Hi Ram, You are in the right track. Just add some additional logic to your banning code so it also detects and tracks correct logins.
With this information you can easily avoid blocking legitimate IPs (with correct logins) that are just failing to authenticate because old and/or half configured accounts....the rest can be blocked with no mercy, Best Regards, > I tried implementing banip and blocked a few ips but that did not > work > for long. Many customers are behind a single gateway and when someone > has an old account configured on some device the number of failed > attempts cross threshold easily. So I end up blocking a good ip > address > > > > I guess this must a common problem. Is there a standard "good > practices" > list to keep these scammers/spammers off >
