• X

    Limit Login Attempt : Secure WordPress from Brute Force Attack

    By in Wordpress plugin

    Bluehost hosting

    Being a WordPress blogger it is obvious that you are much concerned about the blog security. We all like to keep our blogs secure against the hackers. WordPress users are lucky enough that there are several security plugins and other template tweaks to safeguard the blog from hacking attempts. One of them is changing the default wordpress username ‘admin‘. If you haven’t done this yet, I strongly recommend to do it by referring here.

    You should know that by default wordPress allows unlimited login attempts through the login page. It may encourage the potential hackers to give a try! It can be prevented by using Limit Login Attempts plugin. It helps the admin to limit the number of login attempts possible both through normal login as well as using auth cookies. Brute force is one of the oldest form of hacking, where a hacker run a script and attempt to login to your account by trying different combination from dictionary Words. Depending upon complexity of your password, it may take 1 hour to few days to get access to your account. This is one reason, why I keep asking you to stop using “admin” username, and change it to something else. Also, always use a complex password.

    Limit logins Plugin Features

    • Limit the number of retry attempts when logging in (for each IP)
    • Limit the number of attempts to log in using auth cookies in same way
    • Informs user about remaining retries or lockout time on login page
    • Optional logging, optional email notification
    • Handles server behind reverse proxy

    Screenshots

    • Plugin options page:
      LoginAttempts screenshot1 520x328 Limit Login Attempt : Secure WordPress from Brute Force Attack
    • Login error page:
      LoginAttempts screenshot2 254x300 Limit Login Attempt : Secure WordPress from Brute Force Attack
    • Email I got after a lockout:
      LoginAttempts screenshot3 Limit Login Attempt : Secure WordPress from Brute Force Attack

    [Plugin download page]

    If you are getting too much hacking attempts, you can use wordpress Stealth Login plugin. It helps you to create custom URLs for logging in.

    Do share other useful WordPress plugins which you use to keep your WordPress blog safe and secure?

    This is a guest post by Shafar who blogs at TipsBlogger. If you like to write for Shoutmeloud, do read: Shoutmeloud revenue sharing program.

    Subscribe to Download WordPress Guide Worth $99

    Discover more awesome articles

    Article by

    Shafar has written 1 articles.

    If you like This post, you can follow ShoutMeLoud on Twitter. Subscribe to Blogging tips via RSS or EMAIL to receive instant updates.

    { 14 comments… read them below or add one }

    Arijitblog

    Helpful Wordpress plugin for blog safety!! :) No more Hacking of the blog “admin panel”… :)

    Thanks for sharing with us!! :)

    Reply

    Dev

    Great Plugin,
    I’m currently using login lock down plugin.
    Now going to try this plugin.
    Thanks for sharing !! Good Job.

    ~Dev

    Reply

    Shafar

    ‘Login LockDown’ is a good alternative. If you are not satisfied with it, you can try ‘Limit Login Attempts’. :)
    Regards.

    Reply

    Tech Maish

    Shafar thanks for shairng this plugin. I am using it and is very useful for worpdress bloggers.

    Reply

    Shafar

    Yeah it’s indeed a great plugin to use especially when our blog becomes popular.

    Reply

    vijay

    Recently i have set up my Wordpress blog,I think this plug in will be very useful for me….

    Reply

    Shafar

    Good to hear that. Hope you too are receiving some lockout emails as shown in the screenshot. :D

    Reply

    Mani Viswanathan

    I’m using Login LockDown as well as Stealth login. This is an alternative..Also as Harsh had mentioned in his earlier post its important to change default username and to hide the wordpress version to avoid exploits.

    Reply

    Shafar

    Those are very good plugins for blog security. In case of ‘Stealth login’, we just need to give the login URL to the authors if our blog is multi-authored.

    Reply

    Meezan Rahman

    I have an article site of 13 subscribed author(including myself) and a little bit worried about my sites security as it is a quite new site of mine. Definitely this plug-in will give me a shy of relief.

    Thanks for the nice post.

    Reply

    Ron | Travel Bangladesh

    Yes, that’s a useful plugin.

    Thanks for blogging about it.

    Reply

    Tran Tinh

    I am now using Lockdown plugin and very happy. Thanks for sharing this

    Reply

    Himanshu

    nice plugin. will help from random attempts.

    Reply

    Social Natural

    Also try “Lockdown WP Admin” as a better alternative to “Stealth Login”, which didn’t work for me due to it being outdated for 2 years. Lockdown WP Admin does the same thing as Stealth Login, but with additional features and updated.

    http://wordpress.org/extend/plugins/lockdown-wp-admin/

    Reply

    Leave a Comment

    Previous post:

    Next post:

    `