From f30f950b57541e987186c330e783c3cb0bf36375 Mon Sep 17 00:00:00 2001
From: jensb <jens-github@spamfreemail.de>
Date: Tue, 14 Mar 2023 18:59:52 +0100
Subject: [PATCH] Update README.md, add warning about fail2ban-like tools

Signed-off-by: jensb <jens-github@spamfreemail.de>
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 76f0001..6aa75eb 100644
--- a/README.md
+++ b/README.md
@@ -18,6 +18,8 @@ If something does not work, check the log file at `nextcloud/data/nextcloud.log`
 
 **⚠⚠ Warning:** If you are using more than one backend or especially one backend more often than once, make sure that you still have resp. get unique `uid`s in the database. ⚠⚠
 
+**⚠⚠ Warning:** If you are using tools like fail2ban (https://www.fail2ban.org) to protect your authentication source (e.g. IMAP server), be sure to disable it for the host that runs `user_external`. Otherwise a single user failing to login too many times can practically DoS your whole Nextcloud installation because `fail2ban` will then block the Nextcloud IP address. ⚠⚠
+Instead, install appropriate protection apps within Nextcloud that bans repeated failed login attempts.
 
 FTP
 ---