Update README.md, add warning about fail2ban-like tools

Signed-off-by: jensb <jens-github@spamfreemail.de>
2023-03-14 18:59:52 +01:00
parent 9090251e8e
commit f30f950b57
1 changed files with 2 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -18,6 +18,8 @@ If something does not work, check the log file at `nextcloud/data/nextcloud.log`

 **⚠⚠ Warning:** If you are using more than one backend or especially one backend more often than once, make sure that you still have resp. get unique `uid`s in the database. ⚠⚠

+**⚠⚠ Warning:** If you are using tools like fail2ban (https://www.fail2ban.org) to protect your authentication source (e.g. IMAP server), be sure to disable it for the host that runs `user_external`. Otherwise a single user failing to login too many times can practically DoS your whole Nextcloud installation because `fail2ban` will then block the Nextcloud IP address. ⚠⚠
+Instead, install appropriate protection apps within Nextcloud that bans repeated failed login attempts.

 FTP
 ---