EFT Server can add an IP address to the Site’s IP ban list when a specified number of invalid login attempts occur over a specified period when a non-existing username was supplied. The offending IP address is added to the Site's IP ban list, which can be viewed and managed on the Site's Connections tab.
To automatically ban an IP address that uses an invalid account
In the Administrator, connect to EFT Server and click the Server tab.
In the left pane, click the Site.
In the right pane, click the Security tab.
If the check box contains a gray check mark, the user or Settings Template is inheriting permission from the parent level.
In the Password Security area, next to Invalid login options, click Configure. The Login Security Options dialog box appears.
Select the Ban IP address check box, then specify the number of invalid login attempts and number of minutes during which to count the invalid logins of non-existent user accounts.
Click OK to save the changes and close the dialog box.
Click Apply to save the changes on EFT Server.