The Brute-Force Protection extension allows administrators to specify a maximum number of unsuccessful user account login attempts. This protection not only covers login via browser but also password protected shares. On reaching the unsuccessful login limit, ownCloud temporarily bans further login attempts to those user accounts from the originating IP address. The time frame of the ban is configurable by ownCloud administrators.
To configure this app in the web interface, navigate to
admin → settings → admin/security.
To configure this app on the command line you can use occ commands.