Works well against brute force attacks

Honestly haven’t used any other part of the plugin other than the “Hide Backend” feature which works perfectly. Brilliant, simple execution. Was in the midst of a brute force attack and between killing processes on the server and installing this plugin, once the hide feature was activated the attack subsided and the server load dropped back to normal. This seems to be the only current defense against these types of wp-login attacks. Installed it on about 7 single sites, and one multisite install with 40 websites and it works.

Do yourself a favor and DO NOT install any type of login blacklisting plugins like WP Security Solution, or Login Lockdown. They can’t handle the 1000s of IPs blasted at them by these attacks and basically create a DoS on your server while trying to respond and write to the database. If you use ANYTHING in Better WP Security, use the “Hide backend” feature. It works.

The only thing I wish this plugin had was the ability to customize the fail response. Would be fun to respond with a 500 instead of 404.