Duplicate Security Request: Block by IP address after failed login attempts

[ZLoth 3]

One of the security issues of having my server in a public-facing enviroment is a "brute force" attack where various passwords are attempted against the server to gain access. A good security policy to adopt is if, after 10 or more failed attempts, the IP address is blocked from further login attempts and the date/time, IP address, and account name is logged for viewing by the server administrator. 

[ebr 14913]

Hi, there's already an open request for this or something functionally equivalent. Please join in and contribute to the existing discussion at: