Brute-force whitelisted IP are ineffective for password resetting #325
Description
How to use GitHub
- Please use the 👍 reaction to show that you are affected by the same issue.
- Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
- Subscribe to receive notifications on status change and new comments.
Steps to reproduce
- Block IP with too many login attempts (brute-force blacklisting)
- Whitelist IP in the Brute-force settings app
- Try to reset the password from the regarding IP
Expected behaviour
Once whitelisted, the login operations (both login or reset password) should be allowed from the regarding IP.
Actual behaviour
User can login from the IP, but reset password action still returns a HTTP 412 error.
Server configuration
Operating system: Debian Buster
Web server: Apache / PHP-FPM
Database: MySQL 10.4.13
PHP version: 7.4.4
Nextcloud version: 20.0.5
Updated from an older Nextcloud/ownCloud or fresh install: Upgraded
Where did you install Nextcloud from: Official download page
Signing status:
Signing status
No errors have been found.
List of activated apps:
App list
Enabled:
- accessibility: 1.6.0
- activity: 2.13.4
- bruteforcesettings: 2.0.1
- calendar: 2.1.3
- cloud_federation_api: 1.3.0
- comments: 1.10.0
- contacts: 3.4.3
- contactsinteraction: 1.1.0
- dashboard: 7.0.0
- dav: 1.16.2
- documentserver_community: 0.1.8
- federatedfilesharing: 1.10.2
- federation: 1.10.1
- files: 1.15.0
- files_markdown: 2.3.1
- files_pdfviewer: 2.0.1
- files_rightclick: 0.17.0
- files_sharing: 1.12.2
- files_trashbin: 1.10.1
- files_versions: 1.13.0
- files_videoplayer: 1.9.0
- firstrunwizard: 2.9.0
- groupfolders: 8.2.0
- logreader: 2.5.0
- lookup_server_connector: 1.8.0
- mail: 1.7.2
- nextcloud_announcements: 1.9.0
- notifications: 2.8.0
- oauth2: 1.8.0
- onlyoffice: 6.2.0
- password_policy: 1.10.1
- photos: 1.2.3
- privacy: 1.4.0
- provisioning_api: 1.10.0
- recommendations: 0.8.0
- serverinfo: 1.10.0
- settings: 1.2.0
- sharebymail: 1.10.0
- support: 1.3.0
- survey_client: 1.8.0
- systemtags: 1.10.0
- text: 3.1.0
- theming: 1.11.0
- twofactor_admin: 3.0.0
- twofactor_backupcodes: 1.9.0
- twofactor_totp: 5.0.0
- updatenotification: 1.10.0
- user_status: 1.0.1
- viewer: 1.4.0
- weather_status: 1.0.0
- workflowengine: 2.2.0
Disabled:
- admin_audit
- encryption
- files_external
- user_ldap
Nextcloud configuration:
Config report
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"nextcloud.alwaysdata.org",
"ad-nextcloud.alwaysdata.net"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"overwrite.cli.url": "https:\/\/ad-nextcloud.alwaysdata.net",
"dbtype": "mysql",
"version": "20.0.5.2",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpmode": "smtp",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"maintenance": false,
"theme": "",
"loglevel": 2,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpsecure": "ssl",
"mail_smtpport": "465",
"app_install_overwrite": [
"calendar"
],
"memcache.local": "\\OC\\Memcache\\APCu",
