Remote API: Disabling/locking account does not disable other access
Pretty simple bug, when an account is locked it does not disable ssh, mail, or ftp access.... it only disables the login and website.
[Edit] After looking in the tracker, I see this is a duplicate request - by 3 times at minimum and at least 10 months old. And it is only affecting api users (which is the exact same issue I am having). I'm still going to leave the bug/feature request here because maybe it's simply low priority or forgotten, but is important enough to be requested more than 3 times by different people.