allowing or disallowing different accounts to be accessed through internet

[jerabaul29]

When having set up the Nextbox to be accessible through the internet (for example with a guided, reverse DNS through de SEC as recommended), is there a way to decide on an account to account basis if the account can be accessed through the internet?

For example, I would like to disable logging over the internet for my admin account (allowing only connection through the local network to the admin account), while allowing some user accounts to be accessed through the internet and the reverse DNS.

[daringer]

So far I know there isn't such a functionality... I am just aware of this: https://apps.nextcloud.com/apps/limit_login_to_ip, which overall restricts access to specific ip-ranges, not in a per-user way.

Maybe just set up a 2FA auth mechanism for the admin user, e.g., based on fido2 this is pretty safe ...

[jerabaul29]

Yes, I already have a google authenticator auth in place, and I force all users to use 2FA. Still, regarding security, the more the better :) . I can open an issue on nextcloud though, understand this is a nextcloud not nextbox issue :) .