"memcache.distributed": "\\OC\\Memcache\\Memcached",
"memcached_servers": [
[
"localhost",
11211
]
],
"memcache.locking": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 6379
},
"mail_sendmailmode": "smtp"
},
"apps": {
"accessibility": {
"enabled": "yes",
"installed_version": "1.6.0",
"types": ""
},
"activity": {
"enabled": "yes",
"installed_version": "2.13.4",
"types": "filesystem"
},
"backgroundjob": {
"lastjob": "254"
},
"bruteForce": {
"whitelist_1": "81.28.201.184\/0"
},
"bruteforcesettings": {
"enabled": "yes",
"installed_version": "2.0.1",
"types": ""
},
"calendar": {
"enabled": "yes",
"installed_version": "2.1.3",
"types": ""
},
"cloud_federation_api": {
"enabled": "yes",
"installed_version": "1.3.0",
"types": "filesystem"
},
"comments": {
"enabled": "yes",
"installed_version": "1.10.0",
"types": "logging"
},
"contacts": {
"enabled": "yes",
"installed_version": "3.4.3",
"types": "dav"
},
"contactsinteraction": {
"enabled": "yes",
"installed_version": "1.1.0",
"types": "dav"
},
"core": {
"backgroundjobs_mode": "cron",
"enterpriseLogoChecked": "yes",
"installedat": "1534865793.7312",
"lastcron": "1611058213",
"lastupdateResult": "[]",
"lastupdatedat": "1611058181",
"moveavatarsdone": "yes",
"oc.integritycheck.checker": "[]",
"previewsCleanedUp": "1",
"public_files": "files_sharing\/public.php",
"public_webdav": "dav\/appinfo\/v1\/publicwebdav.php",
"scss.variables": "acf04738bafad3d2d16346746aeff1ba",
"theming.variables": "c96da5636ef759cb25916c25b9288e2a",
"updater.secret.created": "1603350162",
"vendor": "nextcloud"
},
"dashboard": {
"enabled": "yes",
"installed_version": "7.0.0",
"types": ""
},
"dav": {
"buildCalendarReminderIndex": "yes",
"buildCalendarSearchIndex": "yes",
"chunks_migrated": "1",
"enabled": "yes",
"installed_version": "1.16.2",
"regeneratedBirthdayCalendarsForYearFix": "yes",
"types": "filesystem"
},
"documentserver_community": {
"enabled": "yes",
"installed_version": "0.1.8",
"types": "filesystem"
},
"federatedfilesharing": {
"enabled": "yes",
"installed_version": "1.10.2",
"types": ""
},
"federation": {
"autoAddServers": "1",
"enabled": "yes",
"installed_version": "1.10.1",
"types": "authentication"
},
"files": {
"cronjob_scan_files": "500",
"enabled": "yes",
"installed_version": "1.15.0",
"types": "filesystem"
},
"files_fulltextsearch": {
"enabled": "no",
"installed_version": "1.4.3",
"types": "filesystem"
},
"files_markdown": {
"enabled": "yes",
"installed_version": "2.3.1",
"types": ""
},
"files_pdfviewer": {
"enabled": "yes",
"installed_version": "2.0.1",
"types": ""
},
"files_rightclick": {
"enabled": "yes",
"installed_version": "0.17.0",
"types": ""
},
"files_sharing": {
"enabled": "yes",
"installed_version": "1.12.2",
"types": "filesystem"
},
"files_texteditor": {
"enabled": "no",
"installed_version": "2.8.0",
"types": ""
},
"files_trashbin": {
"enabled": "yes",
"installed_version": "1.10.1",
"types": "filesystem,dav"
},
"files_versions": {
"enabled": "yes",
"installed_version": "1.13.0",
