Forum Topic: Defense Against Brute Login Attempts?

Forum: .htaccess Forum : WordPress • Posted by Yael Miller • Post Date: Thursday, April 11th, 2013 @ 3:19 pm

My sites (luckily not my main site) are under such a heavy brute login attempts that my web host has suspended my account until the traffic dies down.

What can I do for the future?

There’s the Limit Login Attempts plugin but is there a way to limit login attempts in the .htaccess?

What about other tricks?

I just added the block proxy servers from Section 7.5

2 Replies to “Defense Against Brute Login Attempts?”

Posted by Jeff Starr • Friday, April 12th, 2013

I recommend implementing HTTP authentication (password protection) for the login page. Also, make sure you are using strong passwords. There is HTTP authentication information in the book, and at my site here: https://perishablepress.com/htaccess-password-protection-tricks/

Alternately, you can use a plugin such as LoginLock or similar to block repeated attempts bu putting their IP on a blacklist.

Posted by Yael Miller • Thursday, May 2nd, 2013

Thanks.

← Best redirect method that keeps SEO and page rank

Questions on the proper way to allow and deny →

.htaccess made easy

improve security & performance

Forum Topic: Defense Against Brute Login Attempts?

2 Replies to “Defense Against Brute Login Attempts?”