I changes my passwords without first logging out my desktop and mobile client, which made these clients try to login again with my old password. This triggered the brute force detection according to the logs: Bruteforce attempt from "my ip here" detected for action "login".
Also I was able to login my mobile client by switching from Wi-Fi to mobile data and so changing my ip. This also indicates brute force detection blocking.
So I read here that other people have got the same thing and tricks to stop this is either remove the ip from database oc_bruteforce_attempts. But I wasn’t able to find the database by show databases;. All databases I have on my server are: information_schema mysql nextcloud performance_schema
I’m not very experienced with mysql, but I would have been successful removing one entry of the database if I was able to even find it.
I also tried adding 'auth.bruteforce.protection.enabled' => false, to my config.php but it did not seem to help me here.
Am I missing something? Could I just wait the blocking to expire if it does expire?
A database in MySQL holds tables which store data. Notice that you have a database called “Nextcloud.” This will have your tables that hold all your Nextcloud data, such as users, contacts, and blocked IP’s. Think of MySQL like a folder of Excel spreadsheets if you will. Each “database” is a file in the folder, and each “table” is like a separate workbook/table within that file. You have a file called Nextcloud and inside that file is all the info relate to to Nextcloud.
So, you need to open up the Nextcloud database first, using
Next, to show all tables, use:
To show all values from the oc_bruteforce_attempts table, use:
SELECT * FROM oc_bruteforce_attempts;
To remove delete an IP from the table, use:
DELETE FROM oc_bruteforce_attempts WHERE IP="xxx.xxx.xxx.xxx";
ich hatte auch das Problem, dass ich durch viele Clients und einen PW-Wechsel viele Einträge in der oc_bruteforce_attempts hatte. Da ich das Feature sinnvoll finde, habe ich einen maria/mysql event geschrieben, der die Tabelle einmal in der Woche aufräumt:
MariaDB [nextcloud]> CREATE EVENT cleanup_oc_bruteforce_attempts ON SCHEDULE EVERY 7 DAY STARTS '2017-06-24 04:00:00' DO DELETE FROM nextcloud.oc_bruteforce_attempts WHERE action = 'login';
MariaDB [nextcloud]> SHOW CREATE EVENT cleanup_oc_bruteforce_attempts\G;