Downloads from Invantive Bridge Online and/or Invantive App Online are authenticated using Basic authentication.
Currently, a specific logon code will be blocked for increasing periods of time upon subsequent authentication failures in a short timeframe. However, the IP-address from which the failed requests are originating are currently not blocked.
In a next release, individual IP-addresses will also be blocked for increasing periods of time when a number of authentication failures or other misbehaviour are triggered from it. It does not matter whether the authentication fails for a specific logon code or a range of failures across a range of logon codes.
When an individual IP-address is shared and/or controlled by multiple persons, this means that the behaviour of a single individual may impact all persons connecting through that IP-address. All downloads from that IP-address will be blocked for increasing periods of time.
A number of IP-addresses will not be subjected to these IP-address blocks. Invantive has made a selection of IP-addresses from parties in good standing such as Google and Microsoft that are actually multiplexers for a lot of users. Blocking these IP-addresses would enable a party to perform a Denial of Service attack to block many users connecting from these shared services.