diff --git a/admin/admin.js b/admin/admin.js
index 967086a..73516a3 100644
--- a/admin/admin.js
+++ b/admin/admin.js
@@ -14,7 +14,7 @@ module.exports=
      * @param request
      * @return {*|Promise}
      */
-    main: function(request)
+    main: function(request, clientAddress)
     {
         return new Promise(function(resolve, reject)
         {
diff --git a/admin/login/login.js b/admin/login/login.js
index 71aafd9..d2185e8 100644
--- a/admin/login/login.js
+++ b/admin/login/login.js
@@ -4,6 +4,8 @@ const utils = require('../../utils/utils.js');
 //update db
 const sql = require('../../utils/sql');
 
+const qs = require('querystring');
+
 
 /**
  * Processes post data to see if the user has successfully
@@ -13,16 +15,20 @@ const sql = require('../../utils/sql');
  * @param request
  * @returns {Promise}
  */
-const processLogin = function(request)
+const processLogin = function(request, clientAddress)
 {
     return new Promise(function(resolve, reject)
     {
         utils.getPostData(request).then(function(postData)
         {
+            const post = qs.parse(postData);
+            if(!post.username && !post.password)
+            {
+                resolve("");
+            }
             return sql.checkLogin(postData);
         }).then(function(loginResult)
         {
-
             if(loginResult.pass)
             {
                 request.session.user = loginResult.user;
@@ -31,8 +37,9 @@ const processLogin = function(request)
             }
             else
             {
-                console.log("password incorrect");
-                resolve("Password incorrect");
+                banIP(clientAddress);
+                console.log("Invader!");
+                resolve("Wrong!");
             }
         }).catch(function(err)
         {
@@ -42,6 +49,54 @@ const processLogin = function(request)
 };
 
 
+/** Global Containing Ban Data **/
+var banData = {};
+
+/** Number of incorrect login attempts permitted per ip */
+const LOGIN_LIMIT = 5;
+
+
+/**
+ * Determines if a client is banned from the server
+ * or not.
+ *
+ * @param clientAddress
+ */
+const isBanned = function(clientAddress)
+{
+    if(clientAddress in banData)
+    {
+        user = banData[clientAddress];
+
+        return user.incorrectLogins > LOGIN_LIMIT;
+    }
+    return false;
+
+};
+
+
+/**
+ * Increments the user's incorrect login attempt
+ * counter.
+ *
+ * @param clientAddress
+ */
+const banIP = function(clientAddress)
+{
+    if(clientAddress in banData)
+    {
+        user = banData[clientAddress];
+        user.incorrectLogins++;
+    }
+    else
+    {
+        var newUser = new Object();
+        newUser.incorrectLogins = 1;
+        banData[clientAddress] = newUser;
+    }
+};
+
+
 module.exports=
     {
         /**
@@ -50,19 +105,27 @@ module.exports=
          * @param request express request containing post data
          * @returns {Promise} resolves html of login page
          */
-        main: function(request)
+        main: function(request, clientAddress)
         {
-            return new Promise(function(resolve, reject)
+            if(isBanned(clientAddress))
             {
-                Promise.all([utils.include("./admin/login/login.html"),
-                    require("../../sidebar/sidebar.js").main(),
-                    processLogin(request)]).then(function(html)
-                {
-                    resolve(html.join('') + "</div>");
-                }).catch(function(err)
+                return utils.printBannedPage();
+            }
+            else
+            {
+                return new Promise(function(resolve, reject)
                 {
-                    reject(err);
-                })
-            });
+                    Promise.all([utils.include("./admin/login/login.html"),
+                        require("../../sidebar/sidebar.js").main(),
+                        processLogin(request, clientAddress)]).then(function(html)
+                    {
+                        resolve(html.join('') + "</div>");
+                    }).catch(function(err)
+                    {
+                        reject(err);
+                    })
+                });
+            }
+
         },
     };
\ No newline at end of file
diff --git a/includes/html/banHammer.html b/includes/html/banHammer.html
new file mode 100644
index 0000000..e3b1159
--- /dev/null
+++ b/includes/html/banHammer.html
@@ -0,0 +1,4 @@
+<br>
+<center><h1>Ban Hammer!</h1></center>
+<br>
+<center><img src="/includes/img/404.jpg" alt="Page not found" width="70%" /></center>
diff --git a/sites/admin.js b/sites/admin.js
index 50ce73b..d7a3e78 100644
--- a/sites/admin.js
+++ b/sites/admin.js
@@ -26,12 +26,16 @@ module.exports=
             }
             else
             {
+                const clientAddress = (request.headers['x-forwarded-for'] || '').split(',')[0]
+                    || request.connection.remoteAddress;
+
+
                 result.writeHead(200, {'Content-Type': 'text/html'});
 
                 const file = "../admin/admin.js";
 
                 Promise.all([includes.printAdminHeader(),
-                    require(file).main(request),
+                    require(file).main(request, clientAddress),
                     includes.printFooter()]).then(function(content)
                 {
                     result.write(content.join(''));
diff --git a/utils/utils.js b/utils/utils.js
index 7413fa0..9af829a 100644
--- a/utils/utils.js
+++ b/utils/utils.js
@@ -133,5 +133,17 @@ module.exports=
     printWrongHost: function()
     {
         return this.include("includes/html/incorrectHost.html");
+    },
+
+
+    /**
+     * Displays 404 error to user
+     *
+     * @param result
+     * @returns {*}
+     */
+    printBannedPage: function()
+    {
+        return this.include("includes/html/banHammer.html");
     }
 };
\ No newline at end of file