Support » Plugin: Wordfence Security - Firewall & Malware Scan » How to prevent brute force

  • Resolved Est1Cem4G

    (@levanii)


    Hello. I just started using wordfence and i love this plugin. I want to block all ips automatically when they are trying to gain access by guessing password/username. But i want to block ip only accesing from wp-admin or login page. not from all website. How can i set it. So they still will be able to visit website. But not be able to visit login page. (i don’t have any registered user on website) So login page is only for admin. But there are so many “guest” that are trying to gain access to it.
    I have seen on other websites after 1 failed attempt locks out visitor here is photo what i mean See screenshot
    thanks

    • This topic was modified 4 months, 2 weeks ago by Est1Cem4G.
    • This topic was modified 4 months, 2 weeks ago by Est1Cem4G.
Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support wfphil

    (@wfphil)

    Hi @levanii

    To prevent brute force login attacks please use our recommended settings here:

    https://www.wordfence.com/help/firewall/brute-force/

    thanks

    @wfphil but this brute force attack protection only locks out ips that trying to gain access in admin area right? Does it also lock out bots and crawlers?
    I mean it locks also bots that are trying to gain access in admin area not crawlers(for example google crawler) right?

    • This reply was modified 4 months, 2 weeks ago by Est1Cem4G.
    • This reply was modified 4 months, 2 weeks ago by Est1Cem4G.
    Plugin Support wfphil

    (@wfphil)

    Hi @levanii

    The brute force login attack prevention will not block legitimate friendly bots like Google’s web crawler Googlebot as Googlebot will not attempt to login to WordPress.

    Only IP addresses that attempt to login multiple times will be blocked based on the settings that you set.

    Yes, google bot isn’t trying to get access. But how can i protect site from unwanted bot traffic

    • This reply was modified 4 months, 2 weeks ago by Est1Cem4G.
    Plugin Support wfphil

    (@wfphil)

    Hi @levanii

    Thank you for the update.

    Your brute force login attack prevention rule settings will block bots that do try to login multiple times.

Viewing 6 replies - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.