Hi, I have a rather unusual problem.
My nc instance was being rather slow, especially when loading the passwords tab and I discovered that in the brute force attempts table for my nextcloud instance, I had over 500 brute force attempts logged from my ip. I deleted all of them, but every couple of days, I would check again and I’d have another like 100 attempts logged. I noticed that every attempt was for a user account that I used to use but deleted.
I checked my pihole logs and filtered the results to the hostname of my nc instance and discovered that requests from my phone to the instance matched the time stamps of the brute force attempts.
As a result I checked all of the nextcloud apps on my phone for this account, but didn’t find it. Because I kept finding these attempts being logged, I reset all the nextcloud apps on my phone and when that didn’t work I also reinstalled them, but it still didn’t change the outcome. I also tried creating that account again with the password I used for it and the user tab showed that account was being logged into, but I was still getting brute force attempts being logged.
I am at my wit’s end as to what to do next.
Any help would be greatly appreciated.