Skip to content

Brute-force whitelisted IP are ineffective for password resetting #325

Description

@m4dz

How to use GitHub

  • Please use the 👍 reaction to show that you are affected by the same issue.
  • Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
  • Subscribe to receive notifications on status change and new comments.

Steps to reproduce

  1. Block IP with too many login attempts (brute-force blacklisting)
  2. Whitelist IP in the Brute-force settings app
  3. Try to reset the password from the regarding IP

Expected behaviour

Once whitelisted, the login operations (both login or reset password) should be allowed from the regarding IP.

Actual behaviour

User can login from the IP, but reset password action still returns a HTTP 412 error.

Server configuration

Operating system: Debian Buster

Web server: Apache / PHP-FPM

Database: MySQL 10.4.13

PHP version: 7.4.4

Nextcloud version: 20.0.5

Updated from an older Nextcloud/ownCloud or fresh install: Upgraded

Where did you install Nextcloud from: Official download page

Signing status:

Signing status
No errors have been found.

List of activated apps:

App list
Enabled:
  - accessibility: 1.6.0
  - activity: 2.13.4
  - bruteforcesettings: 2.0.1
  - calendar: 2.1.3
  - cloud_federation_api: 1.3.0
  - comments: 1.10.0
  - contacts: 3.4.3
  - contactsinteraction: 1.1.0
  - dashboard: 7.0.0
  - dav: 1.16.2
  - documentserver_community: 0.1.8
  - federatedfilesharing: 1.10.2
  - federation: 1.10.1
  - files: 1.15.0
  - files_markdown: 2.3.1
  - files_pdfviewer: 2.0.1
  - files_rightclick: 0.17.0
  - files_sharing: 1.12.2
  - files_trashbin: 1.10.1
  - files_versions: 1.13.0
  - files_videoplayer: 1.9.0
  - firstrunwizard: 2.9.0
  - groupfolders: 8.2.0
  - logreader: 2.5.0
  - lookup_server_connector: 1.8.0
  - mail: 1.7.2
  - nextcloud_announcements: 1.9.0
  - notifications: 2.8.0
  - oauth2: 1.8.0
  - onlyoffice: 6.2.0
  - password_policy: 1.10.1
  - photos: 1.2.3
  - privacy: 1.4.0
  - provisioning_api: 1.10.0
  - recommendations: 0.8.0
  - serverinfo: 1.10.0
  - settings: 1.2.0
  - sharebymail: 1.10.0
  - support: 1.3.0
  - survey_client: 1.8.0
  - systemtags: 1.10.0
  - text: 3.1.0
  - theming: 1.11.0
  - twofactor_admin: 3.0.0
  - twofactor_backupcodes: 1.9.0
  - twofactor_totp: 5.0.0
  - updatenotification: 1.10.0
  - user_status: 1.0.1
  - viewer: 1.4.0
  - weather_status: 1.0.0
  - workflowengine: 2.2.0
Disabled:
  - admin_audit
  - encryption
  - files_external
  - user_ldap

Nextcloud configuration:

