Auto populate IP GROUP upon allow/deny or HTTP Flood "hit" threshold

I'd fancy a possibility to populate a given IP GROUP on a "hit" threshold / usually annoying actors are kind of stubborn and would hammer endlessly/stupidly -- the idea of this feature request would be:

• provide a way for Admins to set a deny OR HTTP Flood threshold hit / in magnitude of a number. I.E: 100
• once that hit amount is reached in either Deny triggers or HTTP Flood triggers, the offending IP would be bounced within a user chosen IP GROUP

That would effectively annihilate hammering attempts by moving these IP's within a DENY group in an automated manner. Obviously, as a configurable and optional possibility.