WordPress.org

Support

Support » Plugins and Hacks » iThemes Security (formerly Better WP Security) » Feature Request: Automatically Block wp-admin if more than XX lockouts happened

Feature Request: Automatically Block wp-admin if more than XX lockouts happened

  • Hi
    It seems that attackers got more sophisticated and are attacking from several ips at the same time to bypass the Lockout notification.

    Can you add a feature that would temporary block the admin panel for everybody after a given number of failed login attemps? Lets say there are 3 lockouts in the timespan on XX minutes I want wp-admin to be blocked entirely for few hours.

    At the moment I have to connect with my phone and manually block that with .htaccess rule to stop the attack.

    Thanks!

    http://wordpress.org/extend/plugins/better-wp-security/

Viewing 1 replies (of 1 total)
  • 1. Goto menu > Security > Login Limits > turn on the Enable Login Limits.
    2. Goto menu > Security > Login Limits > turn on the Blacklist Repeat Offender and it will automatically ban the repeated visitors.
    3. Goto menu > Security > Login Limits > set value:3 for Blacklist Threshold.

    You don’t have to edit the .htaccess file, you can put the IPs on this plugin by goto menu > Security > Ban Users > turn on the Enable Banned Users and put the IPs on Ban Hosts.

Viewing 1 replies (of 1 total)
  • The topic ‘Feature Request: Automatically Block wp-admin if more than XX lockouts happened’ is closed to new replies.
Skip to toolbar