Config report
{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "nextcloud.alwaysdata.org",
            "ad-nextcloud.alwaysdata.net"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "https:\/\/ad-nextcloud.alwaysdata.net",
        "dbtype": "mysql",
        "version": "20.0.5.2",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "smtp",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "maintenance": false,
        "theme": "",
        "loglevel": 2,
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpsecure": "ssl",
        "mail_smtpport": "465",
        "app_install_overwrite": [
            "calendar"
        ],
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Memcached",
        "memcached_servers": [
            [
                "localhost",
                11211
            ]
        ],
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "mail_sendmailmode": "smtp"
    },
    "apps": {
        "accessibility": {
            "enabled": "yes",
            "installed_version": "1.6.0",
            "types": ""
        },
        "activity": {
            "enabled": "yes",
            "installed_version": "2.13.4",
            "types": "filesystem"
        },
        "backgroundjob": {
            "lastjob": "254"
        },
        "bruteForce": {
            "whitelist_1": "81.28.201.184\/0"
        },
        "bruteforcesettings": {
            "enabled": "yes",
            "installed_version": "2.0.1",
            "types": ""
        },
        "calendar": {
            "enabled": "yes",
            "installed_version": "2.1.3",
            "types": ""
        },
        "cloud_federation_api": {
            "enabled": "yes",
            "installed_version": "1.3.0",
            "types": "filesystem"
        },
        "comments": {
            "enabled": "yes",
            "installed_version": "1.10.0",
            "types": "logging"
        },
        "contacts": {
            "enabled": "yes",
            "installed_version": "3.4.3",
            "types": "dav"
        },
        "contactsinteraction": {
            "enabled": "yes",
            "installed_version": "1.1.0",
            "types": "dav"
        },
        "core": {
            "backgroundjobs_mode": "cron",
            "enterpriseLogoChecked": "yes",
            "installedat": "1534865793.7312",
            "lastcron": "1611058213",
            "lastupdateResult": "[]",
            "lastupdatedat": "1611058181",
            "moveavatarsdone": "yes",
            "oc.integritycheck.checker": "[]",
            "previewsCleanedUp": "1",
            "public_files": "files_sharing\/public.php",
            "public_webdav": "dav\/appinfo\/v1\/publicwebdav.php",
            "scss.variables": "acf04738bafad3d2d16346746aeff1ba",
            "theming.variables": "c96da5636ef759cb25916c25b9288e2a",
            "updater.secret.created": "1603350162",
            "vendor": "nextcloud"
        },
        "dashboard": {
            "enabled": "yes",
            "installed_version": "7.0.0",
            "types": ""
        },
        "dav": {
            "buildCalendarReminderIndex": "yes",
            "buildCalendarSearchIndex": "yes",
            "chunks_migrated": "1",
            "enabled": "yes",
            "installed_version": "1.16.2",
            "regeneratedBirthdayCalendarsForYearFix": "yes",
            "types": "filesystem"
        },
        "documentserver_community": {
            "enabled": "yes",
            "installed_version": "0.1.8",
            "types": "filesystem"
        },
        "federatedfilesharing": {
            "enabled": "yes",
            "installed_version": "1.10.2",
            "types": ""
        },
        "federation": {
            "autoAddServers": "1",
            "enabled": "yes",
            "installed_version": "1.10.1",
            "types": "authentication"
        },
        "files": {
            "cronjob_scan_files": "500",
            "enabled": "yes",
            "installed_version": "1.15.0",
            "types": "filesystem"
        },
