We should add new panel "Firewall" to the System at the Backend app where users can simply block IP or IP ranges access to the API. There should also an expire field so that we can block an IP for i.e. a specific period. We could then also use this feature to prevent bruteforce attacks against our authorization endpoint, currently there is no limit and the user needs to configure an external tool like fail2ban.