I have a couchdb server open to all IP sources. Each client make a request this way :

http://username:password@couchdb/database

How can I prevent a brut force attack ? Is there a way to ban a source if there is an auth problem after X trials ?