        "files_fulltextsearch": {
            "enabled": "no",
            "installed_version": "1.4.3",
            "types": "filesystem"
        },
        "files_markdown": {
            "enabled": "yes",
            "installed_version": "2.3.1",
            "types": ""
        },
        "files_pdfviewer": {
            "enabled": "yes",
            "installed_version": "2.0.1",
            "types": ""
        },
        "files_rightclick": {
            "enabled": "yes",
            "installed_version": "0.17.0",
            "types": ""
        },
        "files_sharing": {
            "enabled": "yes",
            "installed_version": "1.12.2",
            "types": "filesystem"
        },
        "files_texteditor": {
            "enabled": "no",
            "installed_version": "2.8.0",
            "types": ""
        },
        "files_trashbin": {
            "enabled": "yes",
            "installed_version": "1.10.1",
            "types": "filesystem,dav"
        },
        "files_versions": {
            "enabled": "yes",
            "installed_version": "1.13.0",
            "types": "filesystem,dav"
        },
        "files_videoplayer": {
            "enabled": "yes",
            "installed_version": "1.9.0",
            "types": ""
        },
        "firstrunwizard": {
            "enabled": "yes",
            "installed_version": "2.9.0",
            "types": "logging"
        },
        "fulltextsearch": {
            "enabled": "no",
            "installed_version": "1.4.2",
            "types": ""
        },
        "gallery": {
            "enabled": "no",
            "installed_version": "18.4.0",
            "types": ""
        },
        "groupfolders": {
            "enabled": "yes",
            "installed_version": "8.2.0",
            "types": "filesystem,dav"
        },
        "logreader": {
            "enabled": "yes",
            "installed_version": "2.5.0",
            "levels": "11111",
            "types": ""
        },
        "lookup_server_connector": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": "authentication"
        },
        "mail": {
            "enabled": "yes",
            "installed_version": "1.7.2",
            "types": ""
        },
        "nextcloud_announcements": {
            "enabled": "yes",
            "installed_version": "1.9.0",
            "pub_date": "Thu, 24 Oct 2019 00:00:00 +0200",
            "types": "logging"
        },
        "notifications": {
            "enabled": "yes",
            "installed_version": "2.8.0",
            "types": "logging"
        },
        "oauth2": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": "authentication"
        },
        "onlyoffice": {
            "DocumentServerUrl": "https:\/\/nextcloud.alwaysdata.org\/index.php\/apps\/documentserver_community\/",
            "defFormats": "{\"docx\":true,\"pptx\":true,\"xlsx\":true,\"odp\":true,\"ods\":true,\"odt\":true,\"doc\":true,\"ppt\":true,\"xls\":true}",
            "editFormats": "{\"csv\":true,\"docx\":true,\"pptx\":true,\"txt\":true,\"xlsx\":true,\"odp\":true,\"ods\":true,\"odt\":true,\"rtf\":true}",
            "enabled": "yes",
            "installed_version": "6.2.0",
            "sameTab": "true",
            "types": "filesystem"
        },
        "ownpad": {
            "enabled": "no",
            "installed_version": "0.6.14",
            "ocsid": "174679",
            "ownpad_ethercalc_enable": "yes",
            "ownpad_ethercalc_host": "https:\/\/ethercalc.alwaysdata.org",
            "ownpad_etherpad_enable": "yes",
            "ownpad_etherpad_host": "https:\/\/etherpad.alwaysdata.org",
            "ownpad_etherpad_useapi": "no",
            "types": ""
        },
        "password_policy": {
            "enabled": "yes",
            "installed_version": "1.10.1",
            "types": "authentication"
        },
        "photos": {
            "enabled": "yes",
            "installed_version": "1.2.3",
            "types": ""
        },
        "privacy": {
            "enabled": "yes",
            "installed_version": "1.4.0",
            "types": ""
        },
        "provisioning_api": {
            "enabled": "yes",
            "installed_version": "1.10.0",
            "types": "prevent_group_restriction"
        },
        "recommendations": {
            "enabled": "yes",
            "installed_version": "0.8.0",
            "types": ""
        },
        "serverinfo": {
            "enabled": "yes",
            "installed_version": "1.10.0",
            "types": ""
        },
        "settings": {
            "enabled": "yes",
            "installed_version": "1.2.0",
            "types": ""
        },
        "sharebymail": {
            "enabled": "yes",
            "installed_version": "1.10.0",
            "types": "filesystem"
        },
        "support": {
            "SwitchUpdaterServerHasRun": "yes",
            "enabled": "yes",
            "installed_version": "1.3.0",
            "types": "session"
        },
        "survey_client": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "last_report": "{\"id\":\"ocuv4tp55nnj\",\"items\":[[\"server\",\"version\",\"20.0.5.2\"],[\"server\",\"code\",\"other\"],[\"server\",\"enable_avatars\",\"yes\"],[\"server\",\"enable_previews\",\"yes\"],[\"server\",\"memcache.local\",\"\\\\OC\\\\Memcache\\\\APCu\"],[\"server\",\"memcache.distributed\",\"\\\\OC\\\\Memcache\\\\Memcached\"],[\"server\",\"asset-pipeline.enabled\",\"no\"],[\"server\",\"filelocking.enabled\",\"yes\"],[\"server\",\"memcache.locking\",\"\\\\OC\\\\Memcache\\\\Redis\"],[\"server\",\"debug\",\"no\"],[\"server\",\"cron\",\"cron\"],[\"php\",\"version\",\"7.4.4\"],[\"php\",\"memory_limit\",536870912],[\"php\",\"max_execution_time\",0],[\"php\",\"upload_max_filesize\",268435456],[\"database\",\"type\",\"mysql\"],[\"database\",\"version\",\"10.4.13\"],[\"database\",\"size\",64233472],[\"apps\",\"accessibility\",\"1.6.0\"],[\"apps\",\"activity\",\"2.13.4\"],[\"apps\",\"calendar\",\"2.1.3\"],[\"apps\",\"cloud_federation_api\",\"1.3.0\"],[\"apps\",\"comments\",\"1.10.0\"],[\"apps\",\"contacts\",\"3.4.3\"],[\"apps\",\"contactsinteraction\",\"1.1.0\"],[\"apps\",\"dashboard\",\"7.0.0\"],[\"apps\",\"dav\",\"1.16.2\"],[\"apps\",\"documentserver_community\",\"0.1.8\"],[\"apps\",\"federatedfilesharing\",\"1.10.2\"],[\"apps\",\"federation\",\"1.10.1\"],[\"apps\",\"files\",\"1.15.0\"],[\"apps\",\"files_fulltextsearch\",\"disabled\"],[\"apps\",\"files_markdown\",\"2.3.1\"],[\"apps\",\"files_pdfviewer\",\"2.0.1\"],[\"apps\",\"files_rightclick\",\"0.17.0\"],[\"apps\",\"files_sharing\",\"1.12.2\"],[\"apps\",\"files_texteditor\",\"disabled\"],[\"apps\",\"files_trashbin\",\"1.10.1\"],[\"apps\",\"files_versions\",\"1.13.0\"],[\"apps\",\"files_videoplayer\",\"1.9.0\"],[\"apps\",\"firstrunwizard\",\"2.9.0\"],[\"apps\",\"fulltextsearch\",\"disabled\"],[\"apps\",\"gallery\",\"disabled\"],[\"apps\",\"groupfolders\",\"8.2.0\"],[\"apps\",\"logreader\",\"2.5.0\"],[\"apps\",\"lookup_server_connector\",\"1.8.0\"],[\"apps\",\"mail\",\"1.7.2\"],[\"apps\",\"nextcloud_announcements\",\"1.9.0\"],[\"apps\",\"notifications\",\"2.8.0\"],[\"apps\",\"oauth2\",\"1.8.0\"],[\"apps\",\"onlyoffice\",\"6.2.0\"],[\"apps\",\"ownpad\",\"disabled\"],[\"apps\",\"password_policy\",\"1.10.1\"],[\"apps\",\"photos\",\"1.2.3\"],[\"apps\",\"privacy\",\"1.4.0\"],[\"apps\",\"provisioning_api\",\"1.10.0\"],[\"apps\",\"recommendations\",\"0.8.0\"],[\"apps\",\"serverinfo\",\"1.10.0\"],[\"apps\",\"settings\",\"1.2.0\"],[\"apps\",\"sharebymail\",\"1.10.0\"],[\"apps\",\"support\",\"1.3.0\"],[\"apps\",\"survey_client\",\"1.8.0\"],[\"apps\",\"systemtags\",\"1.10.0\"],[\"apps\",\"text\",\"3.1.0\"],[\"apps\",\"theming\",\"1.11.0\"],[\"apps\",\"twofactor_backupcodes\",\"1.9.0\"],[\"apps\",\"twofactor_totp\",\"5.0.0\"],[\"apps\",\"updatenotification\",\"1.10.0\"],[\"apps\",\"user_status\",\"1.0.1\"],[\"apps\",\"viewer\",\"1.4.0\"],[\"apps\",\"weather_status\",\"1.0.0\"],[\"apps\",\"workflowengine\",\"2.2.0\"],[\"stats\",\"num_files\",122900],[\"stats\",\"num_users\",9],[\"stats\",\"num_storages\",10],[\"stats\",\"num_storages