"types": "filesystem,dav"
},
"files_videoplayer": {
"enabled": "yes",
"installed_version": "1.9.0",
"types": ""
},
"firstrunwizard": {
"enabled": "yes",
"installed_version": "2.9.0",
"types": "logging"
},
"fulltextsearch": {
"enabled": "no",
"installed_version": "1.4.2",
"types": ""
},
"gallery": {
"enabled": "no",
"installed_version": "18.4.0",
"types": ""
},
"groupfolders": {
"enabled": "yes",
"installed_version": "8.2.0",
"types": "filesystem,dav"
},
"logreader": {
"enabled": "yes",
"installed_version": "2.5.0",
"levels": "11111",
"types": ""
},
"lookup_server_connector": {
"enabled": "yes",
"installed_version": "1.8.0",
"types": "authentication"
},
"mail": {
"enabled": "yes",
"installed_version": "1.7.2",
"types": ""
},
"nextcloud_announcements": {
"enabled": "yes",
"installed_version": "1.9.0",
"pub_date": "Thu, 24 Oct 2019 00:00:00 +0200",
"types": "logging"
},
"notifications": {
"enabled": "yes",
"installed_version": "2.8.0",
"types": "logging"
},
"oauth2": {
"enabled": "yes",
"installed_version": "1.8.0",
"types": "authentication"
},
"onlyoffice": {
"DocumentServerUrl": "https:\/\/nextcloud.alwaysdata.org\/index.php\/apps\/documentserver_community\/",
"defFormats": "{\"docx\":true,\"pptx\":true,\"xlsx\":true,\"odp\":true,\"ods\":true,\"odt\":true,\"doc\":true,\"ppt\":true,\"xls\":true}",
"editFormats": "{\"csv\":true,\"docx\":true,\"pptx\":true,\"txt\":true,\"xlsx\":true,\"odp\":true,\"ods\":true,\"odt\":true,\"rtf\":true}",
"enabled": "yes",
"installed_version": "6.2.0",
"sameTab": "true",
"types": "filesystem"
},
"ownpad": {
"enabled": "no",
"installed_version": "0.6.14",
"ocsid": "174679",
"ownpad_ethercalc_enable": "yes",
"ownpad_ethercalc_host": "https:\/\/ethercalc.alwaysdata.org",
"ownpad_etherpad_enable": "yes",
"ownpad_etherpad_host": "https:\/\/etherpad.alwaysdata.org",
"ownpad_etherpad_useapi": "no",
"types": ""
},
"password_policy": {
"enabled": "yes",
"installed_version": "1.10.1",
"types": "authentication"
},
"photos": {
"enabled": "yes",
"installed_version": "1.2.3",
"types": ""
},
"privacy": {
"enabled": "yes",
"installed_version": "1.4.0",
"types": ""
},
"provisioning_api": {
"enabled": "yes",
"installed_version": "1.10.0",
"types": "prevent_group_restriction"
},
"recommendations": {
"enabled": "yes",
"installed_version": "0.8.0",
"types": ""
},
"serverinfo": {
"enabled": "yes",
"installed_version": "1.10.0",
"types": ""
},
"settings": {
"enabled": "yes",
"installed_version": "1.2.0",
"types": ""
},
"sharebymail": {
"enabled": "yes",
"installed_version": "1.10.0",
"types": "filesystem"
},
"support": {
"SwitchUpdaterServerHasRun": "yes",
"enabled": "yes",
"installed_version": "1.3.0",
"types": "session"
},
"survey_client": {
"enabled": "yes",
"installed_version": "1.8.0",
