Malicious

Spam/Attack: it works to detect script attacks like if someone tries to do SQL injection or tries to insert some scripting text like <script>('alert')</script>, XOR, INSERT, and more like that. then it will remove that text and allow the user to do the action. but if the system gets those texts, it will mark the user's IP Address as a spammer and make it count as 1 attempt. so if you set the allow attempts 2, it allows the user 2 times to do the action. after reaching the maximum number of attempts it will block the user permanently from doing any action. (until you reset the attempts.)

You can see the list and reset it from Malicious > Malicious

User attempts: It works for the Registration and checkout page. Registration: it only allows a user 2 attempts to register in a day (24 hours). so a user can do registration only 2 times within a day.

Checkout: A customer can place an order 2 times within 5 minutes. if he tries to place an order multiple times within 5 minutes then the system will block the IP for 5 minutes and it will count as 1 attempt. If he tries 10 times like that then the customer will be blocked permanently. (until you reset the attempts.)

You can see the list and reset it from Malicious > user attempts