WordPress.org

Ready to get started?Download WordPress

Forums

Limit Login Attempts
Feature Request: Block username repeats (2 posts)

  1. chrispink
    Member
    Posted 9 months ago #

    I am having fun today, one of my sites is being brute force attempted 100s of times with different IPs I don't know whether they are real IPs of some kind of cloaking.

    But anyway, strikes me that if someone's tried 'admin' after one lockout or "dave' after 4 attempts that that username should be blocked for time A and then time B too no matter what IP. I have 4 login attempts so if I have password problems twice I make damn sure I know what it really is before trying again and a sensible adjunct to this plugin is an unusual username.

    Wonderful plugin though, lifesaver.

    A point worth noting is that some brute force attempts scan for authors so it's always wise to have your admin user not a post author.

    http://wordpress.org/extend/plugins/limit-login-attempts/

  2. gacb
    Member
    Posted 4 months ago #

    Try WordFence. It does that along with many other useful options. You can uncheck the option to send an email for both successful and unsuccesful logins if it gets too tiresome.

    I had a ton of attempts over the past 24 hours, but none broke through. It helps to have a long (at least 12 characters) meaningless password made from letters, numbers and symbols.

Reply

You must log in to post.

About this Plugin

About this Topic