Limit rate of login attempts, including by way of cookies, for each IP. Fully customizable.
After hearing about a recent brute-force hack attempt targeting WordPress sites, I went to find a plugin to lock out usernames with x amount of failed logins.
This was the 3rd one I tried and by far the best. Did exactly what I needed to, perfectly.
Within the hour of installing it, I started seeing attempts at random IP's trying to login to four of my sites, but getting locked out.
The plugin is easy to install and can be used out of the box without reconfiguring the default settings. I've found this is one of the easiest ways to prevent a brute force attack and is a great alternative to other security plugins that alter the wp core. I use this plugin on all my sites.
and after having collected bad ips for a longer time, i will now install http://wordpress.org/extend/plugins/wp-ban/ to ban them
Just install and activate, the default settings are reasonable.
For a long time, this plugin has been proven to prevent WP sites from hack attempts logging in with easy to guess user names and passwords.
The recent massive brute force attacks againts WP should be a sign to consider merging this plugin into WP core
Simple to get running and highly effective. A great security tool for any WordPress site!
Does one thing, good.
Thank you! Works effortlessly.
I installed this after my ISP sent out a message to all the hosting clients that there were repeated Brute Force attempts on all WordPress installations.
I feel a better knowing this is installed.
You must log in to submit a review. You can also log in or register using the form near the top of this page.