A Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in.
BruteForceProtector is a lightweight plugin that protects your website against brute force login attacks using .htaccess.
After a specified limit of login attempts within a specified time, the IP address of the hacker will be blocked.
- Limit the number of allowed login attempts using normal login form
- Limit the number of allowed login attempts using Auth Cookies
- Manually block/unblock IP addresses
- Manually whitelist trusted IP addresses
- Delay execution after a failed login attempt (to slow down brute force attack)
- Option to inform user about remaining attempts on login page
- Option to email administrator when an IP has been blocked
- Custom message to show to blocked users
Download the v1.1 from Here
- Install the plugin either via the WordPress.org plugin directory, or by uploading the files to your wp-content/plugin directory.
- Activate the plugin through the WordPress admin panel.
- Customize the settings on the settings page.
- Done!
.htaccess is a configuration file for use on web servers running the Apache Web Server software. When a .htaccess file is placed in a directory which is in turn 'loaded via the Apache Web Server', then the .htaccess file is detected and executed by the Apache Web Server software. These .htaccess files can be used to alter the configuration of the Apache Web Server software to enable/disable additional functionality and features that the Apache Web Server software has to offer. These facilities include basic redirect functionality, for instance if a 404 file not found error occurs, or for more advanced functions such as content password protection or image hot link prevention.
FB : https://web.facebook.com/amine.developer
Email : mohammed.amine.smahi@gmail.com