ownCloud Brute-Force Protection doesn't work how it should

jf712 · January 31, 2019, 7:15am

Hey,

I got a problem with getting the ownCloud Brute-Force-Protection work properly.
Installing the app wasn’t a problem and It’s also running fine but what doesn’t work right is blocking the right IP.

The Brute-Force-Protection App is checking the owncloud.log for failed Log-Ins and blocks the IP that was used. The problem is, that the only IP logged in the owncloud.log is the IP of the container ownCloud is located in and not the external IP/the IP of the User.

Is there any way to make this work properly?

Thanks in advance!

Kind Regards
jf712

Moritz_Bunkus · February 1, 2019, 8:57pm

Hey,

you can actually tell Nextcloud the IP that the request was forwarded for. This requires two changes:

The proxy server must send an HTTP header that includes the original IP. Luckily Apache does this by default; the header is called X-Forwarded-For.
You must tell Nextcloud which HTTP header to use for that information.

The second part requires adding the following entry to the config.php file:

  'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),

Afterwards the IP addresses in the log files are the ones the request actually comes from.

Note that this won’t work if you have another proxy in frond of the UCS system’s Apache, though. In that case things get messier.

m.

jf712 · February 4, 2019, 7:00am

Hey Moritz,

thank you for your answer.

Does this also work with ownCloud?

Kind Regards
jf712

Moritz_Bunkus · February 4, 2019, 8:25am

Hey,

oops, sorry, you’re right, I was only thinking of & testing with Nextcloud. My bad. However, posts such as this show that it should work the same way with OwnCloud.

m.