BruteProtect is a cloud-powered Brute Force attack prevention plugin and the best protection against botnet attacks.
I'm always amazed by how many attempts BruteProtect stops without even a hint of a performance hit.
The ability to setup automated plugin updates across my connected sites is also a nice plus.
An essential plug-in for dealing with the inevitable onslaught of brute force log-ins.
'BruteProtect Shield is a cloud-powered brute force attack prevention plugin and the best protection against botnet attacks. It is now and will always be 100% free.'
Was using an IP blocker that started slowing down the sites because of the sheer number of attacks. Switched to BP and the performance issues went away.
Great community based botnet prevention.
If only this plugin could be extended to also protect DDOS on index.php and XMLRPC.php (both of which appear to get hammered) that would be amazing!
I'm not sure what the previous reviewer, phatwp, is talking about. This does NOT slow down your website, it effectively kills all the annoying bot attacks in an instant with no effect on website performance.
Works hand-in-hand with Wordfence, I couldn't be happier. Props to the devs.
stopped an ongoing attack.
helps me sleep at night.
I'm using Wordfence to inform me about brute force attacks to my admin. Since yesterday I started getting around 200 messages per hour about blocked attempts to log to the admin. Tried pretty much everything before using BruteProtect and no luck.
Glad that I've found it, so those annoying attempts are somewhat limited or stopped.
This plugin is the best solution yet for preventing brute force login attacks on WP sites. I've tried various other solutions (.htaccess, limit login attempts plugin, etc) but the brute forcers have found ways around all of those.
In addition, the team at bruteprotect is responsive with their support and actively working to improve the plugin. Keep up the good work!!!
Their "phone home" server had some glitches, but they jumped right on a fix and upgrades to avoid future problems. It has been rock solid until this one glitch, so I expect it will be reliable in the future.
Edit update: All seems to be very stable now, have not had any issues for 9 months and and quite impressed haw few spurious login attempts get through now...
<s>The error routine needs to be a bit more robust - i.e. if the server is down, it needs to fail more gracefully. I was able to log into my site after returning to the log-in form a second time - the failsafe did not appear at first.</s>
Otherwise a great concept and has reduced the deluge of hack attempts to a tiny trickle.
I have had no issues out of this plug in. It does what it says it will do and adds a layer of protection. I tested on one site and have since added it to all of the sites I use.
You must log in to submit a review. You can also log in or register using the form near the top of this page.