Hi Support,
there is no rate limit on Forget password due to which anyone can exploit and send bulk forget password emails to any user's email ID. How we can restrict it? Can we enable CAPTCHA or do something to revoke it? Same goes for Comments. The application allows unlimited comment submissions without any rate limit. Can we enable CAPTCHA or restrict the number of comments per user/IP within a timeframe?
