Log in page for admin site not rate limited #2251
Description
A big part of me really doesn't care about this, BUT it's true that it kind of matters and I think it's finally the last place where folks need to be ratelimited (ha, ha, we'll see).
Our VDP has yielded a couple good vulnerabilities (including one in Python itself), but I do tire of all the ratelimit testers.
Anyhow, the easiest solution is to just remove the admin log in page and redirect it to our regular one (which is rate limited). See here for a solution that's pretty darned simple: