A Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in. Brute Force Login Protection is a lightweight plugin that protects your website against brute force login attacks using .htaccess.
After a specified limit of login attempts within a specified time, the IP address of the hacker will be blocked.
- Limit the number of allowed login attempts using normal login form
- Limit the number of allowed login attempts using Auth Cookies
- Manually block/unblock IP addresses
- Manually whitelist trusted IP addresses
- Delay execution after a failed login attempt (to slow down brute force attack)
- Option to inform user about remaining attempts on login page
- Option to email administrator when an IP has been blocked
- Custom message to show to blocked users
If you'd like to make a contribution to the Brute Force Login Protection plugin, you can submit a pull request to our GitHub Repository. You can also create a thread in our Support Forum. Your feedback is highly appreciated!
If you'd like to make a donation to the Brute Force Login Protection plugin, you can do so via PayPal by clicking here.
|Version||Release Date||Change Log|