Support » Plugin: Limit Login Attempts » [Plugin: Limit Login Attempts] Several Notifications For IP Block…

Viewing 1 replies (of 1 total)
  • Plugin Author johanee

    (@johanee)

    I cannot comment on your legal situation.

    If you are under active attack I would recommend:
    1. Make sure you use strong passwords (12+ truly random characters). Personally I use a password manager and 15-20 character passwords because, why not?
    2. Most bot-style attacks go for the “admin” user. You might want to avoid this username if possible.
    3. Perhaps strengthen the plugin options somewhat: 2-3 allowed attempts, 24h for retries to reset.

    If you have a strong password it is almost impossible to brute force it when login attempts are limited. We’re talking age of the universe timespans here.

    If they truly hammer your site it is still annoying of course, and possibly a performance/DDOS issue if they go all out. In that case you might want to look into blocking the IP in htaccess.

Viewing 1 replies (of 1 total)
  • The topic ‘[Plugin: Limit Login Attempts] Several Notifications For IP Block…’ is closed to new replies.