I am running the Tech and Me VM which is working fine. However, I do have this message on my login screen:
We have detected multiple invalid login attempts from your IP. Therefore your next login is throttled up to 30 seconds.
Many have seen this before I know…
It only appears on my LAN, if I use a mobile hotspot or another network it doesn’t appear.
I have fail2ban installed and there is no ip addresses in there that are banned.
I did have the Brute Force app installed but I couldn’t add anything on the whitelist so it has been uninstalled, (I have attached a screenshot. If I fill in the blanks, click ADD, nothing happens) Even after I uninstall I still get this message on any device on any browser on my LAN only.
I can still log in to my Nextcloud and everything works just fine so I’m not too concerned but it would be nice to get rid of the message.
Where is this option? It’s not in my admin/security section.
How do you unblock/unthrottle users?
EDIT: some tinkering around later … settings → apps → security → brute-force settings → install
This opens a new option “Brute-force IP whitelist” under administration → security
Bruteforce protection FAQ
Nextcloud features a built-in bruteforce protection which may get triggered and will block an ip-address or disable a user. You can unblock an ip-address by running sudo docker exec -it nextcloud-aio-nextcloud php occ security:bruteforce:reset <ip-address> and enable a disabled user by running sudo docker exec -it nextcloud-aio-nextcloud php occ user:enable <name of user>. See Using the occ command — Nextcloud latest Administration Manual latest documentation for further information.