Failed Login Lockout / Brute Force Protection

Add a configuration variable to allow for brute force protection, where an IP address is locked out for a specified time after so many failed login attempts.

Not necessarily a high priority right now, but as the install-base begins to grow we could definitely see bots start targeting installs, especially if they have a weak API key.

1 Like

Maybe this is the beginning of that?

1 Like

Added something similar

login_attempts_threshold and ip_ban_enabled are available.