I have a site which is only used by our company but is on the internet. Majority of the people that log in are from 1 ip address. If one person has to many bad log in attempts the whole building gets locked out. I have searched here and Google and I can not find anything to indicate if there is a way to white list just our ip for log in attempts. I see the white list for 404 but that doesn't affect the log in attempts.