In version 1.5.7 we’ve introduced the brute force protection. You can enable it in the magic link settings page in admin section.
If enabled, there’s 3 more fields that needs to be completed:
- Block IP after how many login failures – set the max number of failures.
- Count failures over what time period (hours) – set the time frame in hours to count failures.
- Amount of time a user is locked out (hours) – set the time frame in hours to block user. It counts from the last failure.