop access to my files stored on a nextcloud server on a rPi, but performance was woefully slow to the point of being pointless. This fixed it for me.

Thank you so much.

Nemskiller · September 14, 2019, 9:13am

I got also slow performances on Windows Webdav.
NC 16.0.4 with php7.3 - SSD - Redis
With Windows Explorer/Cyberduck and others i don’t go beyond 10MB/s where as i am in local network.