# Security

- [Brute-force Protection](/security/brute-force-protection.md): Account Lockout Policy safeguards attacks towards a user account from brute-force login attempts
- [Bot Protection](/security/bot-protection.md): Use bot protection tools to block automated attackers
- [IP Blocklist](/security/ip-blocklist.md): IP Blocklist allows you to block incoming traffic based on IP addresses or geographic regions.
- [Non-HTTP scheme redirect URI](/security/redirect-uri.md): Implication of using non-HTTP scheme in redirect URI.
- [Sender Constraining](/security/sender-constraining.md): Sender constrain refresh tokens in Authgear