_local\",1],[\"stats\",\"num_storages_home\",9],[\"stats\",\"num_storages_other\",0],[\"stats\",\"num_comments\",2],[\"stats\",\"num_comment_markers\",2],[\"stats\",\"num_systemtags\",0],[\"stats\",\"num_systemtags_mappings\",0],[\"files_sharing\",\"num_shares\",472],[\"files_sharing\",\"num_shares_user\",163],[\"files_sharing\",\"num_shares_groups\",48],[\"files_sharing\",\"num_shares_link\",115],[\"files_sharing\",\"num_shares_link_no_password\",115],[\"files_sharing\",\"num_fed_shares_sent\",0],[\"files_sharing\",\"num_fed_shares_received\",0],[\"files_sharing\",\"permissions_2_0\",\"1\"],[\"files_sharing\",\"permissions_1_1\",\"1\"],[\"files_sharing\",\"permissions_2_1\",\"3\"],[\"files_sharing\",\"permissions_3_1\",\"65\"],[\"files_sharing\",\"permissions_1_3\",\"2\"],[\"files_sharing\",\"permissions_2_3\",\"6\"],[\"files_sharing\",\"permissions_1_15\",\"1\"],[\"files_sharing\",\"permissions_2_15\",\"3\"],[\"files_sharing\",\"permissions_0_17\",\"6\"],[\"files_sharing\",\"permissions_1_17\",\"6\"],[\"files_sharing\",\"permissions_2_17\",\"20\"],[\"files_sharing\",\"permissions_3_17\",\"50\"],[\"files_sharing\",\"permissions_0_19\",\"154\"],[\"files_sharing\",\"permissions_1_19\",\"16\"],[\"files_sharing\",\"permissions_2_19\",\"73\"],[\"files_sharing\",\"permissions_0_31\",\"3\"],[\"files_sharing\",\"permissions_1_31\",\"22\"],[\"files_sharing\",\"permissions_2_31\",\"39\"],[\"files_sharing\",\"permissions_4_31\",\"1\"],[\"encryption\",\"enabled\",\"no\"],[\"encryption\",\"default_module\",\"no\"]]}",
            "last_sent": "1611050114",
            "types": ""
        },
        "systemtags": {
            "enabled": "yes",
            "installed_version": "1.10.0",
            "types": "logging"
        },
        "text": {
            "enabled": "yes",
            "installed_version": "3.1.0",
            "types": "dav"
        },
        "theming": {
            "cachebuster": "17",
            "color": "#464646",
            "enabled": "yes",
            "installed_version": "1.11.0",
            "logoMime": "image\/png",
            "name": "Cloud alwaysdata",
            "slogan": "***REMOVED SENSITIVE VALUE***",
            "types": "logging",
            "url": "***REMOVED SENSITIVE VALUE***"
        },
        "twofactor_admin": {
            "enabled": "yes",
            "installed_version": "3.0.0",
            "types": ""
        },
        "twofactor_backupcodes": {
            "enabled": "yes",
            "installed_version": "1.9.0",
            "types": ""
        },
        "twofactor_totp": {
            "enabled": "yes",
            "installed_version": "5.0.0",
            "types": ""
        },
        "updatenotification": {
            "calendar": "2.1.3",
            "contacts": "3.4.3",
            "core": "20.0.5.2",
            "documentserver_community": "0.1.8",
            "enabled": "yes",
            "files_markdown": "2.3.1",
            "files_rightclick": "0.15.1",
            "groupfolders": "8.2.0",
            "installed_version": "1.10.0",
            "mail": "1.7.2",
            "onlyoffice": "6.2.0",
            "twofactor_totp": "5.0.0",
            "types": "",
            "update_check_errors": "0"
        },
        "user_status": {
            "enabled": "yes",
            "installed_version": "1.0.1",
            "types": ""
        },
        "viewer": {
            "enabled": "yes",
            "installed_version": "1.4.0",
            "types": ""
        },
        "weather_status": {
            "enabled": "yes",
            "installed_version": "1.0.0",
            "types": ""
        },
        "workflowengine": {
            "enabled": "yes",
            "installed_version": "2.2.0",
            "types": "filesystem"
        }
    }
}

Are you using external storage, if yes which one: no

Are you using encryption: no

Are you using an external user-backend, if yes which one: no

Client configuration

Browser: Firefox 84.0.2

Operating system: Ubuntu 20.10

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions