diff --git a/admin_manual/configuration_server/bruteforce_configuration.rst b/admin_manual/configuration_server/bruteforce_configuration.rst
new file mode 100644
index 000000000..eedad1e70
--- /dev/null
+++ b/admin_manual/configuration_server/bruteforce_configuration.rst
@@ -0,0 +1,39 @@
+======================
+Brute force protection
+======================
+
+Nextcloud has built-in protection against brute force attempts. This protects
+your system from attackers trying for example a lot of different passwords.
+
+Brute force protection is enabled by default on Nextcloud.
+
+
+How it works
+------------
+
+The brute force protection is easiest to see in action at the login page.
+If you try to log in the first time with an invalid username and/or password you
+will not notice anything. But if you do this a few times you start to notice
+that the verification of the login is taking longer each time. This is the
+brute force protection kicking in.
+
+The maximum delay is 25 seconds.
+
+After a successfull login the attempts will be cleared. And once a user is
+properly authenticated they will not longer be hit by the delay.
+
+
+Troubleshooting
+---------------
+
+On most setups Nextcloud will work out of the box without any issues. If you
+run into a situation where login is often very slow for all users the first
+step is to inspect the `bruteforce_attempts` table. There you can see
+which IP addresses are actually throttled.
+
+If you are behind a reverse proxy or load balancer it is important you make sure it is
+setup properly. Especially the **trusted_proxies** and **forwarded_for_headers**
+`config.php` variables need to be set correctly. Otherwise it can happen
+that Nextcloud actually starts throttling all traffic coming from the reverse
+proxy or load balancer. For more information see serverconf_reverseproxy_.
+
diff --git a/admin_manual/configuration_server/index.rst b/admin_manual/configuration_server/index.rst
index 2d3716e41..d086d8390 100644
--- a/admin_manual/configuration_server/index.rst
+++ b/admin_manual/configuration_server/index.rst
@@ -17,6 +17,7 @@ Nextcloud configuration
    logging_configuration
    antivirus_configuration
    reverse_proxy_configuration
+   bruteforce_configuration
    automatic_configuration
    theming
    oauth2
diff --git a/admin_manual/configuration_server/reverse_proxy_configuration.rst b/admin_manual/configuration_server/reverse_proxy_configuration.rst
index 9483a8fea..1c01826c3 100644
--- a/admin_manual/configuration_server/reverse_proxy_configuration.rst
+++ b/admin_manual/configuration_server/reverse_proxy_configuration.rst
@@ -1,3 +1,5 @@
+.. _serverconf_reverseproxy:
+
 =============
 Reverse proxy
 =============