From f30f950b57541e987186c330e783c3cb0bf36375 Mon Sep 17 00:00:00 2001 From: jensb Date: Tue, 14 Mar 2023 18:59:52 +0100 Subject: [PATCH 1/2] Update README.md, add warning about fail2ban-like tools Signed-off-by: jensb --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 76f0001..6aa75eb 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,8 @@ If something does not work, check the log file at `nextcloud/data/nextcloud.log` **⚠⚠ Warning:** If you are using more than one backend or especially one backend more often than once, make sure that you still have resp. get unique `uid`s in the database. ⚠⚠ +**⚠⚠ Warning:** If you are using tools like fail2ban (https://www.fail2ban.org) to protect your authentication source (e.g. IMAP server), be sure to disable it for the host that runs `user_external`. Otherwise a single user failing to login too many times can practically DoS your whole Nextcloud installation because `fail2ban` will then block the Nextcloud IP address. ⚠⚠ +Instead, install appropriate protection apps within Nextcloud that bans repeated failed login attempts. FTP --- From 285a810b88ad8331a8a98f16df63fd01f2101011 Mon Sep 17 00:00:00 2001 From: Jonas Sulzer Date: Sat, 30 Mar 2024 00:13:15 +0100 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=91=8C=20IMPROVE:=20rephrase=20recomm?= =?UTF-8?q?endation=20about=20bruteforce=20protection?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jonas Sulzer --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6aa75eb..cf97ecf 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ If something does not work, check the log file at `nextcloud/data/nextcloud.log` **⚠⚠ Warning:** If you are using more than one backend or especially one backend more often than once, make sure that you still have resp. get unique `uid`s in the database. ⚠⚠ **⚠⚠ Warning:** If you are using tools like fail2ban (https://www.fail2ban.org) to protect your authentication source (e.g. IMAP server), be sure to disable it for the host that runs `user_external`. Otherwise a single user failing to login too many times can practically DoS your whole Nextcloud installation because `fail2ban` will then block the Nextcloud IP address. ⚠⚠ -Instead, install appropriate protection apps within Nextcloud that bans repeated failed login attempts. +Instead, make sure the bruteforce protection app for Nextcloud is installed and configured correctly. FTP ---