More granularity in anti-hammering settings
Right now there is no ability to set any parameters to the anti-hammering (password guessing) security features. For example, it would be great if we could specify different lengths of time for the block of IP addresses that are suspected of password guessing attacks. Right now, the ban only lasts a few minutes, but we would like the option to set that to a longer duration.
It would also be good if we could have the option to permanently block whole IP address blocks of addresses, or at least permanently block repeat offenders.