This configuration directive specifies the number of incorrect password attempts from a single IP address to lockout. The default value is 10. For example, using with IPLockoutInterval, the following configuration directives will lock out an IP address if 10 or more incorrect login attempts are made within 1800 seconds from the same IP address. If you specify 0, Movable Type never locks out IP addresses.
IPLockoutLimit 10 IPLockoutInterval 1800