Hi –
You should consider getting an SSL certification from your domain provider. It’s cheap (or free) and will help your security efforts. Take a look at this information: https://jetpack.com/2019/02/02/keep-your-site-secure-with-an-ssl-certificate/
Am sorry for the late response. I was waiting for WordPress to send a reply update on email but did not get.
But Your response did not relate to what am asking. I know what SSL means and cannot in any way be used as a defence against brute-force attack.
HTTP Basic Authentication make use any user accessing the site login with a username and password first, hence making it hard for external API to connect into the site (in this case */wp-admin/ or /wp-login.php)
Below is a Typical error that will be displayed.
WordPress.com was unable to reach your site and approve the connection. Try again by clicking the button above; if that doesn't work you may need to contact support.
Error Details
cURL error 28: Operation timed out after 30001 milliseconds with 0 bytes received
My Last Resolution That works on one of the sites:
=> Upgrading to PHP 7.3
=> Made sure Mod_Sec is still disabled (Default setting)
=> Update Jetpack to Latest Version (7.2.1)
=> Create custom php.ini with values below
max_execution_time = 120
max_input_time = 120
max_input_vars = 2000
memory_limit = 512M
post_max_size = 200M
So Basically HTTP Authentication May not be responsible, probably from Hosting Server.