Block IP by Domain when specific username is attempted?

This question seems to have been asked in a few different variations in this forum, and equate to SU's limited rules available to block by adding IP to the Domain Deny List

Currently blocked are 636 IP, however this requires attempt by a bot, 4 times in 8 seconds blocked forever; AND as far as I know there's a bug that the bot/user is not blocked until 8 seconds elapses, 4 or more attempts in 6 seconds does not block until the 8 second mark is attempted, and similarly attempting 3 times in 7 seconds allows a bot to attempt forever

Anyway, the question is if say attempted login by "root" occurs to add the IP to the IP Access list with Access = 0 (deny)?