Try to set the option:
$config['log_logins']
in:
/usr/local/cwpsrv/var/services/roundcube/config/defaults.inc.php
to "true" then edit the file /etc/csf/csf.conf and change:
CUSTOM3_LOG = "/var/log/customlog"
to
CUSTOM3_LOG = "/usr/local/cwpsrv/var/services/roundcube/logs/userlogins.log"
Restart CSF and see if it blocks IP if the IP generates too many failed login attempts.
Additionally I recommend you to add your own IP to the whitelist before you perform any tests.