[wp-hackers] Admin Login Brute Force Attacks

Abdussamad Abdurrazzaq abdussamad at abdussamad.com
Thu Mar 21 03:06:08 UTC 2013


I do the blocking server side with fail2ban and a modified version of wp 
fail2ban plugin:

http://abdussamad.com/archives/616-Stop-Brute-Force-WordPress-Login-Attempts-with-Fail2Ban.html

The advantage of this approach is that if you have a multisite 
installation all failed login attempts at all sites are taken into 
account. Also it's more efficient to block at the firewall level than at 
the application level.



More information about the wp-hackers mailing list