"last_report": "{\"id\":\"ocuv4tp55nnj\",\"items\":[[\"server\",\"version\",\"20.0.5.2\"],[\"server\",\"code\",\"other\"],[\"server\",\"enable_avatars\",\"yes\"],[\"server\",\"enable_previews\",\"yes\"],[\"server\",\"memcache.local\",\"\\\\OC\\\\Memcache\\\\APCu\"],[\"server\",\"memcache.distributed\",\"\\\\OC\\\\Memcache\\\\Memcached\"],[\"server\",\"asset-pipeline.enabled\",\"no\"],[\"server\",\"filelocking.enabled\",\"yes\"],[\"server\",\"memcache.locking\",\"\\\\OC\\\\Memcache\\\\Redis\"],[\"server\",\"debug\",\"no\"],[\"server\",\"cron\",\"cron\"],[\"php\",\"version\",\"7.4.4\"],[\"php\",\"memory_limit\",536870912],[\"php\",\"max_execution_time\",0],[\"php\",\"upload_max_filesize\",268435456],[\"database\",\"type\",\"mysql\"],[\"database\",\"version\",\"10.4.13\"],[\"database\",\"size\",64233472],[\"apps\",\"accessibility\",\"1.6.0\"],[\"apps\",\"activity\",\"2.13.4\"],[\"apps\",\"calendar\",\"2.1.3\"],[\"apps\",\"cloud_federation_api\",\"1.3.0\"],[\"apps\",\"comments\",\"1.10.0\"],[\"apps\",\"contacts\",\"3.4.3\"],[\"apps\",\"contactsinteraction\",\"1.1.0\"],[\"apps\",\"dashboard\",\"7.0.0\"],[\"apps\",\"dav\",\"1.16.2\"],[\"apps\",\"documentserver_community\",\"0.1.8\"],[\"apps\",\"federatedfilesharing\",\"1.10.2\"],[\"apps\",\"federation\",\"1.10.1\"],[\"apps\",\"files\",\"1.15.0\"],[\"apps\",\"files_fulltextsearch\",\"disabled\"],[\"apps\",\"files_markdown\",\"2.3.1\"],[\"apps\",\"files_pdfviewer\",\"2.0.1\"],[\"apps\",\"files_rightclick\",\"0.17.0\"],[\"apps\",\"files_sharing\",\"1.12.2\"],[\"apps\",\"files_texteditor\",\"disabled\"],[\"apps\",\"files_trashbin\",\"1.10.1\"],[\"apps\",\"files_versions\",\"1.13.0\"],[\"apps\",\"files_videoplayer\",\"1.9.0\"],[\"apps\",\"firstrunwizard\",\"2.9.0\"],[\"apps\",\"fulltextsearch\",\"disabled\"],[\"apps\",\"gallery\",\"disabled\"],[\"apps\",\"groupfolders\",\"8.2.0\"],[\"apps\",\"logreader\",\"2.5.0\"],[\"apps\",\"lookup_server_connector\",\"1.8.0\"],[\"apps\",\"mail\",\"1.7.2\"],[\"apps\",\"nextcloud_announcements\",\"1.9.0\"],[\"apps\",\"notifications\",\"2.8.0\"],[\"apps\",\"oauth2\",\"1.8.0\"],[\"apps\",\"onlyoffice\",\"6.2.0\"],[\"apps\",\"ownpad\",\"disabled\"],[\"apps\",\"password_policy\",\"1.10.1\"],[\"apps\",\"photos\",\"1.2.3\"],[\"apps\",\"privacy\",\"1.4.0\"],[\"apps\",\"provisioning_api\",\"1.10.0\"],[\"apps\",\"recommendations\",\"0.8.0\"],[\"apps\",\"serverinfo\",\"1.10.0\"],[\"apps\",\"settings\",\"1.2.0\"],[\"apps\",\"sharebymail\",\"1.10.0\"],[\"apps\",\"support\",\"1.3.0\"],[\"apps\",\"survey_client\",\"1.8.0\"],[\"apps\",\"systemtags\",\"1.10.0\"],[\"apps\",\"text\",\"3.1.0\"],[\"apps\",\"theming\",\"1.11.0\"],[\"apps\",\"twofactor_backupcodes\",\"1.9.0\"],[\"apps\",\"twofactor_totp\",\"5.0.0\"],[\"apps\",\"updatenotification\",\"1.10.0\"],[\"apps\",\"user_status\",\"1.0.1\"],[\"apps\",\"viewer\",\"1.4.0\"],[\"apps\",\"weather_status\",\"1.0.0\"],[\"apps\",\"workflowengine\",\"2.2.0\"],[\"stats\",\"num_files\",122900],[\"stats\",\"num_users\",9],[\"stats\",\"num_storages\",10],[\"stats\",\"num_storages_local\",1],[\"stats\",\"num_storages_home\",9],[\"stats\",\"num_storages_other\",0],[\"stats\",\"num_comments\",2],[\"stats\",\"num_comment_markers\",2],[\"stats\",\"num_systemtags\",0],[\"stats\",\"num_systemtags_mappings\",0],[\"files_sharing\",\"num_shares\",472],[\"files_sharing\",\"num_shares_user\",163],[\"files_sharing\",\"num_shares_groups\",48],[\"files_sharing\",\"num_shares_link\",115],[\"files_sharing\",\"num_shares_link_no_password\",115],[\"files_sharing\",\"num_fed_shares_sent\",0],[\"files_sharing\",\"num_fed_shares_received\",0],[\"files_sharing\",\"permissions_2_0\",\"1\"],[\"files_sharing\",\"permissions_1_1\",\"1\"],[\"files_sharing\",\"permissions_2_1\",\"3\"],[\"files_sharing\",\"permissions_3_1\",\"65\"],[\"files_sharing\",\"permissions_1_3\",\"2\"],[\"files_sharing\",\"permissions_2_3\",\"6\"],[\"files_sharing\",\"permissions_1_15\",\"1\"],[\"files_sharing\",\"permissions_2_15\",\"3\"],[\"files_sharing\",\"permissions_0_17\",\"6\"],[\"files_sharing\",\"permissions_1_17\",\"6\"],[\"files_sharing\",\"permissions_2_17\",\"20\"],[\"files_sharing\",\"permissions_3_17\",\"50\"],[\"files_sharing\",\"permissions_0_19\",\"154\"],[\"files_sharing\",\"permissions_1_19\",\"16\"],[\"files_sharing\",\"permissions_2_19\",\"73\"],[\"files_sharing\",\"permissions_0_31\",\"3\"],[\"files_sharing\",\"permissions_1_31\",\"22\"],[\"files_sharing\",\"permissions_2_31\",\"39\"],[\"files_sharing\",\"permissions_4_31\",\"1\"],[\"encryption\",\"enabled\",\"no\"],[\"encryption\",\"default_module\",\"no\"]]}",
"last_sent": "1611050114",
"types": ""
},
"systemtags": {
"enabled": "yes",
"installed_version": "1.10.0",
"types": "logging"
},
"text": {
"enabled": "yes",
"installed_version": "3.1.0",
"types": "dav"
},
"theming": {
"cachebuster": "17",
"color": "#464646",
"enabled": "yes",
"installed_version": "1.11.0",
"logoMime": "image\/png",
"name": "Cloud alwaysdata",
"slogan": "***REMOVED SENSITIVE VALUE***",
"types": "logging",
"url": "***REMOVED SENSITIVE VALUE***"
},
"twofactor_admin": {
"enabled": "yes",
"installed_version": "3.0.0",
"types": ""
},
"twofactor_backupcodes": {
"enabled": "yes",
"installed_version": "1.9.0",
"types": ""
},
"twofactor_totp": {
"enabled": "yes",
"installed_version": "5.0.0",
"types": ""
},
"updatenotification": {
"calendar": "2.1.3",
"contacts": "3.4.3",
"core": "20.0.5.2",
"documentserver_community": "0.1.8",
"enabled": "yes",
"files_markdown": "2.3.1",
"files_rightclick": "0.15.1",
"groupfolders": "8.2.0",
"installed_version": "1.10.0",
"mail": "1.7.2",
"onlyoffice": "6.2.0",
"twofactor_totp": "5.0.0",
"types": "",
"update_check_errors": "0"
},
"user_status": {
"enabled": "yes",
"installed_version": "1.0.1",
"types": ""
},
"viewer": {
"enabled": "yes",
"installed_version": "1.4.0",
"types": ""
},
"weather_status": {
"enabled": "yes",
"installed_version": "1.0.0",
"types": ""
},
"workflowengine": {
"enabled": "yes",
"installed_version": "2.2.0",
"types": "filesystem"
}
}
}
Are you using external storage, if yes which one: no
Are you using encryption: no
Are you using an external user-backend, if yes which one: no
Client configuration
Browser: Firefox 84.0.2
Operating system: Ubuntu 20.10