Fail2ban can be used to block users after a number of failed login attempts. It works by monitoring the apache access log for invalid logins.
Make sure fail2ban is installed and enabled on your server.
Add the filter definition to /etc/fail2ban/filter.d/groupoffice.conf:
[Definition] failregex = <HOST> - - .*auth.php.* 401\s ignoreregex =
Define the jail in /etc/fail2ban/jail.d/groupoffice.conf:
[groupoffice] enabled = true port = http,https filter = groupoffice logpath = /var/log/apache2/access.log maxretry = 3
Make sure the “logpath” value is set to the access log of the webserver.
For more information about Fail2ban and the configuration of it visit https://www.fail2ban.org
This works from 6.3.62 and up.
If you use the Group-Office mailserver then also enable the sasl, dovecot and postfix filters.