perhaps a "ban UUID" console command, and implemented in remote admin? Suppose a user is logged inworld, they would get a banmessage, and logged off automagically? About remote admin security: Would be nice to have xmlrpc to https://host:9000, and add a banip after x bad requests. phrearch