Till this suggestion will pass the review phase Linux users could use fail2ban (www.fail2ban.org) and Axigen security log (introduced from version 9) to block IP addresses.
More details about this implementation could be found in [1].
As @Gabriel has posted the most important issue is to take into consideration that an attack from a NATed PC will trigger a block for the WAN IP and this an increase of support tickets to the server support team will be observed,
Because of the IPv6 support (which will be introduced with Axigen 10) blocking IPs will be a more difficult process and, in my opinion, a better approach could be to introduce a delay at each failed login (which could double at each failure) making the dictionary password attack nonfunctional.
Ioan
Till this suggestion will pass the review phase Linux users could use fail2ban (www.fail2ban.org) and Axigen security log (introduced from version 9) to block IP addresses.
More details about this implementation could be found in [1].
As @Gabriel has posted the most important issue is to take into consideration that an attack from a NATed PC will trigger a block for the WAN IP and this an increase of support tickets to the server support team will be observed,
Because of the IPv6 support (which will be introduced with Axigen 10) blocking IPs will be a more difficult process and, in my opinion, a better approach could be to introduce a delay at each failed login (which could double at each failure) making the dictionary password attack nonfunctional.
[1] https://www.axigen.com/forum/forum/support-discussion-lists/feature-requests/4154-brute-force-fail2ban-style-protection?p=23209#post23209