It seems that attackers got more sophisticated and are attacking from several ips at the same time to bypass the Lockout notification.
Can you add a feature that would temporary block the admin panel for everybody after a given number of failed login attemps? Lets say there are 3 lockouts in the timespan on XX minutes I want wp-admin to be blocked entirely for few hours.
At the moment I have to connect with my phone and manually block that with .htaccess rule to stop the attack.
- The topic ‘Feature Request: Automatically Block wp-admin if more than XX lockouts happened’ is closed to new replies.