We have detected multiple invalid login attempts from your IP. Therefore your next login is throttled up to 30 seconds

Hi all

I am running the Tech and Me VM which is working fine. However, I do have this message on my login screen:

We have detected multiple invalid login attempts from your IP. Therefore your next login is throttled up to 30 seconds.

Many have seen this before I know…

It only appears on my LAN, if I use a mobile hotspot or another network it doesn’t appear.
I have fail2ban installed and there is no ip addresses in there that are banned.

I did have the Brute Force app installed but I couldn’t add anything on the whitelist so it has been uninstalled, (I have attached a screenshot. If I fill in the blanks, click ADD, nothing happens) Even after I uninstall I still get this message on any device on any browser on my LAN only.

I can still log in to my Nextcloud and everything works just fine so I’m not too concerned but it would be nice to get rid of the message.

I’m not too sure where else to look now.

Can anyone help
Best wishes
Dj

Hi

Solved… We think. We reset one of the WIFI routers in our network and now the pesky message has gone!

Dj

1 Like

Where is this option? It’s not in my admin/security section.

1 Like

And again, another 3 years later…

Where is this option? It’s not in my admin/security section.

How do you unblock/unthrottle users?

EDIT:
some tinkering around later … settings → apps → security → brute-force settings → install

This opens a new option “Brute-force IP whitelist” under administration → security

Bruteforce protection FAQ

Nextcloud features a built-in bruteforce protection which may get triggered and will block an ip-address or disable a user. You can unblock an ip-address by running sudo docker exec -it nextcloud-aio-nextcloud php occ security:bruteforce:reset <ip-address> and enable a disabled user by running sudo docker exec -it nextcloud-aio-nextcloud php occ user:enable <name of user>. See Using the occ command — Nextcloud latest Administration Manual latest documentation for further information.