Simple Login is designed to work entirely without a server. If you want to prevent clients from creating accounts, you'll need to utilize custom login and roll your own.
However, in most cases, you probably don't need to prevent accounts from being created in Simple Login. You can achieve the same result by simply preventing users from creating a user record in Firebase, and base your security rules on this.
For example, when a new user account is created on the server, I could create the user profile as:
/user/$user_id/...
I can allow users to write to their own profile, but not create a profile, with this rule:
".write": "data.exists() && auth.uid === $user_id"
Then, to control access to any path on the server, I can write a rule as follows:
".read": "root.child('user/'+auth.uid).exists()"
Since only the server can create the profile in the first place, the user has effectively been prevented from creating an account.