WordPress.org

Ready to get started?Download WordPress

Forums

Botnet Attack Blocker
Best Defense (3 posts)

5 stars
  1. fdickey
    Member
    Posted 1 year ago #

    We have monitors that check our web and MySQL servers every 5 minutes so we have been well aware when DDoS attacks have been happening to our servers. We tried other lockout plugins, but they are completely useless against DDoS attacks. They seemed to like 2 of the 10 WordPress sites I manage...and WordPress versions doesn't seem to have any influence on what sites get hit.

    I was actually able to test this plugin during an actual DDoS attack. Our web and MySQL servers were spiked until this plugin activated. Once activated, both servers returned to normal.

    This plugin does exactly what it says. It locks your site completely down to where absolutely no one can login during an attack unless they have a static IP address and that IP address is listed in the IP white list.

    It's a bit extreme, but extreme attacks require extreme security measures and I'd rather have to tell a customer to get a static IP address (for security reasons) than have to explain to them why their site is down. I set the lockout time to its maximum setting of 5 hours and the time between invalid attempts to 1 minute. I want things locked down ASAP when these %*#&#'s start hitting our servers.

  2. cheesefather
    Member
    Plugin Author

    Posted 1 year ago #

    Great to hear it's working out there in the wild! You're right, it is a little extreme to lock everyone out, but it works and it's only temporary :)

  3. fdickey
    Member
    Posted 1 year ago #

    Yes it is temporary and sure beats getting a text message at 9PM or 4AM about the Web Server or MySQL server being slow or non-responsive.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.