Title: Blocking Brute Force Attacks
Last modified: August 21, 2016

---

# Blocking Brute Force Attacks

 *  [patrickhealy](https://wordpress.org/support/users/patrickhealy/)
 * (@patrickhealy)
 * [13 years ago](https://wordpress.org/support/topic/blocking-brute-force-attacks/)
 * I’ve set Wordfence to automatically block IP that tries to log in to my site 
   with an invalid username. I have set it to block that IP for 60 days however 
   I’m seeing that Wordfence is only blocking for 2 hours (the setting I have for
   fake google bots or those that ping my site too frequently. Am I missing something?
 * [http://wordpress.org/extend/plugins/wordfence/](http://wordpress.org/extend/plugins/wordfence/)

Viewing 5 replies - 16 through 20 (of 20 total)

[←](https://wordpress.org/support/topic/blocking-brute-force-attacks/?output_format=md)
[1](https://wordpress.org/support/topic/blocking-brute-force-attacks/?output_format=md)
2

 *  [psybertron](https://wordpress.org/support/users/psybertron/)
 * (@psybertron)
 * [13 years ago](https://wordpress.org/support/topic/blocking-brute-force-attacks/page/2/#post-3668722)
 * I see DreamHost is reporting a second consecutive day of brute force attacks 
   aimed at WordPress, but affecting all their users.
 * Is this just an ongoing hangover from those users that didn’t fix their vulnerable
   admin user ID’s and pw’s last month, or is this attacking a new vulnerability?
 *  [JacobN](https://wordpress.org/support/users/jacobn/)
 * (@jacobn)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/blocking-brute-force-attacks/page/2/#post-3668730)
 * [@psybertron](https://wordpress.org/support/users/psybertron/)
 * There are still multiple reports of this same WordPress brute force attack continuing
   across multiple providers.
 * It’s not as wide-scale as when it first seemed to really pick up back in the 
   middle of April, but these attacks will probably continue to trickle on for quite
   some time until the botnet as a whole has stopped or moved on to something else.
 * – Jacob
 *  [Steven Christenson](https://wordpress.org/support/users/stevenstarcircleacademycom/)
 * (@stevenstarcircleacademycom)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/blocking-brute-force-attacks/page/2/#post-3668742)
 * Chinese comment spam robots resulted in my (low brow) site host shutting me down.
   While I saw thousands of attempts at my login, there were 65,000 attempts to 
   post comments on one of my (old) posts. Seems the robots love me!
 * I’d point you to the article on my page regarding which subnets (all Chinese)
   I ended up blocking, but I think that such links are frowned upon. If you search
   for “Chinese Comment Spam robots” in Google you should find it.
 * On a related note, I wonder how WordFence and Bulletproof are head to head. Bullet
   proof adds a ton or rules to htaccess. Eventutally I gotta think that will end
   up with more overhead than processing the PHP itself.
 *  [dj_ricoh](https://wordpress.org/support/users/dj_ricoh/)
 * (@dj_ricoh)
 * [12 years, 1 month ago](https://wordpress.org/support/topic/blocking-brute-force-attacks/page/2/#post-3668781)
 * i just deleted the admin user and made a new super user .
    for display when i
   post i rename it and now everything its perfect. they keep try to access the 
   admin user but there is no more. 🙂
 *  [qwerty_123](https://wordpress.org/support/users/qwerty_123/)
 * (@qwerty_123)
 * [12 years, 1 month ago](https://wordpress.org/support/topic/blocking-brute-force-attacks/page/2/#post-3668782)
 * [Flarewall](http://flarewall.net) sends banned IP addresses triggered in CSF 
   to the block list at CloudFlare. It’s worth a look.

Viewing 5 replies - 16 through 20 (of 20 total)

[←](https://wordpress.org/support/topic/blocking-brute-force-attacks/?output_format=md)
[1](https://wordpress.org/support/topic/blocking-brute-force-attacks/?output_format=md)
2

The topic ‘Blocking Brute Force Attacks’ is closed to new replies.

 * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865)
 * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordfence/)
 * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/)

## Tags

 * [automation](https://wordpress.org/support/topic-tag/automation/)
 * [brute force attacks](https://wordpress.org/support/topic-tag/brute-force-attacks/)
 * [IP blocking](https://wordpress.org/support/topic-tag/ip-blocking/)

 * 20 replies
 * 9 participants
 * Last reply from: [qwerty_123](https://wordpress.org/support/users/qwerty_123/)
 * Last activity: [12 years, 1 month ago](https://wordpress.org/support/topic/blocking-brute-force-attacks/page/2/#post-3668782)
 * Status: not resolved