Information
MySQL Server can enable administrators to introduce an increasing delay in server response to clients after a certain number of consecutive failed connection attempts.
Rationale:
Delaying connection attempts provides a deterrent that slows down brute force attacks that attempt to access MySQL user accounts.
Solution
Add the following lines to my.cnf:
[mysqld]
plugin-load-add=connection_control.so
connection-control=FORCE_PLUS_PERMANENT
connection-control-failed-login-attempts=FORCE_PLUS_PERMANENT
connection_control_failed_connections_threshold=5
connection_control_min_connection_delay=60000
connection_control_max_connection_delay=1920000
Delays are in milliseconds for server response to failed connection attempt.
60000 (ms - 1 minute)
1920000 (ms, 32 minutes)
For each user set
ALTER USER <user> FAILED_LOGIN_ATTEMPTS 12;