Can Gitlab CE accounts get hacked by a bruteforce/dictionary attack?

Should I regularly check logs for login attempts to my gitlab-ce for repeated failed logins from an IP (and have to manually block hacker IPs), or does gitlab-ce only allow a couple of bad logins from an IP per interval of time, making a brute force attack take at least a couple days and not requiring me to check logs so often?

My repo URL might be public so I’m concerned about being a target of such activity.

Anyone have a solution for viewing logs on windows created on a remote linux server?