Being a WordPress blogger it is obvious that you are much concerned about the blog security. We all like to keep our blogs secure against the hackers. WordPress users are lucky enough that there are several security plugins and other template tweaks to safeguard the blog from hacking attempts. One of them is changing the default wordpress username ‘admin‘. If you haven’t done this yet, I strongly recommend to do it by referring here.
You should know that by default wordPress allows unlimited login attempts through the login page. It may encourage the potential hackers to give a try! It can be prevented by using Limit Login Attempts plugin. It helps the admin to limit the number of login attempts possible both through normal login as well as using auth cookies. Brute force is one of the oldest form of hacking, where a hacker run a script and attempt to login to your account by trying different combination from dictionary Words. Depending upon complexity of your password, it may take 1 hour to few days to get access to your account. This is one reason, why I keep asking you to stop using “admin” username, and change it to something else. Also, always use a complex password.
Limit logins Plugin Features
- Limit the number of retry attempts when logging in (for each IP)
- Limit the number of attempts to log in using auth cookies in same way
- Informs user about remaining retries or lockout time on login page
- Optional logging, optional email notification
- Handles server behind reverse proxy
- Plugin options page:
- Login error page:
- Email I got after a lockout:
If you are getting too much hacking attempts, you can use wordpress Stealth Login plugin. It helps you to create custom URLs for logging in.
- 7 Essential WordPress security tips
- Top WordPress security plugins to check hacked blog
- Top security plugins for WordPress to protect WordPress blog
Do share other useful WordPress plugins which you use to keep your WordPress blog safe and secure?