Block username like with CSF

[depot123]

Hi, I've been using CSF to block IP addresses which show up in BFM.
This can be moderately successful. But does anyone know whether we can block usernames in CSF? Or a similar method?
For instance, the user " info " has 1540 login failures since 1st August.
Also, some non-existent usernames show in BFM with hundreds of login failures.

Is there an easy way to block non-existent usernames?
Either server wide, or by domain.

 

[Zhenyapan]

no, you can't filter by name. just set lower attempts number, for example from 10 to 2 failed attempts.
I have such settings and 30000 blocked IP's pool, it's enough to keep ip's blocked about 14-15 months.

 

[depot123]

Wow, that's a lot - 30,000 blocked IPs.
That doesn't slow down your server?

Anyway, thanks for the quick reply, appreciated.
I will do as you suggest.
What I see is the same username (non-existent) being attempted by many different IPs.
Recently I'm blocking whole subnets of IPs, also by Country Code. Normally I would hesitate to block by Country, but am experimenting.

 

[Zhenyapan]

they blocked by IPSET (it makes less load then iptables/routes) also it's dual xeon e5-2680v4 28core 56 threads, when I use it at something like 6 core 12 threads I set 10000 ips limit.