Forum Topic: Defense Against Brute Login Attempts?

Forum: .htaccess Forum : WordPress • Posted by Yael Miller • Post Date:

My sites (luckily not my main site) are under such a heavy brute login attempts that my web host has suspended my account until the traffic dies down.

What can I do for the future?

There's the Limit Login Attempts plugin but is there a way to limit login attempts in the .htaccess?

What about other tricks?

I just added the block proxy servers from Section 7.5

2 Replies to “Defense Against Brute Login Attempts?”

Jeff Starr
Posted by Jeff Starr

I recommend implementing HTTP authentication (password protection) for the login page. Also, make sure you are using strong passwords. There is HTTP authentication information in the book, and at my site here: https://perishablepress.com/htaccess-password-protection-tricks/

Alternately, you can use a plugin such as LoginLock or similar to block repeated attempts bu putting their IP on a blacklist.

Posted by Yael Miller •

Thanks.