Protect your blog from login brute force attacks adding a captcha on login page of your site
I don't understand why people gave it a low rating. I'm giving it 4 for only one reason, it doesn't look like the author is addressing any issues in the support forum. Other than that, it works just fine.
This plugin does exactly what it says and has been effectively thwarting the ongoing brute force wp-login attacks.
This plugin can not be used by developers who run their sites in debug mode:
define('WP_DEBUG', true); in wp-config.php
The developers do not respond to support questions.
I'm just trying this plugin for the first time as something different to the "1+1" captchas I've been using. However, I tried 6 times entering the exact captcha being shown in the image and it was rejected each time. In addition, the link was showing a link of "i.getsavinjs.info". I had to FTP in to remove this plugin in order to log into my wordpress site.
I was being hit by the recent brute force attempts to login as admin. I have no user 'admin' but it was getting on my... well you know.
It's only been 24 hours but I don't as yet have a single failed login in that time. The first time in many weeks.
I will update this if (when) things change.
UPDATE (October 2013)
It's now been 6 months with no brute force attempts so I decided to switch the captcha off. 30 minutes (and over 300 failed 'admin' login attempts later) I switched it back on.
'admin' has again stopped trying to login.
Still works beautifully.
Plugin is working perfectly
You must log in to submit a review. You can also log in or register using the form near the top of this page.