Suspicious Login - Permanent Notification after change of IPv4 address range

few weeks ago i installed the app “Suspicious Login”. Meanwhile that app collected enough data (statistic data is available in admin settings). So far so good.

Over two weeks ago i changed my contract of my internet provider and i got a new “IPv4 range/address”, which seems to defer to the previous one. Now, every time i login to nextcloud, i get a notification for a potentially suspicious login.

Is it possible to relearn the algorithm but only for my user login (there are other users set up at my NC system)?


You can go to Configuration - Security, and try to whitelist your new IP range.
Another option would be to completely uninstall the app and then reinstall it so that it does the complete learning again.

I hope this works for you.

@SrOscuro : Thanks for your suggestion. I tried that today. Around midday i deinstalled the app completely and installed it again afterwards. Now, in the evening i logged in and got the same notification / email about a unusual login attempt.

I guess the app is storing the trained data about IP adresses and other things in the database. Therefore the reinstall app is using the same data again.

Whitelisting of my IP adress or range does not make sense in my opinion because a range is “too much whitelisted”, and a single IP adress could be another every day, assigned by my internet provider.

Now i read about a command to train the system, i will try that ( ):

php -f occ suspiciouslogin:train

Thanks to the app “OCCweb” the execution of that command is also possible with my cloud provider instance.

I will write about the results in this thread so more users get that information.

The train-command helped me with my problem!
php -f occ suspiciouslogin:train

After the command finished its work I logged me out and in again and I got no such descripted notification anymore.