Nextcloud version: 28.0.3
Operating system and version: Ubuntu 22.04.4 LTS
Apache or nginx version : 2.4.52
PHP version: 8.3
Last week one user reported being disabled. As I’m the only admin, I’ve checked and he was in fact disabled but I didn’t do it. I reactivated the user and a couple days after the same thing happened again. Today the issue become more worrying as two more users got randomly disabled, one of those myself. I got access again via occ user:enable.
Today I was sharing the same IP with the other user that got disabled, and it happened like 15 times in an hour. Our IP was whitelisted on bruteforce protection when this happened.
We both were using floccus and passwords plug-in on Firefox, client for windows and nextcloud app and password app on 2 different iOS devices. Sometimes we get blocked by bruteforce for too many requests, so we have the IP whitelisted. When I was alone on the network I got blocked again.
Is this the first time you’ve seen this error? (Y/N): No
The output the config.php file:
<?php
$CONFIG = array (
'instanceid' => 'XXXXXXXXXX',
'passwordsalt' => 'XXXXXXXXXX',
'secret' => 'XXXXXXXXXX+Zd88wbBohHlePzh67o',
'trusted_domains' =>
array (
0 => 'www.XXXXXXXXXX.cat',
1 => 'XXXXXXXXXX.cat',
),
'datadirectory' => '/mnt/disk/data',
'overwrite.cli.url' => 'https://XXXXXXXXXX.cat',
'dbtype' => 'mysql',
'version' => '28.0.3.2',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'XXXXXXXXXX',
'dbpassword' => 'XXXXXXXXXX',
'installed' => true,
'htaccess.RewriteBase' => '/',
'mail_from_address' => 'XXXXXXXXXX',
'mail_smtpmode' => 'php',
'mail_smtpauthtype' => 'LOGIN',
'mail_domain' => 'XXXXXXXXXX.cat',
'session_keepalive' => false,
'session_lifetime' => 3600,
'remember_login_cookie_lifetime' => 86400,
'maintenance' => false,
'updater.release.channel' => 'stable',
'theme' => '',
'loglevel' => 0,
'app.mail.verify-tls-peer' => false,
'app.mail.imap.timeout' => 60,
'app.mail.smtp.timeout' => 30,
'overwriteprotocol' => 'https',
'memcache.local' => '\\OC\\Memcache\\Redis',
'filelocking.enabled' => 'true',
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => 'localhost',
'port' => 6379,
'timeout' => 0,
'password' => 'XXXXXXXXXX',
'dbindex' => 0,
),
'default_phone_region' => 'ES',
'mysql.utf8mb4' => true,
'app_install_overwrite' =>
array (
0 => 'impersonate',
1 => 'forms',
),
'maintenance_window_start' => 1,
);
The security and config check doesn’t give me any error and I’m quite lost on what to do. Any clues?
Thanks.