Fix: stop sending Auth-Wait after 10 attempts to comply with advice
from nginx documentation quoted below.
"The current implementation allocates memory for each authentication
attempt. The memory is freed only at the end of a session. Therefore,
the number of invalid authentication attempts in a single session must
be limited — the server must respond without the “Auth-Wait” header
after 10-20 attempts (the attempt number is passed in the